External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-17 20:55:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

integration test

Browse Source
This commit is contained in:
Mzack9999 2025-08-25 15:13:23 +02:00
parent efcef55681
commit f20f95f67e
3 changed files with 95 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
cmd/integration-test/javascript.go
View File

@ -15,11 +15,13 @@ var jsTestcases = []TestCaseInfo{
{Path: "protocols/javascript/ssh-server-fingerprint.yaml", TestCase: &javascriptSSHServerFingerprint{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }}, {Path: "protocols/javascript/ssh-server-fingerprint.yaml", TestCase: &javascriptSSHServerFingerprint{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
{Path: "protocols/javascript/net-multi-step.yaml", TestCase: &networkMultiStep{}}, {Path: "protocols/javascript/net-multi-step.yaml", TestCase: &networkMultiStep{}},
{Path: "protocols/javascript/net-https.yaml", TestCase: &javascriptNetHttps{}}, {Path: "protocols/javascript/net-https.yaml", TestCase: &javascriptNetHttps{}},
{Path: "protocols/javascript/vnc-pass-brute.yaml", TestCase: &javascriptVncPassBrute{}},
} }
var ( var (
redisResource *dockertest.Resource redisResource *dockertest.Resource
sshResource *dockertest.Resource sshResource *dockertest.Resource
vncResource *dockertest.Resource
pool *dockertest.Pool pool *dockertest.Pool
defaultRetry = 3 defaultRetry = 3
) )
@ -98,6 +100,38 @@ func (j *javascriptSSHServerFingerprint) Execute(filePath string) error {
return multierr.Combine(errs...) return multierr.Combine(errs...)
} }
type javascriptVncPassBrute struct{}
func (j *javascriptVncPassBrute) Execute(filePath string) error {
if vncResource == nil || pool == nil {
// skip test as vnc is not running
return nil
}
tempPort := vncResource.GetPort("5900/tcp")
finalURL := "localhost:" + tempPort
defer purge(vncResource)
errs := []error{}
for i := 0; i < defaultRetry; i++ {
results := []string{}
var err error
_ = pool.Retry(func() error {
//let ssh server start
time.Sleep(3 * time.Second)
results, err = testutils.RunNucleiTemplateAndGetResults(filePath, finalURL, debug)
return nil
})
if err != nil {
return err
}
if err := expectResultsCount(results, 1); err == nil {
return nil
} else {
errs = append(errs, err)
}
}
return multierr.Combine(errs...)
}
// purge any given resource if it is not nil // purge any given resource if it is not nil
func purge(resource *dockertest.Resource) { func purge(resource *dockertest.Resource) {
if resource != nil && pool != nil { if resource != nil && pool != nil {
@ -163,4 +197,22 @@ func init() {
if err := sshResource.Expire(30); err != nil { if err := sshResource.Expire(30); err != nil {
log.Printf("Could not expire resource: %s", err) log.Printf("Could not expire resource: %s", err)
} }
// setup a temporary vnc server
vncResource, err = pool.RunWithOptions(&dockertest.RunOptions{
Repository: "dorowu/ubuntu-desktop-lxde-vnc",
Tag: "latest",
Env: []string{
"VNC_PASSWORD=mysecret",
},
Platform: "linux/amd64",
})
if err != nil {
log.Printf("Could not start resource: %s", err)
return
}
// by default expire after 30 sec
if err := vncResource.Expire(30); err != nil {
log.Printf("Could not expire resource: %s", err)
}
} }

38
integration_tests/protocols/javascript/vnc-pass-brute.yaml Normal file
View File

@ -0,0 +1,38 @@
id: vnc-password-test
info:
name: VNC Password Authentication Test
author: pdteam
severity: high
description: |
Tests VNC authentication with correct and incorrect passwords.
metadata:
shodan-query: product:"vnc"
tags: js,network,vnc,authentication
javascript:
- pre-condition: |
isPortOpen(Host,Port)
code: |
let vnc = require('nuclei/vnc');
let client = new vnc.VNCClient();
client.Connect(Host, Port, Password);
args:
Host: "{{Host}}"
Port: "5900"
Password: "{{passwords}}"
payloads:
passwords:
- ""
- root
- password
- admin
- mysecret
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- "success == true"

7
pkg/js/libs/vnc/vnc.go
View File

@ -83,7 +83,7 @@ func connect(executionId string, host string, port int, password string) (bool,
vncConfig := vnclib.NewClientConfig(password) vncConfig := vnclib.NewClientConfig(password)
// Attempt to connect and authenticate // Attempt to connect and authenticate
_, err = vnclib.Connect(context.TODO(), conn, vncConfig) c, err := vnclib.Connect(context.TODO(), conn, vncConfig)
if err != nil { if err != nil {
// Check for specific authentication errors // Check for specific authentication errors
if isAuthError(err) { if isAuthError(err) {
@ -91,6 +91,9 @@ func connect(executionId string, host string, port int, password string) (bool,
} }
return false, err // Connection or other error return false, err // Connection or other error
} }
if c != nil {
_ = c.Close()
}
return true, nil return true, nil
} }
@ -103,7 +106,7 @@ func isAuthError(err error) bool {
// Check for common VNC authentication error messages // Check for common VNC authentication error messages
errStr := err.Error() errStr := err.Error()
return stringsutil.ContainsAny(errStr, "authentication", "auth", "password", "invalid", "failed") return stringsutil.ContainsAnyI(errStr, "authentication", "auth", "password", "invalid", "failed")
} }
// IsVNC checks if a host is running a VNC server. // IsVNC checks if a host is running a VNC server.