From 55a4da5dab00da8d0885104d2ac44b761c79d580 Mon Sep 17 00:00:00 2001 From: mzack Date: Wed, 23 Mar 2022 16:26:05 +0100 Subject: [PATCH 1/2] Adding HexOrString helper --- v2/pkg/reporting/format/format.go | 7 +++++-- v2/pkg/types/interfaces.go | 16 ++++++++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/v2/pkg/reporting/format/format.go b/v2/pkg/reporting/format/format.go index 14153037e..6e3757074 100644 --- a/v2/pkg/reporting/format/format.go +++ b/v2/pkg/reporting/format/format.go @@ -2,6 +2,7 @@ package format import ( "bytes" + "crypto/rand" "fmt" "strconv" "strings" @@ -54,7 +55,9 @@ func MarkdownDescription(event *output.ResultEvent) string { // TODO remove the if event.Request != "" { builder.WriteString("\n**Request**\n\n```http\n") - builder.WriteString(event.Request) + token := make([]byte, 2500) + rand.Read(token) + builder.WriteString(types.ToHexOrString(token)) builder.WriteString("\n```\n") } if event.Response != "" { @@ -135,7 +138,7 @@ func MarkdownDescription(event *output.ResultEvent) string { // TODO remove the if event.CURLCommand != "" { builder.WriteString("\n**CURL Command**\n```\n") - builder.WriteString(event.CURLCommand) + builder.WriteString(types.ToHexOrString(event.CURLCommand)) builder.WriteString("\n```") } diff --git a/v2/pkg/types/interfaces.go b/v2/pkg/types/interfaces.go index b92064dcb..25dd68567 100644 --- a/v2/pkg/types/interfaces.go +++ b/v2/pkg/types/interfaces.go @@ -3,10 +3,12 @@ package types import ( + "encoding/hex" "fmt" "strconv" "strings" + "github.com/asaskevich/govalidator" "github.com/projectdiscovery/nuclei/v2/pkg/model/types/severity" ) @@ -75,6 +77,20 @@ func ToString(data interface{}) string { } } +func ToHexOrString(data interface{}) string { + switch s := data.(type) { + case string: + if govalidator.IsASCII(s) { + return s + } + return hex.Dump([]byte(s)) + case []byte: + return hex.Dump(s) + default: + return fmt.Sprintf("%v", data) + } +} + // ToStringSlice casts an interface to a []string type. func ToStringSlice(i interface{}) []string { var a []string From 906e6e3e9468cf422a48c5aec90fca810301c64a Mon Sep 17 00:00:00 2001 From: mzack Date: Wed, 23 Mar 2022 16:31:42 +0100 Subject: [PATCH 2/2] removing test code --- v2/pkg/reporting/format/format.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/v2/pkg/reporting/format/format.go b/v2/pkg/reporting/format/format.go index 6e3757074..0e18f1ac1 100644 --- a/v2/pkg/reporting/format/format.go +++ b/v2/pkg/reporting/format/format.go @@ -2,7 +2,6 @@ package format import ( "bytes" - "crypto/rand" "fmt" "strconv" "strings" @@ -55,9 +54,7 @@ func MarkdownDescription(event *output.ResultEvent) string { // TODO remove the if event.Request != "" { builder.WriteString("\n**Request**\n\n```http\n") - token := make([]byte, 2500) - rand.Read(token) - builder.WriteString(types.ToHexOrString(token)) + builder.WriteString(types.ToHexOrString(event.Request)) builder.WriteString("\n```\n") } if event.Response != "" {