mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-17 15:37:01 +00:00
fix missing template_url for pd signed templates when executed from custom path (#5644)
This commit is contained in:
Ramana Reddy
GitHub
parent
0a536e6ce0
commit
3d2f31a56f
@ -15,6 +15,7 @@ import (
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/catalog"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader/filter"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/keys"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/model/types/severity"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/templates"
|
||||
@ -434,7 +435,7 @@ func (store *Store) LoadTemplatesWithTags(templatesList, tags []string) []*templ
|
||||
// increment signed/unsigned counters
|
||||
if tmpl.Verified {
|
||||
if tmpl.TemplateVerifier == "" {
|
||||
templates.SignatureStats[templates.PDVerifier].Add(1)
|
||||
templates.SignatureStats[keys.PDVerifier].Add(1)
|
||||
} else {
|
||||
templates.SignatureStats[tmpl.TemplateVerifier].Add(1)
|
||||
}
|
||||
|
||||
@ -3,5 +3,7 @@ package keys
|
||||
|
||||
import _ "embed"
|
||||
|
||||
const PDVerifier = "projectdiscovery/nuclei-templates"
|
||||
|
||||
//go:embed nuclei.crt
|
||||
var NucleiCert []byte // public key for verifying digital signature of templates
|
||||
|
||||
@ -190,6 +190,7 @@ type ResultEvent struct {
|
||||
FuzzingPosition string `json:"fuzzing_position,omitempty"`
|
||||
|
||||
FileToIndexPosition map[string]int `json:"-"`
|
||||
TemplateVerifier string `json:"-"`
|
||||
Error string `json:"error,omitempty"`
|
||||
}
|
||||
|
||||
@ -263,7 +264,7 @@ func NewStandardWriter(options *types.Options) (*StandardWriter, error) {
|
||||
func (w *StandardWriter) Write(event *ResultEvent) error {
|
||||
// Enrich the result event with extra metadata on the template-path and url.
|
||||
if event.TemplatePath != "" {
|
||||
event.Template, event.TemplateURL = utils.TemplatePathURL(types.ToString(event.TemplatePath), types.ToString(event.TemplateID))
|
||||
event.Template, event.TemplateURL = utils.TemplatePathURL(types.ToString(event.TemplatePath), types.ToString(event.TemplateID), event.TemplateVerifier)
|
||||
}
|
||||
|
||||
if len(w.KeysToRedact) > 0 {
|
||||
@ -435,7 +436,7 @@ func (w *StandardWriter) WriteFailure(wrappedEvent *InternalWrappedEvent) error
|
||||
// if no results were found, manually create a failure event
|
||||
event := wrappedEvent.InternalEvent
|
||||
|
||||
templatePath, templateURL := utils.TemplatePathURL(types.ToString(event["template-path"]), types.ToString(event["template-id"]))
|
||||
templatePath, templateURL := utils.TemplatePathURL(types.ToString(event["template-path"]), types.ToString(event["template-id"]), types.ToString(event["template-verifier"]))
|
||||
var templateInfo model.Info
|
||||
if event["template-info"] != nil {
|
||||
templateInfo = event["template-info"].(model.Info)
|
||||
|
||||
@ -348,6 +348,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(request.options.TemplateID),
|
||||
TemplatePath: types.ToString(request.options.TemplatePath),
|
||||
Info: request.options.TemplateInfo,
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Matched: types.ToString(wrapped.InternalEvent["input"]),
|
||||
Host: fields.Host,
|
||||
|
||||
@ -114,6 +114,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: types.ToString(wrapped.InternalEvent["host"]),
|
||||
Matched: types.ToString(wrapped.InternalEvent["matched"]),
|
||||
|
||||
@ -104,6 +104,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Path: types.ToString(wrapped.InternalEvent["path"]),
|
||||
Matched: types.ToString(wrapped.InternalEvent["matched"]),
|
||||
|
||||
@ -137,6 +137,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Path: fields.Path,
|
||||
|
||||
@ -170,6 +170,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Port: fields.Port,
|
||||
|
||||
@ -766,6 +766,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Port: fields.Port,
|
||||
|
||||
@ -100,13 +100,14 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
fields.Ip = types.ToString(wrapped.InternalEvent["ip"])
|
||||
}
|
||||
data := &output.ResultEvent{
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Port: fields.Port,
|
||||
URL: fields.URL,
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Port: fields.Port,
|
||||
URL: fields.URL,
|
||||
Matched: types.ToString(wrapped.InternalEvent["matched"]),
|
||||
ExtractedResults: wrapped.OperatorsResult.OutputExtracts,
|
||||
Metadata: wrapped.OperatorsResult.PayloadValues,
|
||||
|
||||
@ -142,6 +142,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Path: types.ToString(wrapped.InternalEvent["path"]),
|
||||
Matched: types.ToString(wrapped.InternalEvent["matched"]),
|
||||
|
||||
@ -61,6 +61,8 @@ type ExecutorOptions struct {
|
||||
TemplatePath string
|
||||
// TemplateInfo contains information block of the template request
|
||||
TemplateInfo model.Info
|
||||
// TemplateVerifier is the verifier for the template
|
||||
TemplateVerifier string
|
||||
// RawTemplate is the raw template for the request
|
||||
RawTemplate []byte
|
||||
// Output is a writer interface for writing output events from executer.
|
||||
|
||||
@ -398,6 +398,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(wrapped.InternalEvent["template-id"]),
|
||||
TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),
|
||||
Info: wrapped.InternalEvent["template-info"].(model.Info),
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Port: fields.Port,
|
||||
|
||||
@ -402,6 +402,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(request.options.TemplateID),
|
||||
TemplatePath: types.ToString(request.options.TemplatePath),
|
||||
Info: request.options.TemplateInfo,
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: fields.Host,
|
||||
Port: fields.Port,
|
||||
|
||||
@ -177,6 +177,7 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
|
||||
TemplateID: types.ToString(request.options.TemplateID),
|
||||
TemplatePath: types.ToString(request.options.TemplatePath),
|
||||
Info: request.options.TemplateInfo,
|
||||
TemplateVerifier: request.options.TemplateVerifier,
|
||||
Type: types.ToString(wrapped.InternalEvent["type"]),
|
||||
Host: types.ToString(wrapped.InternalEvent["host"]),
|
||||
Metadata: wrapped.OperatorsResult.PayloadValues,
|
||||
|
||||
@ -36,8 +36,7 @@ var (
|
||||
)
|
||||
|
||||
const (
|
||||
Unsigned = "unsigned"
|
||||
PDVerifier = "projectdiscovery/nuclei-templates"
|
||||
Unsigned = "unsigned"
|
||||
)
|
||||
|
||||
func init() {
|
||||
@ -420,7 +419,7 @@ func parseTemplate(data []byte, options protocols.ExecutorOptions) (*Template, e
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
options.TemplateVerifier = template.TemplateVerifier
|
||||
if !(template.Verified && verifier.Identifier() == "projectdiscovery/nuclei-templates") {
|
||||
template.Options.RawTemplate = data
|
||||
}
|
||||
|
||||
@ -4,6 +4,7 @@ import (
|
||||
"github.com/pkg/errors"
|
||||
|
||||
"github.com/projectdiscovery/gologger"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/keys"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/model"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/protocols"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/utils/stats"
|
||||
@ -105,7 +106,7 @@ func parseWorkflowTemplate(workflow *workflows.WorkflowTemplate, preprocessor Pr
|
||||
// increment signed/unsigned counters
|
||||
if template.Verified {
|
||||
if template.TemplateVerifier == "" {
|
||||
SignatureStats[PDVerifier].Add(1)
|
||||
SignatureStats[keys.PDVerifier].Add(1)
|
||||
} else {
|
||||
SignatureStats[template.TemplateVerifier].Add(1)
|
||||
}
|
||||
|
||||
@ -167,7 +167,7 @@ func (m *MockOutputWriter) WriteFailure(wrappedEvent *output.InternalWrappedEven
|
||||
|
||||
// create event
|
||||
event := wrappedEvent.InternalEvent
|
||||
templatePath, templateURL := utils.TemplatePathURL(types.ToString(event["template-path"]), types.ToString(event["template-id"]))
|
||||
templatePath, templateURL := utils.TemplatePathURL(types.ToString(event["template-path"]), types.ToString(event["template-id"]), types.ToString(event["template-verifier"]))
|
||||
var templateInfo model.Info
|
||||
if ti, ok := event["template-info"].(model.Info); ok {
|
||||
templateInfo = ti
|
||||
|
||||
@ -4,6 +4,7 @@ import (
|
||||
"strings"
|
||||
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
|
||||
"github.com/projectdiscovery/nuclei/v3/pkg/keys"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -12,16 +13,13 @@ const (
|
||||
)
|
||||
|
||||
// TemplatePathURL returns the Path and URL for the provided template
|
||||
func TemplatePathURL(fullPath, templateId string) (string, string) {
|
||||
var templateDirectory string
|
||||
func TemplatePathURL(fullPath, templateId, templateVerifier string) (path string, url string) {
|
||||
configData := config.DefaultConfig
|
||||
if configData.TemplatesDirectory != "" && strings.HasPrefix(fullPath, configData.TemplatesDirectory) {
|
||||
templateDirectory = configData.TemplatesDirectory
|
||||
} else {
|
||||
return "", ""
|
||||
path = strings.TrimPrefix(strings.TrimPrefix(fullPath, configData.TemplatesDirectory), "/")
|
||||
}
|
||||
|
||||
finalPath := strings.TrimPrefix(strings.TrimPrefix(fullPath, templateDirectory), "/")
|
||||
templateURL := TemplatesRepoURL + templateId
|
||||
return finalPath, templateURL
|
||||
if templateVerifier == keys.PDVerifier {
|
||||
url = TemplatesRepoURL + templateId
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user