External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 16:55:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

adding host with optional port type logic (#2815)

Browse Source 
* adding host with optional port type logic

* adding comment support in test cases

* updating test cases with multiple input scenarios

* readding port condition
This commit is contained in:
Mzack9999 2022-11-08 15:19:45 +01:00 committed by GitHub
parent 185c95f549
commit 840028fa93
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 85 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
v2/cmd/functional-test/main.go
View File

@ -66,6 +66,10 @@ func runTestCases(file *os.File, debug bool) (bool, []string) {
if testCase == "" { if testCase == "" {
continue continue
} }
// skip comments
if strings.HasPrefix(testCase, "#") {
continue
}
if runTestCase(testCase, debug) { if runTestCase(testCase, debug) {
errored = true errored = true
failedTestCases = append(failedTestCases, testCase) failedTestCases = append(failedTestCases, testCase)

28
v2/cmd/functional-test/testcases.txt
View File

@ -1,4 +1,7 @@
# Simple binary invocation
{{binary}} {{binary}}
# Template tags filter
{{binary}} -tags cve -ntv 8.8.8,8.8.9 {{binary}} -tags cve -ntv 8.8.8,8.8.9
{{binary}} -tags cve {{binary}} -tags cve
{{binary}} -tags cve,exposure {{binary}} -tags cve,exposure
@ -49,7 +52,32 @@
{{binary}} -tags cve -author geeknik,pdteam -tc severity=='high' {{binary}} -tags cve -author geeknik,pdteam -tc severity=='high'
{{binary}} -tc contains(authors,'pdteam') {{binary}} -tc contains(authors,'pdteam')
{{binary}} -t cves/ -t exposures/ -tc contains(tags,'cve') -exclude-templates cves/2020/CVE-2020-9757.yaml {{binary}} -t cves/ -t exposures/ -tc contains(tags,'cve') -exclude-templates cves/2020/CVE-2020-9757.yaml
# Workflow Filters
{{binary}} -w workflows {{binary}} -w workflows
{{binary}} -w workflows -author geeknik,pdteam {{binary}} -w workflows -author geeknik,pdteam
{{binary}} -w workflows -severity high,critical {{binary}} -w workflows -severity high,critical
{{binary}} -w workflows -author geeknik,pdteam -severity high,critical {{binary}} -w workflows -author geeknik,pdteam -severity high,critical
# Input Types
# http protocol
# host
{{binary}} -id tech-detect -u scanme.sh
# host:port
{{binary}} -id tech-detect -u scanme.sh:80
# scheme://host:port
{{binary}} -id tech-detect -u http://scanme.sh:80
# scheme://host
{{binary}} -id tech-detect -u https://scanme.sh
# Network Protocol
# host
{{binary}} -id ftp-weak-credentials -u scanme.sh
# host:port
{{binary}} -id ftp-weak-credentials -u scanme.sh:21
# SSL Protocol
# host
{{binary}} -id tls-version -u scanme.sh
# host:port
{{binary}} -id tls-version -u scanme.sh:22

49
v2/pkg/input/input.go
View File

@ -36,17 +36,17 @@ func (h *Helper) Close() error {
func (h *Helper) Transform(input string, protocol templateTypes.ProtocolType) string { func (h *Helper) Transform(input string, protocol templateTypes.ProtocolType) string {
switch protocol { switch protocol {
case templateTypes.DNSProtocol, templateTypes.WHOISProtocol: case templateTypes.DNSProtocol, templateTypes.WHOISProtocol:
return h.convertInputToType(input, inputTypeHost, "") return h.convertInputToType(input, typeHostOnly, "")
case templateTypes.FileProtocol, templateTypes.OfflineHTTPProtocol: case templateTypes.FileProtocol, templateTypes.OfflineHTTPProtocol:
return h.convertInputToType(input, inputTypeFilepath, "") return h.convertInputToType(input, typeFilepath, "")
case templateTypes.HTTPProtocol, templateTypes.HeadlessProtocol: case templateTypes.HTTPProtocol, templateTypes.HeadlessProtocol:
return h.convertInputToType(input, inputTypeURL, "") return h.convertInputToType(input, typeURL, "")
case templateTypes.NetworkProtocol: case templateTypes.NetworkProtocol:
return h.convertInputToType(input, inputTypeHostPort, "") return h.convertInputToType(input, typeHostWithOptionalPort, "")
case templateTypes.SSLProtocol: case templateTypes.SSLProtocol:
return h.convertInputToType(input, inputTypeHostPort, "443") return h.convertInputToType(input, typeHostWithPort, "443")
case templateTypes.WebsocketProtocol: case templateTypes.WebsocketProtocol:
return h.convertInputToType(input, inputTypeWebsocket, "") return h.convertInputToType(input, typeWebsocket, "")
} }
return input return input
} }
@ -54,18 +54,18 @@ func (h *Helper) Transform(input string, protocol templateTypes.ProtocolType) st
type inputType int type inputType int
const ( const (
inputTypeHost inputType = iota + 1 typeHostOnly inputType = iota + 1
inputTypeURL typeHostWithPort
inputTypeFilepath typeHostWithOptionalPort
inputTypeHostPort typeURL
inputTypeWebsocket typeFilepath
typeWebsocket
) )
// convertInputToType converts an input based on an inputType. // convertInputToType converts an input based on an inputType.
// Various formats are supported for inputs and their transformation // Various formats are supported for inputs and their transformation
func (h *Helper) convertInputToType(input string, inputType inputType, defaultPort string) string { func (h *Helper) convertInputToType(input string, inputType inputType, defaultPort string) string {
notURL := !strings.Contains(input, "://") notURL := !strings.Contains(input, "://")
parsed, _ := url.Parse(input) parsed, _ := url.Parse(input)
var host, port string var host, port string
if !notURL { if !notURL {
@ -73,9 +73,11 @@ func (h *Helper) convertInputToType(input string, inputType inputType, defaultPo
} else { } else {
host, port, _ = net.SplitHostPort(input) host, port, _ = net.SplitHostPort(input)
} }
hasPort := port != ""
if inputType == inputTypeFilepath { if inputType == typeFilepath {
if port != "" { // if it has ports most likely it's not a file
if hasPort {
return "" return ""
} }
if filepath.IsAbs(input) { if filepath.IsAbs(input) {
@ -87,7 +89,7 @@ func (h *Helper) convertInputToType(input string, inputType inputType, defaultPo
if _, err := filepath.Match(input, ""); err != filepath.ErrBadPattern && notURL { if _, err := filepath.Match(input, ""); err != filepath.ErrBadPattern && notURL {
return input return input
} }
} else if inputType == inputTypeHost { } else if inputType == typeHostOnly {
if host != "" { if host != "" {
return host return host
} }
@ -96,7 +98,7 @@ func (h *Helper) convertInputToType(input string, inputType inputType, defaultPo
} else { } else {
return input return input
} }
} else if inputType == inputTypeURL { } else if inputType == typeURL {
if parsed != nil && (parsed.Scheme == "http" || parsed.Scheme == "https") { if parsed != nil && (parsed.Scheme == "http" || parsed.Scheme == "https") {
return input return input
} }
@ -105,7 +107,7 @@ func (h *Helper) convertInputToType(input string, inputType inputType, defaultPo
return string(probed) return string(probed)
} }
} }
} else if inputType == inputTypeHostPort { } else if inputType == typeHostWithPort {
if host != "" && port != "" { if host != "" && port != "" {
return net.JoinHostPort(host, port) return net.JoinHostPort(host, port)
} }
@ -115,7 +117,18 @@ func (h *Helper) convertInputToType(input string, inputType inputType, defaultPo
if defaultPort != "" { if defaultPort != "" {
return net.JoinHostPort(input, defaultPort) return net.JoinHostPort(input, defaultPort)
} }
} else if inputType == inputTypeWebsocket { } else if inputType == typeHostWithOptionalPort {
if host != "" && port != "" {
return net.JoinHostPort(host, port)
}
if parsed != nil && port == "" && parsed.Scheme == "https" {
return net.JoinHostPort(parsed.Host, "443")
}
if defaultPort != "" {
return net.JoinHostPort(input, defaultPort)
}
return input
} else if inputType == typeWebsocket {
if parsed != nil && (parsed.Scheme == "ws" || parsed.Scheme == "wss") { if parsed != nil && (parsed.Scheme == "ws" || parsed.Scheme == "wss") {
return input return input
} }

44
v2/pkg/input/input_test.go
View File

@ -24,37 +24,37 @@ func TestConvertInputToType(t *testing.T) {
defaultPort string defaultPort string
}{ }{
// host // host
{"google.com", inputTypeHost, "google.com", ""}, {"google.com", typeHostOnly, "google.com", ""},
{"google.com:443", inputTypeHost, "google.com", ""}, {"google.com:443", typeHostOnly, "google.com", ""},
{"https://google.com", inputTypeHost, "google.com", ""}, {"https://google.com", typeHostOnly, "google.com", ""},
{"https://google.com:443", inputTypeHost, "google.com", ""}, {"https://google.com:443", typeHostOnly, "google.com", ""},
// url // url
{"test.com", inputTypeURL, "", ""}, {"test.com", typeURL, "", ""},
{"google.com", inputTypeURL, "https://google.com", ""}, {"google.com", typeURL, "https://google.com", ""},
{"https://google.com", inputTypeURL, "https://google.com", ""}, {"https://google.com", typeURL, "https://google.com", ""},
// file // file
{"google.com:443", inputTypeFilepath, "", ""}, {"google.com:443", typeFilepath, "", ""},
{"https://google.com:443", inputTypeFilepath, "", ""}, {"https://google.com:443", typeFilepath, "", ""},
{"/example/path", inputTypeFilepath, "/example/path", ""}, {"/example/path", typeFilepath, "/example/path", ""},
{"input_test.go", inputTypeFilepath, "input_test.go", ""}, {"input_test.go", typeFilepath, "input_test.go", ""},
{"../input", inputTypeFilepath, "../input", ""}, {"../input", typeFilepath, "../input", ""},
{"input_test.*", inputTypeFilepath, "input_test.*", ""}, {"input_test.*", typeFilepath, "input_test.*", ""},
// host-port // host-port
{"google.com", inputTypeHostPort, "", ""}, {"google.com", typeHostWithPort, "", ""},
{"google.com:443", inputTypeHostPort, "google.com:443", ""}, {"google.com:443", typeHostWithPort, "google.com:443", ""},
{"https://google.com", inputTypeHostPort, "google.com:443", ""}, {"https://google.com", typeHostWithPort, "google.com:443", ""},
{"https://google.com:443", inputTypeHostPort, "google.com:443", ""}, {"https://google.com:443", typeHostWithPort, "google.com:443", ""},
// host-port with default port // host-port with default port
{"google.com", inputTypeHostPort, "google.com:443", "443"}, {"google.com", typeHostWithPort, "google.com:443", "443"},
// websocket // websocket
{"google.com", inputTypeWebsocket, "", ""}, {"google.com", typeWebsocket, "", ""},
{"google.com:443", inputTypeWebsocket, "", ""}, {"google.com:443", typeWebsocket, "", ""},
{"https://google.com:443", inputTypeWebsocket, "", ""}, {"https://google.com:443", typeWebsocket, "", ""},
{"wss://google.com", inputTypeWebsocket, "wss://google.com", ""}, {"wss://google.com", typeWebsocket, "wss://google.com", ""},
} }
for _, test := range tests { for _, test := range tests {