diff --git a/cmd/nuclei/main_benchmark_test.go b/cmd/nuclei/main_benchmark_test.go index baf9dbfab..96ae39822 100644 --- a/cmd/nuclei/main_benchmark_test.go +++ b/cmd/nuclei/main_benchmark_test.go @@ -117,12 +117,12 @@ func runEnumBenchmark(b *testing.B, options *types.Options) { func BenchmarkRunEnumeration(b *testing.B) { // Default case: run enumeration with default options == all nuclei-templates - // b.Run("Default", func(b *testing.B) { - // options := getDefaultOptions() - // options.Targets = []string{targetURL} + b.Run("Default", func(b *testing.B) { + options := getDefaultOptions() + options.Targets = []string{targetURL} - // runEnumBenchmark(b, options) - // }) + runEnumBenchmark(b, options) + }) // Case: https://github.com/projectdiscovery/nuclei/pull/6258 b.Run("Multiproto", func(b *testing.B) { @@ -132,4 +132,53 @@ func BenchmarkRunEnumeration(b *testing.B) { runEnumBenchmark(b, options) }) + + // Case: https://github.com/projectdiscovery/nuclei/issues/6263 + b.Run("Flow", func(b *testing.B) { + options := getDefaultOptions() + options.Targets = []string{ + "https://google.com", + "https://youtube.com", + "https://facebook.com", + "https://baidu.com", + "https://wikipedia.org", + "https://qq.com", + "https://taobao.com", + "https://yahoo.com", + "https://tmall.com", + "https://amazon.com", + "https://twitter.com", + "https://sohu.com", + "https://live.com", + "https://jd.com", + "https://vk.com", + "https://instagram.com", + "https://sina.com.cn", + "https://weibo.com", + "https://reddit.com", + "https://login.tmall.com", + "https://360.cn", + "https://yandex.ru", + "https://linkedin.com", + "https://blogspot.com", + "https://netflix.com", + "https://twitch.tv", + "https://whatsapp.com", + "https://yahoo.co.jp", + "https://csdn.net", + "https://wordcamp.org", + } + + b.Run("Local-Scoping", func(b *testing.B) { + options.Templates = []string{"./cmd/nuclei/testdata/benchmark/flow/wordpress-readme-local-scoping.yaml"} + + runEnumBenchmark(b, options) + }) + + b.Run("Namespacing", func(b *testing.B) { + options.Templates = []string{"./cmd/nuclei/testdata/benchmark/flow/wordpress-readme-namespacing.yaml"} + + runEnumBenchmark(b, options) + }) + }) } diff --git a/cmd/nuclei/testdata/benchmark/flow/wordpress-readme-local-scoping.yaml b/cmd/nuclei/testdata/benchmark/flow/wordpress-readme-local-scoping.yaml new file mode 100644 index 000000000..618a44251 --- /dev/null +++ b/cmd/nuclei/testdata/benchmark/flow/wordpress-readme-local-scoping.yaml @@ -0,0 +1,56 @@ +id: wordpress_readme-scoping + +info: + name: WordPress readme detection + author: nisay759 + severity: info + tags: readme,wordpress,themes,plugins + +flow: | + // get imports from website's root + http(1); + + let uniq = Dedupe(); + + // get unique webroot of each import + for (let path of iterate(template["imports"])) { + let pathArray = path.split("/"); + let rootIdx = pathArray.indexOf("wp-content") + 3; + let finalUrl = pathArray.slice(0, rootIdx).join("/"); + uniq.Add(finalUrl); + } + + // for each import, look for readme + for (let url of iterate(uniq.Values())) { + set("target", url); + http(2); + } + +http: + # http(1) - Query web root and extract themes/plugins imports + - method: GET + redirects: true + path: + - "{{BaseURL}}" + + extractors: + - type: xpath + name: "imports" + internal: true + xpath: + - "/html/*/script/@src[contains(.,'wp-content/plugins/')]" + - "/html/*/script/@src[contains(.,'wp-content/themes/')]" + - "/html/*/style/@src[contains(.,'wp-content/themes/')]" + - "/html/*/img/@src[contains(.,'wp-content/themes/')]" + + # http(2) - Given a theme/plugin "target", look for Readme file + - method: GET + path: + - "{{target}}/README.md" + - "{{target}}/README.txt" + + stop-at-first-match: true + matchers: + - type: status + status: + - 200 \ No newline at end of file diff --git a/cmd/nuclei/testdata/benchmark/flow/wordpress-readme-namespacing.yaml b/cmd/nuclei/testdata/benchmark/flow/wordpress-readme-namespacing.yaml new file mode 100644 index 000000000..b7ef68516 --- /dev/null +++ b/cmd/nuclei/testdata/benchmark/flow/wordpress-readme-namespacing.yaml @@ -0,0 +1,56 @@ +id: wordpress_readme-namespacing + +info: + name: WordPress readme detection + author: nisay759 + severity: info + tags: readme,wordpress,themes,plugins + +flow: | + // get imports from website's root + http(1); + + template["{{BaseURL}}_results"] = Dedupe(); + + // get unique webroot of each import + for (let path of iterate(template["imports"])) { + let pathArray = path.split("/"); + let rootIdx = pathArray.indexOf("wp-content") + 3; + let finalUrl = pathArray.slice(0, rootIdx).join("/"); + template["{{BaseURL}}_results"].Add(finalUrl); + } + + // for each import, look for readme + for (let url of iterate(template["{{BaseURL}}_results"].Values())) { + set("target", url); + http(2); + } + +http: + # http(1) - Query web root and extract themes/plugins imports + - method: GET + redirects: true + path: + - "{{BaseURL}}" + + extractors: + - type: xpath + name: "imports" + internal: true + xpath: + - "/html/*/script/@src[contains(.,'wp-content/plugins/')]" + - "/html/*/script/@src[contains(.,'wp-content/themes/')]" + - "/html/*/style/@src[contains(.,'wp-content/themes/')]" + - "/html/*/img/@src[contains(.,'wp-content/themes/')]" + + # http(2) - Given a theme/plugin "target", look for Readme file + - method: GET + path: + - "{{target}}/README.md" + - "{{target}}/README.txt" + + stop-at-first-match: true + matchers: + - type: status + status: + - 200 \ No newline at end of file