Merge remote-tracking branch 'upstream/dev'

2025-12-17 17:56:56 +00:00 · 2021-08-05 14:36:28 +03:00 · 2021-08-05 14:36:28 +03:00 · 75b21282ab
commit 75b21282ab
parent cc55e26446 ef7591d3c8
7 changed files with 41 additions and 28 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,13 +1,12 @@
 .idea
-v2/cmd/nuclei/nuclei
-v2/cmd/nuclei/main
-v2/cmd/integration-test/integration-test
-integration_tests/integration-test
 integration_tests/nuclei
-bin
-v2/pkg/protocols/common/helpers/deserialization/testdata/Deserialize.class
-v2/pkg/protocols/common/helpers/deserialization/testdata/ValueObject.class
-v2/pkg/protocols/common/helpers/deserialization/testdata/ValueObject2.ser
+integration_tests/integration-test
+v2/cmd/nuclei/main
+v2/cmd/nuclei/nuclei
+v2/cmd/integration-test/nuclei
 v2/cmd/functional-test/nuclei_dev
 v2/cmd/functional-test/nuclei_main
 v2/cmd/functional-test/functional-test
+v2/pkg/protocols/common/helpers/deserialization/testdata/Deserialize.class
+v2/pkg/protocols/common/helpers/deserialization/testdata/ValueObject.class
+v2/pkg/protocols/common/helpers/deserialization/testdata/ValueObject2.ser
--- a/README.md
+++ b/README.md
@ -82,7 +82,7 @@ Usage:

 Flags:
 TARGET:
-   -u, -target string  target URL/host to scan
+   -u, -target string[]  target URLs/hosts to scan
   -l, -list string    path to file containing a list of target URLs/hosts to scan (one per line)

 TEMPLATES:
--- a/README_CN.md
+++ b/README_CN.md
@ -97,7 +97,7 @@ nuclei -h
 |burp-collaborator-biid|使用burp-collaborator插件|nuclei -burp-collaborator-biid XXXX|
 |c|并行的最大模板数量(默认10)|nuclei -c 10|
 |l|对URL列表进行测试|nuclei -l urls.txt|
-|target|对目标进行测试|nuclei -target hxxps://example.com|
+|target|对目标进行测试|nuclei -target hxxps://example.com -target hxxps://example2.com|
 |t|要检测的模板种类|nuclei -t git-core.yaml -t cves/|
 |no-color|输出不显示颜色|nuclei -no-color|
 |no-meta|不显示匹配的元数据|nuclei -no-meta|
--- a/v2/cmd/nuclei/main.go
+++ b/v2/cmd/nuclei/main.go
@ -48,8 +48,8 @@ on extensive configurability, massive extensibility and ease of use.`)
 	*/

 	createGroup(flagSet, "input", "Target",
-		flagSet.StringVarP(&options.Target, "target", "u", "", "target URL/host to scan"),
-		flagSet.StringVarP(&options.Targets, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
+		flagSet.StringSliceVarP(&options.Targets, "target", "u", []string{}, "target URLs/hosts to scan"),
+		flagSet.StringVarP(&options.TargetsFilePath, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
 	)

 	createGroup(flagSet, "templates", "Templates",
--- a/v2/internal/runner/runner.go
+++ b/v2/internal/runner/runner.go
@ -129,7 +129,7 @@ func New(options *types.Options) (*Runner, error) {
 		os.Exit(0)
 	}

-	if (len(options.Templates) == 0 || !options.NewTemplates || (options.Targets == "" && !options.Stdin && options.Target == "")) && options.UpdateTemplates {
+	if (len(options.Templates) == 0 || !options.NewTemplates || (options.TargetsFilePath == "" && !options.Stdin && len(options.Targets) == 0)) && options.UpdateTemplates {
 		os.Exit(0)
 	}
 	hm, err := hybrid.New(hybrid.DefaultDiskOptions)
@ -141,11 +141,23 @@ func New(options *types.Options) (*Runner, error) {
 	runner.inputCount = 0
 	dupeCount := 0

-	// Handle single target
-	if options.Target != "" {
-		runner.inputCount++
-		// nolint:errcheck // ignoring error
-		runner.hostMap.Set(options.Target, nil)
+	// Handle multiple targets
+	if len(options.Targets) != 0 {
+		for _, target := range options.Targets {
+			url := strings.TrimSpace(target)
+			if url == "" {
+				continue
+			}
+
+			if _, ok := runner.hostMap.Get(url); ok {
+				dupeCount++
+				continue
+			}
+
+			runner.inputCount++
+			// nolint:errcheck // ignoring error
+			runner.hostMap.Set(url, nil)
+		}
 	}

 	// Handle stdin
@ -156,10 +168,12 @@ func New(options *types.Options) (*Runner, error) {
 			if url == "" {
 				continue
 			}
+
 			if _, ok := runner.hostMap.Get(url); ok {
 				dupeCount++
 				continue
 			}
+
 			runner.inputCount++
 			// nolint:errcheck // ignoring error
 			runner.hostMap.Set(url, nil)
@ -167,8 +181,8 @@ func New(options *types.Options) (*Runner, error) {
 	}

 	// Handle target file
-	if options.Targets != "" {
-		input, inputErr := os.Open(options.Targets)
+	if options.TargetsFilePath != "" {
+		input, inputErr := os.Open(options.TargetsFilePath)
 		if inputErr != nil {
 			return nil, errors.Wrap(inputErr, "could not open targets file")
 		}
--- a/v2/internal/testutils/testutils.go
+++ b/v2/internal/testutils/testutils.go
@ -47,8 +47,8 @@ var DefaultOptions = &types.Options{
 	RateLimit:          150,
 	ProjectPath:        "",
 	Severities:         severity.Severities{},
-	Target:             "",
-	Targets:            "",
+	Targets:            []string{},
+	TargetsFilePath:    "",
 	Output:             "",
 	ProxyURL:           "",
 	ProxySocksURL:      "",
--- a/v2/pkg/types/types.go
+++ b/v2/pkg/types/types.go
@ -35,10 +35,10 @@ type Options struct {
 	ProjectPath string
 	// InteractshURL is the URL for the interactsh server.
 	InteractshURL string
-	// Target is a single URL/Domain to scan using a template
-	Target string
-	// Targets specifies the targets to scan using templates.
-	Targets string
+	// Target URLs/Domains to scan using a template
+	Targets goflags.StringSlice
+	// TargetsFilePath specifies the targets from a file to scan using templates.
+	TargetsFilePath string
 	// Output is the file to write found results to.
 	Output string
 	// ProxyURL is the URL for the proxy server