diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml deleted file mode 100644 index 8743e914f..000000000 --- a/.github/workflows/dockerhub-push.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: 🐳 Docker Push - -on: - workflow_run: - workflows: ["🎉 Release Binary"] - types: - - completed - workflow_dispatch: - -jobs: - docker: - runs-on: ubuntu-latest-16-cores - steps: - - name: Git Checkout - uses: actions/checkout@v4 - - - name: Get GitHub tag - id: meta - run: | - curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - - name: Build and push - uses: docker/build-push-action@v6 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: projectdiscovery/nuclei:latest,projectdiscovery/nuclei:${{ steps.meta.outputs.TAG }} - - - name: Update DockerHub Description - uses: peter-evans/dockerhub-description@v4 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - repository: projectdiscovery/nuclei diff --git a/.github/workflows/generate-pgo.yaml b/.github/workflows/generate-pgo.yaml index 25ea17858..463e7d686 100644 --- a/.github/workflows/generate-pgo.yaml +++ b/.github/workflows/generate-pgo.yaml @@ -19,7 +19,7 @@ jobs: strategy: matrix: targets: [150] - runs-on: ubuntu-latest-16-cores + runs-on: ubuntu-latest if: github.repository == 'projectdiscovery/nuclei' permissions: contents: write diff --git a/.github/workflows/perf-regression.yaml b/.github/workflows/perf-regression.yaml index 9f4b2fb88..090f722eb 100644 --- a/.github/workflows/perf-regression.yaml +++ b/.github/workflows/perf-regression.yaml @@ -6,7 +6,7 @@ on: jobs: perf-regression: - runs-on: ubuntu-latest-16-cores + runs-on: ubuntu-latest if: github.repository == 'projectdiscovery/nuclei' env: BENCH_OUT: "/tmp/bench.out" diff --git a/.github/workflows/perf-test.yaml b/.github/workflows/perf-test.yaml index ec2449464..94dec5cbd 100644 --- a/.github/workflows/perf-test.yaml +++ b/.github/workflows/perf-test.yaml @@ -10,7 +10,7 @@ jobs: strategy: matrix: count: [50, 100, 150] - runs-on: ubuntu-latest-16-cores + runs-on: ubuntu-latest if: github.repository == 'projectdiscovery/nuclei' env: LIST_FILE: "/tmp/targets-${{ matrix.count }}.txt" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 66d45b01b..a7d187b66 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -14,6 +14,12 @@ jobs: with: fetch-depth: 0 - uses: projectdiscovery/actions/setup/go@v1 + - uses: docker/setup-qemu-action@v3 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} - uses: projectdiscovery/actions/goreleaser@v1 with: release: true diff --git a/.goreleaser.yml b/.goreleaser.yml index f488d4df0..0eed4c4be 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,3 +1,5 @@ +version: 2 + before: hooks: - go mod download @@ -44,6 +46,26 @@ archives: checksum: algorithm: sha256 +dockers: + - image_templates: + - "{{ .ProjectName }}:{{ .Tag }}" + - "{{ .ProjectName }}:v{{ .Major }}.{{ .Minor }}" + - "{{ .ProjectName }}:v{{ .Major }}" + - "{{ .ProjectName }}:latest" + dockerfile: Dockerfile.goreleaser + use: buildx + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.authors=ProjectDiscovery" + - "--label=org.opencontainers.image.created={{ .Date }}" + - "--label=org.opencontainers.image.description=\"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.\"" + - "--label=org.opencontainers.image.licenses=MIT" + - "--label=org.opencontainers.image.ref.name={{ .Tag }}" + - "--label=org.opencontainers.image.revision={{ .FullCommit }}" + - "--label=org.opencontainers.image.title={{ .ProjectName }}" + - "--label=org.opencontainers.image.url=https://github.com/projectdiscovery/{{ .ProjectName }}" + - "--label=org.opencontainers.image.version={{ .Version }}" + announce: slack: enabled: true diff --git a/Dockerfile b/Dockerfile index 2a054840d..9d7a780c7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,16 @@ # Build -FROM golang:1.22-alpine AS build-env +FROM golang:1.22-alpine AS builder + RUN apk add build-base WORKDIR /app COPY . /app -RUN go mod download -RUN go build ./cmd/nuclei +RUN make verify +RUN make build # Release -FROM alpine:3.18.6 -RUN apk upgrade --no-cache \ - && apk add --no-cache bind-tools chromium ca-certificates -COPY --from=build-env /app/nuclei /usr/local/bin/ +FROM alpine:latest + +RUN apk add --no-cache bind-tools chromium ca-certificates +COPY --from=builder /app/bin/nuclei /usr/local/bin/ ENTRYPOINT ["nuclei"] \ No newline at end of file diff --git a/Dockerfile.goreleaser b/Dockerfile.goreleaser new file mode 100644 index 000000000..7007a213d --- /dev/null +++ b/Dockerfile.goreleaser @@ -0,0 +1,6 @@ +FROM alpine:latest + +RUN apk add --no-cache bind-tools chromium ca-certificates +COPY nuclei /usr/local/bin/ + +ENTRYPOINT ["nuclei"] \ No newline at end of file diff --git a/README.md b/README.md index 83db361db..fa76e3695 100644 --- a/README.md +++ b/README.md @@ -395,7 +395,7 @@ nuclei -target https://example.com Nuclei can handle bulk scanning by providing a list of targets. You can use a file containing multiple URLs. ```sh -nuclei -targets urls.txt +nuclei -list urls.txt ``` ### Network scan diff --git a/cmd/docgen/docgen.go b/cmd/docgen/docgen.go index f9dc8278e..51c2a195d 100644 --- a/cmd/docgen/docgen.go +++ b/cmd/docgen/docgen.go @@ -6,53 +6,58 @@ import ( "os" "reflect" "regexp" - "strings" "github.com/invopop/jsonschema" - "github.com/projectdiscovery/nuclei/v3/pkg/templates" "github.com/projectdiscovery/nuclei/v3/pkg/utils/json" ) var pathRegex = regexp.MustCompile(`github\.com/projectdiscovery/nuclei/v3/(?:internal|pkg)/(?:.*/)?([A-Za-z.]+)`) -func main() { - // Generate yaml syntax documentation - data, err := templates.GetTemplateDoc().Encode() +func writeToFile(filename string, data []byte) { + file, err := os.Create(filename) if err != nil { - log.Fatalf("Could not encode docs: %s\n", err) + log.Fatalf("Could not create file %s: %s\n", filename, err) } + defer file.Close() + _, err = file.Write(data) + if err != nil { + log.Fatalf("Could not write to file %s: %s\n", filename, err) + } +} + +func main() { if len(os.Args) < 3 { log.Fatalf("syntax: %s md-docs-file jsonschema-file\n", os.Args[0]) } - err = os.WriteFile(os.Args[1], data, 0644) + // Generate YAML documentation + data, err := templates.GetTemplateDoc().Encode() if err != nil { - log.Fatalf("Could not write docs: %s\n", err) + log.Fatalf("Could not encode docs: %s\n", err) + } + writeToFile(os.Args[1], data) + + // Generate JSON Schema + r := &jsonschema.Reflector{ + Namer: func(t reflect.Type) string { + if t.Kind() == reflect.Slice { + return "" + } + return t.String() + }, } - // Generate jsonschema - r := &jsonschema.Reflector{} - r.Namer = func(r reflect.Type) string { - if r.Kind() == reflect.Slice { - return "" - } - return r.String() - } jsonschemaData := r.Reflect(&templates.Template{}) var buf bytes.Buffer encoder := json.NewEncoder(&buf) encoder.SetIndent("", " ") - _ = encoder.Encode(jsonschemaData) + if err := encoder.Encode(jsonschemaData); err != nil { + log.Fatalf("Could not encode JSON schema: %s\n", err) + } - schema := buf.String() - for _, match := range pathRegex.FindAllStringSubmatch(schema, -1) { - schema = strings.ReplaceAll(schema, match[0], match[1]) - } - err = os.WriteFile(os.Args[2], []byte(schema), 0644) - if err != nil { - log.Fatalf("Could not write jsonschema: %s\n", err) - } + schema := pathRegex.ReplaceAllString(buf.String(), "$1") + writeToFile(os.Args[2], []byte(schema)) } diff --git a/go.mod b/go.mod index e5aa91a5c..1b19de900 100644 --- a/go.mod +++ b/go.mod @@ -20,12 +20,12 @@ require ( github.com/olekukonko/tablewriter v0.0.5 github.com/pkg/errors v0.9.1 github.com/projectdiscovery/clistats v0.1.1 - github.com/projectdiscovery/fastdialer v0.3.0 - github.com/projectdiscovery/hmap v0.0.82 + github.com/projectdiscovery/fastdialer v0.4.0 + github.com/projectdiscovery/hmap v0.0.85 github.com/projectdiscovery/interactsh v1.2.4 - github.com/projectdiscovery/rawhttp v0.1.89 - github.com/projectdiscovery/retryabledns v1.0.94 - github.com/projectdiscovery/retryablehttp-go v1.0.101 + github.com/projectdiscovery/rawhttp v0.1.90 + github.com/projectdiscovery/retryabledns v1.0.96 + github.com/projectdiscovery/retryablehttp-go v1.0.102 github.com/projectdiscovery/yamldoc-go v1.0.6 github.com/remeh/sizedwaitgroup v1.0.0 github.com/rs/xid v1.5.0 @@ -84,24 +84,24 @@ require ( github.com/microsoft/go-mssqldb v1.6.0 github.com/ory/dockertest/v3 v3.10.0 github.com/praetorian-inc/fingerprintx v1.1.9 - github.com/projectdiscovery/dsl v0.3.18 + github.com/projectdiscovery/dsl v0.3.21 github.com/projectdiscovery/fasttemplate v0.0.2 github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb github.com/projectdiscovery/goflags v0.1.74 - github.com/projectdiscovery/gologger v1.1.46 + github.com/projectdiscovery/gologger v1.1.49 github.com/projectdiscovery/gostruct v0.0.2 github.com/projectdiscovery/gozero v0.0.3 github.com/projectdiscovery/httpx v1.6.10 github.com/projectdiscovery/mapcidr v1.1.34 github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5 - github.com/projectdiscovery/ratelimit v0.0.75 + github.com/projectdiscovery/ratelimit v0.0.77 github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917 github.com/projectdiscovery/sarif v0.0.1 github.com/projectdiscovery/tlsx v1.1.9 github.com/projectdiscovery/uncover v1.0.10 - github.com/projectdiscovery/useragent v0.0.94 - github.com/projectdiscovery/utils v0.4.12 - github.com/projectdiscovery/wappalyzergo v0.2.18 + github.com/projectdiscovery/useragent v0.0.97 + github.com/projectdiscovery/utils v0.4.15 + github.com/projectdiscovery/wappalyzergo v0.2.21 github.com/redis/go-redis/v9 v9.1.0 github.com/seh-msft/burpxml v1.0.1 github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 @@ -219,7 +219,7 @@ require ( github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/projectdiscovery/asnmap v1.1.1 // indirect - github.com/projectdiscovery/cdncheck v1.1.8 // indirect + github.com/projectdiscovery/cdncheck v1.1.11 // indirect github.com/projectdiscovery/freeport v0.0.7 // indirect github.com/projectdiscovery/ldapserver v1.0.2-0.20240219154113-dcc758ebc0cb // indirect github.com/projectdiscovery/machineid v0.0.0-20240226150047-2e2c51e35983 // indirect @@ -309,7 +309,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect github.com/projectdiscovery/blackrock v0.0.1 // indirect - github.com/projectdiscovery/networkpolicy v0.1.7 + github.com/projectdiscovery/networkpolicy v0.1.9 github.com/rivo/uniseg v0.4.7 // indirect github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect github.com/tklauser/go-sysconf v0.3.12 // indirect diff --git a/go.sum b/go.sum index 32ac60d11..5327f1bae 100644 --- a/go.sum +++ b/go.sum @@ -868,14 +868,14 @@ github.com/projectdiscovery/asnmap v1.1.1 h1:ImJiKIaACOT7HPx4Pabb5dksolzaFYsD1kI github.com/projectdiscovery/asnmap v1.1.1/go.mod h1:QT7jt9nQanj+Ucjr9BqGr1Q2veCCKSAVyUzLXfEcQ60= github.com/projectdiscovery/blackrock v0.0.1 h1:lHQqhaaEFjgf5WkuItbpeCZv2DUIE45k0VbGJyft6LQ= github.com/projectdiscovery/blackrock v0.0.1/go.mod h1:ANUtjDfaVrqB453bzToU+YB4cUbvBRpLvEwoWIwlTss= -github.com/projectdiscovery/cdncheck v1.1.8 h1:kOdgKm2QTm0s76jSEHEAQISc5Gb20goJbVLpHqqza+8= -github.com/projectdiscovery/cdncheck v1.1.8/go.mod h1:dFEGsG0qAJY0AaRr2N1BY0OtZiTxS4kYeT5+OkF8t1U= +github.com/projectdiscovery/cdncheck v1.1.11 h1:r7hkw0BAfD/YsnKq1fVgZJDfMHhqVmDQroerjlST6oQ= +github.com/projectdiscovery/cdncheck v1.1.11/go.mod h1:dFEGsG0qAJY0AaRr2N1BY0OtZiTxS4kYeT5+OkF8t1U= github.com/projectdiscovery/clistats v0.1.1 h1:8mwbdbwTU4aT88TJvwIzTpiNeow3XnAB72JIg66c8wE= github.com/projectdiscovery/clistats v0.1.1/go.mod h1:4LtTC9Oy//RiuT1+76MfTg8Hqs7FQp1JIGBM3nHK6a0= -github.com/projectdiscovery/dsl v0.3.18 h1:UsFiVdqjIm3S1KNQhGUWwgQgCp5N9O39kZmjfazXVQY= -github.com/projectdiscovery/dsl v0.3.18/go.mod h1:RYA1/QE/L+hFO3haGFc9RU2DQtLoJDszBXYWbD/8T9U= -github.com/projectdiscovery/fastdialer v0.3.0 h1:/wMptjdsrAU/wiaA/U3lSgYGaYCGJH6xm0mLei6oMxk= -github.com/projectdiscovery/fastdialer v0.3.0/go.mod h1:Q0YLArvpx9GAfY/NcTPMCA9qZuVOGnuVoNYWzKBwxdQ= +github.com/projectdiscovery/dsl v0.3.21 h1:z7sI4GSI3kz8CPXeRrnydqZmpR9oKvp6ejEyUk6r7D4= +github.com/projectdiscovery/dsl v0.3.21/go.mod h1:6+X/o2r3P9x3AK8Ki5cRiOjoPDBXawXwg/QcI9E1i8w= +github.com/projectdiscovery/fastdialer v0.4.0 h1:licZKyq+Shd5lLDb8uPd60Jp43K4NFE8cr67XD2eg7w= +github.com/projectdiscovery/fastdialer v0.4.0/go.mod h1:Q0YLArvpx9GAfY/NcTPMCA9qZuVOGnuVoNYWzKBwxdQ= github.com/projectdiscovery/fasttemplate v0.0.2 h1:h2cISk5xDhlJEinlBQS6RRx0vOlOirB2y3Yu4PJzpiA= github.com/projectdiscovery/fasttemplate v0.0.2/go.mod h1:XYWWVMxnItd+r0GbjA1GCsUopMw1/XusuQxdyAIHMCw= github.com/projectdiscovery/freeport v0.0.7 h1:Q6uXo/j8SaV/GlAHkEYQi8WQoPXyJWxyspx+aFmz9Qk= @@ -884,14 +884,14 @@ github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb h1:rutG90 github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb/go.mod h1:FLjF1DmZ+POoGEiIQdWuYVwS++C/GwpX8YaCsTSm1RY= github.com/projectdiscovery/goflags v0.1.74 h1:n85uTRj5qMosm0PFBfsvOL24I7TdWRcWq/1GynhXS7c= github.com/projectdiscovery/goflags v0.1.74/go.mod h1:UMc9/7dFz2oln+10tv6cy+7WZKTHf9UGhaNkF95emh4= -github.com/projectdiscovery/gologger v1.1.46 h1:dBbtVJM3Y0rBBukvk2vLmConuMEI3KDj8k9DhECj/bU= -github.com/projectdiscovery/gologger v1.1.46/go.mod h1:9ZPkQd79jpuy3M4ZENmXx78hobqvumkIgZ03tn4hD/M= +github.com/projectdiscovery/gologger v1.1.49 h1:1IHvVhRN6evQpxp35e55Vmcq/QjocN3bYEyxY5n5OQA= +github.com/projectdiscovery/gologger v1.1.49/go.mod h1:askNkcvSKXaRibPvIPuFDJl8qa3yK/EtBgFnCt3Dni0= github.com/projectdiscovery/gostruct v0.0.2 h1:s8gP8ApugGM4go1pA+sVlPDXaWqNP5BBDDSv7VEdG1M= github.com/projectdiscovery/gostruct v0.0.2/go.mod h1:H86peL4HKwMXcQQtEa6lmC8FuD9XFt6gkNR0B/Mu5PE= github.com/projectdiscovery/gozero v0.0.3 h1:tsYkrSvWw4WdIUJyisd4MB1vRiw1X57TuVVk3p8Z3G8= github.com/projectdiscovery/gozero v0.0.3/go.mod h1:MpJ37Dsh94gy2EKqaemdeh+CzduGVB2SDfhr6Upsjew= -github.com/projectdiscovery/hmap v0.0.82 h1:gPFkeD5sbY3uVIxgtgDkzHmXCo/H7cbhRhdLX//+G1A= -github.com/projectdiscovery/hmap v0.0.82/go.mod h1:8vSfVgZwCRbHitnZPgpsOw8115/mJX/b4B8QKR88Iak= +github.com/projectdiscovery/hmap v0.0.85 h1:WXP/gOSzFm8mfMAJpRN1oQ3lYbBHVGvak+nSY5IgRh4= +github.com/projectdiscovery/hmap v0.0.85/go.mod h1:TdBM3U8x25uBBnsD9OJtAKKoRVPJXubU9L9/1HdTg/c= github.com/projectdiscovery/httpx v1.6.10 h1:R08LiWDQKJNmVHcR5TdIGQil1O3ShiFonK6Wf+gzg0k= github.com/projectdiscovery/httpx v1.6.10/go.mod h1:drsRPt18IQB/Gfj4D0D9woS3hkY+m6k4HgL09JXX4vg= github.com/projectdiscovery/interactsh v1.2.4 h1:WUSj+fxbcV53J64oIAhbYzCKD1w/IyenyRBhkI5jiqI= @@ -904,18 +904,18 @@ github.com/projectdiscovery/mapcidr v1.1.34 h1:udr83vQ7oz3kEOwlsU6NC6o08leJzSDQt github.com/projectdiscovery/mapcidr v1.1.34/go.mod h1:1+1R6OkKSAKtWDXE9RvxXtXPoajXTYX0eiEdkqlhQqQ= github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5 h1:L/e8z8yw1pfT6bg35NiN7yd1XKtJap5Nk6lMwQ0RNi8= github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5/go.mod h1:pGW2ncnTxTxHtP9wzcIJAB+3/NMp6IiuQWd2NK7K+oc= -github.com/projectdiscovery/networkpolicy v0.1.7 h1:SIFsv5f8JYDwCUH/AUTeB3dpXthx0AUz2rej64rNWwY= -github.com/projectdiscovery/networkpolicy v0.1.7/go.mod h1:grubaCHOEgT6a2r/p8DlfOwovEL4N8Fd3yye7/ACwug= -github.com/projectdiscovery/ratelimit v0.0.75 h1:CcfER34mqU5NjAMI5JN+Sl7slN++m3SKeb6+Ed0KI/c= -github.com/projectdiscovery/ratelimit v0.0.75/go.mod h1:Gm/NA+pYJMTPMLSurQX95mXb+RDBfLAEONVqzcCW1GU= -github.com/projectdiscovery/rawhttp v0.1.89 h1:aIkCd0BYlQ11UoPaMP6U5Ujvycch21CD58U1AGxxz6E= -github.com/projectdiscovery/rawhttp v0.1.89/go.mod h1:q90gCzooR1Xtv8671ipav3tjmXrJx/0aG3HtLNCP6xI= +github.com/projectdiscovery/networkpolicy v0.1.9 h1:MMFN3zAutxcFmmxuXUcVl1BZJOacUas8NMigdq6Da7U= +github.com/projectdiscovery/networkpolicy v0.1.9/go.mod h1:tWz6ZlkwpdJ5MML/yE/WE4Q+43nAsPEf9/ffCuWtZo4= +github.com/projectdiscovery/ratelimit v0.0.77 h1:hdZuXQRENzN7gsZgHPZdMOSpMXMzH7WYDLgvW/S5Nbk= +github.com/projectdiscovery/ratelimit v0.0.77/go.mod h1:0JGCJGpwtmrroTurx/4XIpBFKdeIObWc7ZRVwpYeQcI= +github.com/projectdiscovery/rawhttp v0.1.90 h1:LOSZ6PUH08tnKmWsIwvwv1Z/4zkiYKYOSZ6n+8RFKtw= +github.com/projectdiscovery/rawhttp v0.1.90/go.mod h1:VZYAM25UI/wVB3URZ95ZaftgOnsbphxyAw/XnQRRz4Y= github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917 h1:m03X4gBVSorSzvmm0bFa7gDV4QNSOWPL/fgZ4kTXBxk= github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917/go.mod h1:JxXtZC9e195awe7EynrcnBJmFoad/BNDzW9mzFkK8Sg= -github.com/projectdiscovery/retryabledns v1.0.94 h1:MvxtRcmvxhxikxT7p/E40hcYRWRiL5fg/JQ8bpBaz+0= -github.com/projectdiscovery/retryabledns v1.0.94/go.mod h1:croGTyMM4yNlrSWA/X7xNe3c0c7mDmCdbm8goLd8Bak= -github.com/projectdiscovery/retryablehttp-go v1.0.101 h1:xmoXGVQ7DD/5YvDvtaOExbbF6aXlr5ARjssXgMdtkmY= -github.com/projectdiscovery/retryablehttp-go v1.0.101/go.mod h1:d+xU7CAHiOL/v+QQIHT4AXbEjTO7o0B5naQQOC0JDhw= +github.com/projectdiscovery/retryabledns v1.0.96 h1:NeXFOIgLZXstl+v3JNEfU0z0WLvQJTvz4YUFupFruDQ= +github.com/projectdiscovery/retryabledns v1.0.96/go.mod h1:UCM+4AWmncf1xO/Ku8oYntWLiuaQTwD7TFCfaDKp4ig= +github.com/projectdiscovery/retryablehttp-go v1.0.102 h1:OgVbzGzFq1a82D/kVoooPSgRHU17RDO/fVWUTfMyDvE= +github.com/projectdiscovery/retryablehttp-go v1.0.102/go.mod h1:hDyw8H3GOeA0XjpdTdS4JF7qflojp6PAZ9t6vCFFbCU= github.com/projectdiscovery/sarif v0.0.1 h1:C2Tyj0SGOKbCLgHrx83vaE6YkzXEVrMXYRGLkKCr/us= github.com/projectdiscovery/sarif v0.0.1/go.mod h1:cEYlDu8amcPf6b9dSakcz2nNnJsoz4aR6peERwV+wuQ= github.com/projectdiscovery/stringsutil v0.0.2 h1:uzmw3IVLJSMW1kEg8eCStG/cGbYYZAja8BH3LqqJXMA= @@ -924,12 +924,12 @@ github.com/projectdiscovery/tlsx v1.1.9 h1:DhErhHCO2+toF5DEX7qe3pkwrIrYlex3F/mzH github.com/projectdiscovery/tlsx v1.1.9/go.mod h1:Jy+r38WyYjapQWaffiKGdYm4Ksdrt8BWtsqA2rUospU= github.com/projectdiscovery/uncover v1.0.10 h1:FdnBYgynGUtjIsW5WPIIhadR1Smcghik9cZSMEtILN4= github.com/projectdiscovery/uncover v1.0.10/go.mod h1:l7QQ+mBc7bLK4tqYqPyo9nrYdz1K8vaGZWKYihkHmAs= -github.com/projectdiscovery/useragent v0.0.94 h1:6/JtkkGZveyJ0+IjvA01Py+X2KZGOemQn6yQY1by3AU= -github.com/projectdiscovery/useragent v0.0.94/go.mod h1:QL4NRHuw0c46XCzstUaHY2pktkcgUsoyMtpyi3a/79A= -github.com/projectdiscovery/utils v0.4.12 h1:3HE+4Go4iTwipeN2B+tC7xl7KS4BgXgp0BZaQXE2bjM= -github.com/projectdiscovery/utils v0.4.12/go.mod h1:EDUNBDGTO+Tfl6YQj3ADg97iYp2h8IbCmpP24LMW3+E= -github.com/projectdiscovery/wappalyzergo v0.2.18 h1:oYI7iOu3m9j58jSbnefop8s1VhkNbH7Z35P3qwQxDtA= -github.com/projectdiscovery/wappalyzergo v0.2.18/go.mod h1:F8X79ljvmvrG+EIxdxWS9VbdkVTsQupHYz+kXlp8O0o= +github.com/projectdiscovery/useragent v0.0.97 h1:FoDmkWkLfPZ6Drg1BQEwj5oWUZHQXUO6IerZNzHGAlM= +github.com/projectdiscovery/useragent v0.0.97/go.mod h1:M7Vc7hbuCuaAS9y0R6XQN+buaA6g2Z9oZMgVSDisn+M= +github.com/projectdiscovery/utils v0.4.15 h1:6Bh+Bvqc7352rUzQtRtQqNGaVIXv6ZJ4yvE++Jrk58E= +github.com/projectdiscovery/utils v0.4.15/go.mod h1:y5gnpQn802iEWqf0djTRNskJlS62P5eqe1VS1+ah0tk= +github.com/projectdiscovery/wappalyzergo v0.2.21 h1:7dcoAM5dM6QSddv5VEnT1ySw3CBlhJpuJVYuwJa0drg= +github.com/projectdiscovery/wappalyzergo v0.2.21/go.mod h1:F8X79ljvmvrG+EIxdxWS9VbdkVTsQupHYz+kXlp8O0o= github.com/projectdiscovery/yamldoc-go v1.0.6 h1:GCEdIRlQjDux28xTXKszM7n3jlMf152d5nqVpVoetas= github.com/projectdiscovery/yamldoc-go v1.0.6/go.mod h1:R5lWrNzP+7Oyn77NDVPnBsxx2/FyQZBBkIAaSaCQFxw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= diff --git a/internal/runner/options.go b/internal/runner/options.go index 65cd4ae79..56612d153 100644 --- a/internal/runner/options.go +++ b/internal/runner/options.go @@ -235,15 +235,25 @@ func validateMissingS3Options(options *types.Options) []string { if options.AwsBucketName == "" { missing = append(missing, "AWS_TEMPLATE_BUCKET") } - if options.AwsAccessKey == "" { - missing = append(missing, "AWS_ACCESS_KEY") - } - if options.AwsSecretKey == "" { - missing = append(missing, "AWS_SECRET_KEY") - } - if options.AwsRegion == "" { - missing = append(missing, "AWS_REGION") + if options.AwsProfile == "" { + var missingCreds []string + if options.AwsAccessKey == "" { + missingCreds = append(missingCreds, "AWS_ACCESS_KEY") + } + if options.AwsSecretKey == "" { + missingCreds = append(missingCreds, "AWS_SECRET_KEY") + } + if options.AwsRegion == "" { + missingCreds = append(missingCreds, "AWS_REGION") + } + + missing = append(missing, missingCreds...) + + if len(missingCreds) > 0 { + missing = append(missing, "AWS_PROFILE") + } } + return missing } @@ -449,6 +459,7 @@ func readEnvInputVars(options *types.Options) { options.AwsSecretKey = os.Getenv("AWS_SECRET_KEY") options.AwsBucketName = os.Getenv("AWS_TEMPLATE_BUCKET") options.AwsRegion = os.Getenv("AWS_REGION") + options.AwsProfile = os.Getenv("AWS_PROFILE") // Azure options for downloading templates from an Azure Blob Storage container options.AzureContainerName = os.Getenv("AZURE_CONTAINER_NAME") diff --git a/pkg/catalog/config/constants.go b/pkg/catalog/config/constants.go index f7befc379..ac4aeffcf 100644 --- a/pkg/catalog/config/constants.go +++ b/pkg/catalog/config/constants.go @@ -31,7 +31,7 @@ const ( CLIConfigFileName = "config.yaml" ReportingConfigFilename = "reporting-config.yaml" // Version is the current version of nuclei - Version = `v3.3.10` + Version = `v3.4.0` // Directory Names of custom templates CustomS3TemplatesDirName = "s3" CustomGitHubTemplatesDirName = "github" diff --git a/pkg/external/customtemplates/s3.go b/pkg/external/customtemplates/s3.go index 74f1d0f8d..1b14206e3 100644 --- a/pkg/external/customtemplates/s3.go +++ b/pkg/external/customtemplates/s3.go @@ -62,7 +62,7 @@ func (bk *customTemplateS3Bucket) Update(ctx context.Context) { func NewS3Providers(options *types.Options) ([]*customTemplateS3Bucket, error) { providers := []*customTemplateS3Bucket{} if options.AwsBucketName != "" && !options.AwsTemplateDisableDownload { - s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion) + s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion, options.AwsProfile) if err != nil { return nil, errorutil.NewWithErr(err).Msgf("error downloading s3 bucket %s", options.AwsBucketName) } @@ -104,10 +104,24 @@ func downloadToFile(downloader *manager.Downloader, targetDirectory, bucket, key return err } -func getS3Client(ctx context.Context, accessKey string, secretKey string, region string) (*s3.Client, error) { - cfg, err := config.LoadDefaultConfig(ctx, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), config.WithRegion(region)) - if err != nil { - return nil, err +func getS3Client(ctx context.Context, accessKey string, secretKey string, region string, profile string) (*s3.Client, error) { + var cfg aws.Config + var err error + if profile != "" { + cfg, err = config.LoadDefaultConfig(ctx, config.WithSharedConfigProfile(profile)) + if err != nil { + return nil, err + } + } else if accessKey != "" && secretKey != "" { + cfg, err = config.LoadDefaultConfig(ctx, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), config.WithRegion(region)) + if err != nil { + return nil, err + } + } else { + cfg, err = config.LoadDefaultConfig(ctx) + if err != nil { + return nil, err + } } return s3.NewFromConfig(cfg), nil } diff --git a/pkg/protocols/network/network.go b/pkg/protocols/network/network.go index c90f5e701..5c072affc 100644 --- a/pkg/protocols/network/network.go +++ b/pkg/protocols/network/network.go @@ -259,3 +259,7 @@ func (request *Request) Compile(options *protocols.ExecutorOptions) error { func (request *Request) Requests() int { return len(request.Address) } + +func (request *Request) SetDialer(dialer *fastdialer.Dialer) { + request.dialer = dialer +} diff --git a/pkg/protocols/utils/utils.go b/pkg/protocols/utils/utils.go index 9f65b7b6a..ed39a9b15 100644 --- a/pkg/protocols/utils/utils.go +++ b/pkg/protocols/utils/utils.go @@ -48,7 +48,7 @@ func CalculateContentLength(contentLength, bodyLength int64) int64 { return bodyLength } -// headersToString converts http headers to string +// HeadersToString converts http headers to string func HeadersToString(headers http.Header) string { builder := &strings.Builder{} diff --git a/pkg/templates/templates.go b/pkg/templates/templates.go index c15eb2f5e..942988cf8 100644 --- a/pkg/templates/templates.go +++ b/pkg/templates/templates.go @@ -317,7 +317,7 @@ func (template *Template) MarshalYAML() ([]byte, error) { return out, multierr.Append(marshalErr, errValidate) } -// MarshalYAML forces recursive struct validation after unmarshal operation +// UnmarshalYAML forces recursive struct validation after unmarshal operation func (template *Template) UnmarshalYAML(unmarshal func(interface{}) error) error { type Alias Template alias := &Alias{} @@ -475,7 +475,7 @@ func (template *Template) GetFileImports() []string { return template.ImportedFiles } -// addProtocolsToQueue adds protocol requests to the queue and preserves order of the protocols and requests +// addRequestsToQueue adds protocol requests to the queue and preserves order of the protocols and requests func (template *Template) addRequestsToQueue(keys ...string) { for _, key := range keys { switch key { diff --git a/pkg/types/types.go b/pkg/types/types.go index 0527109df..41c95ef68 100644 --- a/pkg/types/types.go +++ b/pkg/types/types.go @@ -345,6 +345,8 @@ type Options struct { GitLabTemplateRepositoryIDs []int // GitLabTemplateDisableDownload disables downloading templates from custom GitLab repositories GitLabTemplateDisableDownload bool + // AWS access profile from ~/.aws/credentials file for downloading templates from S3 bucket + AwsProfile string // AWS access key for downloading templates from S3 bucket AwsAccessKey string // AWS secret key for downloading templates from S3 bucket