mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-17 19:45:28 +00:00
f26996cb89
* introducing execution id * wip * . * adding separate execution context id * lint * vet * fixing pg dialers * test ignore * fixing loader FD limit * test * fd fix * wip: remove CloseProcesses() from dev merge * wip: fix merge issue * protocolstate: stop memguarding on last dialer delete * avoid data race in dialers.RawHTTPClient * use shared logger and avoid race conditions * use shared logger and avoid race conditions * go mod * patch executionId into compiled template cache * clean up comment in Parse * go mod update * bump echarts * address merge issues * fix use of gologger * switch cmd/nuclei to options.Logger * address merge issues with go.mod * go vet: address copy of lock with new Copy function * fixing tests * disable speed control * fix nil ExecuterOptions * removing deprecated code * fixing result print * default logger * cli default logger * filter warning from results * fix performance test * hardcoding path * disable upload * refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg` Signed-off-by: Dwi Siswanto <git@dw1.io> * Revert "disable upload" This reverts commit 114fbe6663361bf41cf8b2645fd2d57083d53682. * Revert "hardcoding path" This reverts commit cf12ca800e0a0e974bd9fd4826a24e51547f7c00. --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> Co-authored-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com>
86 lines
2.7 KiB
Go
86 lines
2.7 KiB
Go
package runner
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"sync/atomic"
|
|
"time"
|
|
|
|
"github.com/pkg/errors"
|
|
"github.com/projectdiscovery/hmap/store/hybrid"
|
|
"github.com/projectdiscovery/httpx/common/httpx"
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/input/provider"
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/utils"
|
|
stringsutil "github.com/projectdiscovery/utils/strings"
|
|
syncutil "github.com/projectdiscovery/utils/sync"
|
|
)
|
|
|
|
// initializeTemplatesHTTPInput initializes the http form of input
|
|
// for any loaded http templates if input is in non-standard format.
|
|
func (r *Runner) initializeTemplatesHTTPInput() (*hybrid.HybridMap, error) {
|
|
hm, err := hybrid.New(hybrid.DefaultDiskOptions)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "could not create temporary input file")
|
|
}
|
|
if r.inputProvider.InputType() == provider.MultiFormatInputProvider {
|
|
// currently http probing for input mode types is not supported
|
|
return hm, nil
|
|
}
|
|
r.Logger.Info().Msgf("Running httpx on input host")
|
|
|
|
httpxOptions := httpx.DefaultOptions
|
|
if r.options.AliveHttpProxy != "" {
|
|
httpxOptions.Proxy = r.options.AliveHttpProxy
|
|
} else if r.options.AliveSocksProxy != "" {
|
|
httpxOptions.Proxy = r.options.AliveSocksProxy
|
|
}
|
|
httpxOptions.RetryMax = r.options.Retries
|
|
httpxOptions.Timeout = time.Duration(r.options.Timeout) * time.Second
|
|
|
|
dialers := protocolstate.GetDialersWithId(r.options.ExecutionId)
|
|
if dialers == nil {
|
|
return nil, fmt.Errorf("dialers not initialized for %s", r.options.ExecutionId)
|
|
}
|
|
|
|
httpxOptions.NetworkPolicy = dialers.NetworkPolicy
|
|
httpxClient, err := httpx.New(&httpxOptions)
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "could not create httpx client")
|
|
}
|
|
|
|
// Probe the non-standard URLs and store them in cache
|
|
swg, err := syncutil.New(syncutil.WithSize(r.options.BulkSize))
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "could not create adaptive group")
|
|
}
|
|
var count atomic.Int32
|
|
r.inputProvider.Iterate(func(value *contextargs.MetaInput) bool {
|
|
if stringsutil.HasPrefixAny(value.Input, "http://", "https://") {
|
|
return true
|
|
}
|
|
|
|
if r.options.ProbeConcurrency > 0 && swg.Size != r.options.ProbeConcurrency {
|
|
if err := swg.Resize(context.Background(), r.options.ProbeConcurrency); err != nil {
|
|
r.Logger.Error().Msgf("Could not resize workpool: %s\n", err)
|
|
}
|
|
}
|
|
|
|
swg.Add()
|
|
go func(input *contextargs.MetaInput) {
|
|
defer swg.Done()
|
|
|
|
if result := utils.ProbeURL(input.Input, httpxClient); result != "" {
|
|
count.Add(1)
|
|
_ = hm.Set(input.Input, []byte(result))
|
|
}
|
|
}(value)
|
|
return true
|
|
})
|
|
swg.Wait()
|
|
|
|
r.Logger.Info().Msgf("Found %d URL from httpx", count.Load())
|
|
return hm, nil
|
|
}
|