External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 15:25:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added comments to clustering + misc improvements

Browse Source
This commit is contained in:
Ice3man 2022-03-11 22:08:30 +05:30
parent f3e8ad6f1c
commit 9da8c0593b
2 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
v2/pkg/protocols/http/http.go
View File

@ -179,6 +179,11 @@ type Request struct {
IterateAll bool `yaml:"iterate-all,omitempty" jsonschema:"title=iterate all the values,description=Iterates all the values extracted from internal extractors"` IterateAll bool `yaml:"iterate-all,omitempty" jsonschema:"title=iterate all the values,description=Iterates all the values extracted from internal extractors"`
} }
// Options returns executer options for http request
func (r *Request) Options() *protocols.ExecuterOptions {
return r.options
}
// RequestPartDefinitions contains a mapping of request part definitions and their // RequestPartDefinitions contains a mapping of request part definitions and their
// description. Multiple definitions are separated by commas. // description. Multiple definitions are separated by commas.
// Definitions not having a name (generated on runtime) are prefixed & suffixed by <>. // Definitions not having a name (generated on runtime) are prefixed & suffixed by <>.

22
v2/pkg/templates/cluster.go
View File

@ -20,6 +20,23 @@ import (
// //
// If the attributes match, multiple requests can be clustered into a single // If the attributes match, multiple requests can be clustered into a single
// request which saves time and network resources during execution. // request which saves time and network resources during execution.
//
// The clusterer goes through all the templates, looking for templates with a single
// HTTP request to an endpoint (multiple requests aren't clustered as of now).
//
// All the templates are iterated and any templates with request that is identical
// to the first individual HTTP request is compared for equality.
// The equality check is performed as described below -
//
// Cases where clustering is not perfomed (request is considered different)
// - If request contains payloads,raw,body,unsafe,req-condition,name attributes
// - If request methods,max-redirects,cookie-reuse,redirects are not equal
// - If request paths aren't identical.
// - If request headers aren't identical
//
// If multiple requests are identified as identical, they are appended to a slice.
// Finally, the engine creates a single executer with a clusteredexecuter for all templates
// in a cluster.
func Cluster(list map[string]*Template) [][]*Template { func Cluster(list map[string]*Template) [][]*Template {
final := [][]*Template{} final := [][]*Template{}
@ -86,9 +103,12 @@ func ClusterTemplates(templatesList []*Template, options protocols.ExecuterOptio
for _, cluster := range clusters { for _, cluster := range clusters {
if len(cluster) > 1 { if len(cluster) > 1 {
executerOpts := options executerOpts := options
clusterID := fmt.Sprintf("cluster-%s", ClusterID(cluster)) clusterID := fmt.Sprintf("cluster-%s", ClusterID(cluster))
for _, req := range cluster[0].RequestsHTTP {
req.Options().TemplateID = clusterID
}
executerOpts.TemplateID = clusterID
finalTemplatesList = append(finalTemplatesList, &Template{ finalTemplatesList = append(finalTemplatesList, &Template{
ID: clusterID, ID: clusterID,
RequestsHTTP: cluster[0].RequestsHTTP, RequestsHTTP: cluster[0].RequestsHTTP,