This introduces a "nucleitcp" protocol that Nuclei will use when
making MySQL connections as part of its templates.
Previously, this would register (and de-register!) a custom "tcp"
dialer, and that applied globally, so any piece of software that
used a MySQL database and included nuclei in SDK mode would have
its database connections ripped out from under it due to the dialer
hijacking.
By using "nucleitcp" as the protocol, we are free to do whatever
we want with the dialer and not impact any other packages.
Within our `BuildDSN` function, we quietly replace the protocol to
"nucleitcp" if it was "tcp", so nuclei developers don't have to do
anything special to use this functionality; it will always do it.
* Move proxy variable from global to options
- Provides ability to pass diff proxy in single nuclei instance using sdk
* add type check (resolve comments)
* feat: added fuzzing output enhancements
* changes as requested
* misc
* feat: added dfp flag to display fuzz points + misc additions
* feat: added support for fuzzing nested path segments
* feat: added parts to fuzzing requests
* feat: added tracking for parameter occurence frequency in fuzzing
* added cli flag for fuzz frequency
* fixed broken tests
* fixed path based sqli integration test
* feat: added configurable fuzzing aggression level for payloads
* fixed failing test
* feat: added analyzers implementation for fuzzing
* feat: misc changes to analyzer
* feat: misc additions of units + tests fix
* misc changes to implementation
I have that error displayed which sounds grammatically wrong:
Could not execute request for http://x.x.x.x/: could get html element: error occurred executing action: [:RUNTIME] could not navigate to url http://x.x.x.x/login <- navigation failed: net::ERR_ADDRESS_UNREACHABLE
* bump gozero + improve debug mode (code protocol)
* run failed integration again assuming they are flaky
* dep update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* feat: global matchers
Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>
* feat(globalmatchers): make `Callback` as type
Signed-off-by: Dwi Siswanto <git@dw1.io>
* feat: update `passive` term to `(matchers-)static`
Signed-off-by: Dwi Siswanto <git@dw1.io>
* feat(globalmatchers): add `origin-template-*` event
also use `Set` method instead of `maps.Clone`
Signed-off-by: Dwi Siswanto <git@dw1.io>
* feat: update `matchers-static` term to `global-matchers`
Signed-off-by: Dwi Siswanto <git@dw1.io>
* feat(globalmatchers): clone event before `operator.Execute`
Signed-off-by: Dwi Siswanto <git@dw1.io>
* fix(tmplexec): don't store `matched` on `global-matchers` templ
This will end up generating 2 events from the same
`scan.ScanContext` if one of the templates has
`global-matchers` enabled. This way, non-
`global-matchers` templates can enter the
`writeFailureCallback` func to log failure output.
Signed-off-by: Dwi Siswanto <git@dw1.io>
* feat(globalmatchers): initializes `requests` on `New`
Signed-off-by: Dwi Siswanto <git@dw1.io>
* feat(globalmatchers): add `hasStorage` method
Signed-off-by: Dwi Siswanto <git@dw1.io>
* refactor(templates): rename global matchers checks method
Signed-off-by: Dwi Siswanto <git@dw1.io>
* fix(loader): handle nil `templates.Template` pointer
Signed-off-by: Dwi Siswanto <git@dw1.io>
---------
Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>
added a check in `addCNameIfAvailable` to ensure
the `Dialer` isnot NIL before attempting to fetch
DNS data.
this prevents potential panics (ex. SIGSEGV) when
the `Dialer` is closed due to an interruption.
Signed-off-by: Dwi Siswanto <git@dw1.io>
* misc update
* chore(deps): bump github.com/gin-gonic/gin from 1.9.0 to 1.9.1 (#4252)
Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/gin-gonic/gin/releases)
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gin-gonic/gin/compare/v1.9.0...v1.9.1)
---
updated-dependencies:
- dependency-name: github.com/gin-gonic/gin
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/docker/docker (#4316)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.5+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.5...v24.0.7)
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix README_CN.md typos (#4369)
* version update
* Add more support for `fs.FS` in the disk catalog
This adds more support for `fs.FS` in the disk catalog. This
fixes some places where direct `os` file-related calls were being
made to use the catalog interface instead.
Note that the JavaScript compiler *still* does not work in any
context where the `pkg/js/libs/fs` package is used. In particular,
the `ReadFilesFromDir` function is hard-coded to use the `os`
package and not respect the catalog.
* Remove some testing artifacts
* Wrap up
* Unwind other changes
* Add a LoadHelperFileFunction to Options
* Use a direct func
* Tweak validation
* Use a function type
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xc1Ym <xuedongyuming2233@gmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
* feat: conditionally panic-recover
As discussed with @Mzack9999, we should avoid
overusing panic-recover. We need to review the RCA
first to determine whether this is an exceptional
situation or if it's a higher-level function meant
to recover from a panic. This approach will help
us establish a robust error-handling strategy.
The implementation of panic-recover should be
conditional and NOT applied when running in a CI
environment AND IS temporary. Once we've caught
all errors and made the necessary corrections, we
can remove the deferred recover function.
Signed-off-by: Dwi Siswanto <git@dw1.io>
* chore(deps): bump `go-ci` to v1.0.2
Signed-off-by: Dwi Siswanto <git@dw1.io>
* chore(make): add `-race` to `GOFLAGS` in `test`
Signed-off-by: Dwi Siswanto <git@dw1.io>
---------
Signed-off-by: Dwi Siswanto <git@dw1.io>
* fail if OnResult callback is not called
* generate error message from error logs
* try..parse..
* fix lint
* add error message to last matcher event
* fix network protocol error logging
* log returned log from ExecuteWithResults
* add back specific logging
* clean up the msg
* minor
* init integration test for -ms
* add tests for http,network,js,ws protocols
* fix lint
* fix network test
* return err for dns protocol
* add integration test for dns protocol
* Apply input transformation to multi-protocol template execution
* Remove ad hoc input transoformation from DNS protocol
* Add SSL protocol input transformer
* Remove ad hoc input transoformation from SSL protocol
* Remove unused function extractDomain from the DNS protocol engine
* transform in flow as well
* bug fix + update test
* bug fix multi proto
:
* bug fix multi proto input
* bug fixes in input transform
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
