From bc84fb1109434d6b670d87d2cb1c42c5ebdc278b Mon Sep 17 00:00:00 2001 From: mzack Date: Tue, 18 Jan 2022 13:35:41 +0100 Subject: [PATCH 1/3] Adding auto-PTR IP to FQDN --- v2/pkg/protocols/dns/dns.go | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/v2/pkg/protocols/dns/dns.go b/v2/pkg/protocols/dns/dns.go index 55be679a6..2f6697f79 100644 --- a/v2/pkg/protocols/dns/dns.go +++ b/v2/pkg/protocols/dns/dns.go @@ -1,7 +1,6 @@ package dns import ( - "net" "strings" "github.com/miekg/dns" @@ -9,6 +8,7 @@ import ( "github.com/weppos/publicsuffix-go/publicsuffix" + "github.com/projectdiscovery/iputil" "github.com/projectdiscovery/nuclei/v2/pkg/operators" "github.com/projectdiscovery/nuclei/v2/pkg/protocols" "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions" @@ -170,11 +170,21 @@ func (request *Request) Requests() int { } // Make returns the request to be sent for the protocol -func (request *Request) Make(domain string) (*dns.Msg, error) { - if request.question != dns.TypePTR && net.ParseIP(domain) != nil { - return nil, errors.New("cannot use IP address as DNS input") +func (request *Request) Make(host string) (*dns.Msg, error) { + isIP := iputil.IsIP(host) + switch { + case request.question == dns.TypePTR && isIP: + var err error + host, err = dns.ReverseAddr(host) + if err != nil { + return nil, err + } + default: + if isIP { + return nil, errors.New("cannot use IP address as DNS input") + } + host = dns.Fqdn(host) } - domain = dns.Fqdn(domain) // Build a request on the specified URL req := new(dns.Msg) @@ -183,7 +193,7 @@ func (request *Request) Make(domain string) (*dns.Msg, error) { var q dns.Question - final := replacer.Replace(request.Name, generateDNSVariables(domain)) + final := replacer.Replace(request.Name, generateDNSVariables(host)) q.Name = dns.Fqdn(final) q.Qclass = request.class From 994bc9e7894baa20d96b557bab8e1fa634ef2baf Mon Sep 17 00:00:00 2001 From: mzack Date: Tue, 18 Jan 2022 13:47:15 +0100 Subject: [PATCH 2/3] adding PTR integration test --- integration_tests/dns/ptr.yaml | 22 ++++++++++++++++++++++ v2/cmd/integration-test/dns.go | 17 +++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 integration_tests/dns/ptr.yaml diff --git a/integration_tests/dns/ptr.yaml b/integration_tests/dns/ptr.yaml new file mode 100644 index 000000000..996194705 --- /dev/null +++ b/integration_tests/dns/ptr.yaml @@ -0,0 +1,22 @@ +id: ptr-fingerprint + +info: + name: PTR Fingerprint + author: pdteam + severity: info + tags: dns,ptr + +dns: + - name: "{{FQDN}}" + type: PTR + + matchers: + - type: word + words: + - "IN\tPTR" + + extractors: + - type: regex + group: 1 + regex: + - "IN\tPTR\t(.+)" \ No newline at end of file diff --git a/v2/cmd/integration-test/dns.go b/v2/cmd/integration-test/dns.go index 0ba4be720..e4fbdb433 100644 --- a/v2/cmd/integration-test/dns.go +++ b/v2/cmd/integration-test/dns.go @@ -6,6 +6,7 @@ import ( var dnsTestCases = map[string]testutils.TestCase{ "dns/basic.yaml": &dnsBasic{}, + "dns/ptr.yaml": &dnsPtr{}, } type dnsBasic struct{} @@ -23,3 +24,19 @@ func (h *dnsBasic) Execute(filePath string) error { } return expectResultsCount(results, 1) } + +type dnsPtr struct{} + +// Execute executes a test case and returns an error if occurred +func (h *dnsBasic) dnsPtr(filePath string) error { + var routerErr error + + results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "1.1.1.1", debug) + if err != nil { + return err + } + if routerErr != nil { + return routerErr + } + return expectResultsCount(results, 1) +} From f552b07a5f1c77d36d5769f0ae4f485d89bd2ce2 Mon Sep 17 00:00:00 2001 From: mzack Date: Tue, 18 Jan 2022 13:49:23 +0100 Subject: [PATCH 3/3] fixing test case --- v2/cmd/integration-test/dns.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/v2/cmd/integration-test/dns.go b/v2/cmd/integration-test/dns.go index e4fbdb433..8e3b7213a 100644 --- a/v2/cmd/integration-test/dns.go +++ b/v2/cmd/integration-test/dns.go @@ -28,7 +28,7 @@ func (h *dnsBasic) Execute(filePath string) error { type dnsPtr struct{} // Execute executes a test case and returns an error if occurred -func (h *dnsBasic) dnsPtr(filePath string) error { +func (h *dnsPtr) Execute(filePath string) error { var routerErr error results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "1.1.1.1", debug)