From 33dbb51505c7fbcdb9ba229dafdb9e556f53ade5 Mon Sep 17 00:00:00 2001 From: Ramana Reddy <90540245+RamanaReddy0M@users.noreply.github.com> Date: Fri, 26 Jul 2024 00:01:05 +0530 Subject: [PATCH] fix unresolved `interactsh-url` variable with fuzzing (#5289) * fix unresolved interactsh variable with fuzzing * fix variables override with fuzzing --- pkg/fuzz/execute.go | 7 +++++-- pkg/fuzz/parts.go | 4 ++-- pkg/protocols/common/interactsh/const.go | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/pkg/fuzz/execute.go b/pkg/fuzz/execute.go index 4f33ba6dd..8eb57f6b4 100644 --- a/pkg/fuzz/execute.go +++ b/pkg/fuzz/execute.go @@ -167,9 +167,12 @@ func (rule *Rule) evaluateVarsWithInteractsh(data map[string]interface{}, intera if rule.options.Interactsh != nil { // Iterate through the data to replace and evaluate variables with Interactsh URLs for k, v := range data { + value := fmt.Sprint(v) // Replace variables with Interactsh URLs and collect new URLs - got, oastUrls := rule.options.Interactsh.Replace(fmt.Sprint(v), interactshUrls) - + got, oastUrls := rule.options.Interactsh.Replace(value, interactshUrls) + if got != value { + data[k] = got + } // Append new OAST URLs if any if len(oastUrls) > 0 { interactshUrls = append(interactshUrls, oastUrls...) diff --git a/pkg/fuzz/parts.go b/pkg/fuzz/parts.go index 6ab164329..86e1df9f9 100644 --- a/pkg/fuzz/parts.go +++ b/pkg/fuzz/parts.go @@ -181,9 +181,9 @@ func (rule *Rule) execWithInput(input *ExecuteRuleInput, httpReq *retryablehttp. // for fuzzing. func (rule *Rule) executeEvaluate(input *ExecuteRuleInput, _, value, payload string, interactshURLs []string) (string, []string) { // TODO: Handle errors - values := generators.MergeMaps(input.Values, map[string]interface{}{ + values := generators.MergeMaps(rule.options.Variables.GetAll(), map[string]interface{}{ "value": value, - }, rule.options.Options.Vars.AsMap(), rule.options.Variables.GetAll()) + }, rule.options.Options.Vars.AsMap(), input.Values) firstpass, _ := expressions.Evaluate(payload, values) interactData, interactshURLs := rule.options.Interactsh.Replace(firstpass, interactshURLs) evaluated, _ := expressions.Evaluate(interactData, values) diff --git a/pkg/protocols/common/interactsh/const.go b/pkg/protocols/common/interactsh/const.go index 079940240..aad130d46 100644 --- a/pkg/protocols/common/interactsh/const.go +++ b/pkg/protocols/common/interactsh/const.go @@ -8,7 +8,7 @@ import ( var ( defaultInteractionDuration = 60 * time.Second - interactshURLMarkerRegex = regexp.MustCompile(`{{interactsh-url(?:_[0-9]+){0,3}}}`) + interactshURLMarkerRegex = regexp.MustCompile(`(%7[B|b]|\{){2}(interactsh-url(?:_[0-9]+){0,3})(%7[D|d]|\}){2}`) ErrInteractshClientNotInitialized = errors.New("interactsh client not initialized") )