Fixed some bugs with ssl protocols + misc enhancements

v2/pkg/operators/common/dsl/dsl.go

@@ -356,12 +356,8 @@ var functions = map[string]govaluate.ExpressionFunction{
 	},
 	// is_before_now compares a timestamp and returns true if the first
 	// passed argument is a time.Time that has already passed.
-	"is_time_before_now": func(args ...interface{}) (interface{}, error) {
+	"time_now": func(args ...interface{}) (interface{}, error) {
-		if len(args) != 1 {
+		return float64(time.Now().Unix()), nil
-			return nil, ErrDSLArguments
-		}
-		isBefore := time.Since(args[0].(time.Time)) > 0
-		return isBefore, nil
 	},
 }
 

v2/pkg/operators/common/dsl/dsl_test.go

@@ -2,7 +2,9 @@ package dsl
 
 import (
 	"testing"
+	"time"
 
+	"github.com/Knetic/govaluate"
 	"github.com/stretchr/testify/require"
 )
 
@@ -17,3 +19,12 @@ func TestDSLURLEncodeDecode(t *testing.T) {
 	require.Nil(t, err, "could not url encode")
 	require.Equal(t, "&test\"", decoded, "could not get url decoded data")
 }
+
+func TestDSLTimeComparison(t *testing.T) {
+	compiled, err := govaluate.NewEvaluableExpressionWithFunctions("time_now() > not_after", HelperFunctions())
+	require.Nil(t, err, "could not compare time")
+
+	result, err := compiled.Evaluate(map[string]interface{}{"not_after": float64(time.Now().Unix() - 1000)})
+	require.Nil(t, err, "could not evaluate compare time")
+	require.Equal(t, true, result, "could not get url encoded data")
+}

v2/pkg/protocols/others/ssl/ssl.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/pkg/errors"
 	"github.com/projectdiscovery/fastdialer/fastdialer"
+	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/nuclei/v2/pkg/operators"
 	"github.com/projectdiscovery/nuclei/v2/pkg/output"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
@@ -65,7 +66,7 @@ func (r *Request) ExecuteWithResults(input string, dynamicValues, previous outpu
 	if err != nil {
 		return nil
 	}
-	hostname, _, _ := net.SplitHostPort(input)
+	hostname, _, _ := net.SplitHostPort(address)
 
 	config := &tls.Config{InsecureSkipVerify: true, ServerName: hostname}
 	conn, err := r.dialer.DialTLSWithConfig(context.Background(), "tcp", address, config)
@@ -81,13 +82,16 @@ func (r *Request) ExecuteWithResults(input string, dynamicValues, previous outpu
 	if !ok {
 		return nil
 	}
+	r.options.Output.Request(r.options.TemplateID, address, "ssl", err)
+	gologger.Verbose().Msgf("Sent SSL request to %s", address)
+
 	if len(connTLS.ConnectionState().PeerCertificates) == 0 {
 		return nil
 	}
 	data := make(map[string]interface{})
 	cert := connTLS.ConnectionState().PeerCertificates[0]
 	data["host"] = input
-	data["not_after"] = cert.NotAfter
+	data["not_after"] = float64(cert.NotAfter.Unix())
 	data["ip"] = r.dialer.GetDialedIP(hostname)
 
 	event := &output.InternalWrappedEvent{InternalEvent: data}
@@ -116,6 +120,7 @@ func getAddress(toTest string) (string, error) {
 		} else {
 			toTest = parsed.Host
 		}
+		return toTest, nil
 	}
 	return toTest, nil
 }

v2/pkg/protocols/others/ssl/ssl_test.go

@@ -26,3 +26,8 @@ func TestSSLProtocol(t *testing.T) {
 	err = request.ExecuteWithResults("google.com:443", nil, nil, func(event *output.InternalWrappedEvent) {})
 	require.Nil(t, err, "could not run ssl request")
 }
+
+func TestGetAddress(t *testing.T) {
+	address, _ := getAddress("https://google.com")
+	require.Equal(t, "google.com:443", address, "could not get correct address")
+}

v2/pkg/protocols/others/utils/utils.go

@@ -62,7 +62,7 @@ func ExtractFunc(data map[string]interface{}, extractor *extractors.Extractor) m
 // MatchFunc performs matching operation for a matcher on model and returns true or false.
 func MatchFunc(data map[string]interface{}, matcher *matchers.Matcher) bool {
 	partItem, ok := data[matcher.Part]
-	if !ok {
+	if !ok && len(matcher.DSL) == 0 {
 		return false
 	}
 	item := types.ToString(partItem)