mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-17 20:25:27 +00:00
dc44105baf
* use parsed options while signing * update project layout to v3 * fix .gitignore * remove example template * misc updates * bump tlsx version * hide template sig warning with env * js: retain value while using log * fix nil pointer derefernce * misc doc update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
76 lines
2.4 KiB
Go
76 lines
2.4 KiB
Go
package http
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/disk"
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/generators"
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/types"
|
|
)
|
|
|
|
func TestRequestGeneratorPaths(t *testing.T) {
|
|
req := &Request{
|
|
Path: []string{"{{BaseURL}}/test", "{{BaseURL}}/test.php"},
|
|
}
|
|
generator := req.newGenerator(false)
|
|
var payloads []string
|
|
for {
|
|
raw, _, ok := generator.nextValue()
|
|
if !ok {
|
|
break
|
|
}
|
|
payloads = append(payloads, raw)
|
|
}
|
|
require.Equal(t, req.Path, payloads, "Could not get correct paths")
|
|
}
|
|
|
|
func TestRequestGeneratorClusterBombSingle(t *testing.T) {
|
|
var err error
|
|
|
|
req := &Request{
|
|
Payloads: map[string]interface{}{"username": []string{"admin", "tomcat", "manager"}, "password": []string{"password", "test", "secret"}},
|
|
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
|
|
Raw: []string{`GET /{{username}}:{{password}} HTTP/1.1`},
|
|
}
|
|
catalogInstance := disk.NewCatalog("")
|
|
req.generator, err = generators.New(req.Payloads, req.AttackType.Value, "", catalogInstance, "", types.DefaultOptions())
|
|
require.Nil(t, err, "could not create generator")
|
|
|
|
generator := req.newGenerator(false)
|
|
var payloads []map[string]interface{}
|
|
for {
|
|
_, data, ok := generator.nextValue()
|
|
if !ok {
|
|
break
|
|
}
|
|
payloads = append(payloads, data)
|
|
}
|
|
require.Equal(t, 9, len(payloads), "Could not get correct number of payloads")
|
|
}
|
|
|
|
func TestRequestGeneratorClusterBombMultipleRaw(t *testing.T) {
|
|
var err error
|
|
|
|
req := &Request{
|
|
Payloads: map[string]interface{}{"username": []string{"admin", "tomcat", "manager"}, "password": []string{"password", "test", "secret"}},
|
|
AttackType: generators.AttackTypeHolder{Value: generators.ClusterBombAttack},
|
|
Raw: []string{`GET /{{username}}:{{password}} HTTP/1.1`, `GET /{{username}}@{{password}} HTTP/1.1`},
|
|
}
|
|
catalogInstance := disk.NewCatalog("")
|
|
req.generator, err = generators.New(req.Payloads, req.AttackType.Value, "", catalogInstance, "", types.DefaultOptions())
|
|
require.Nil(t, err, "could not create generator")
|
|
|
|
generator := req.newGenerator(false)
|
|
var payloads []map[string]interface{}
|
|
for {
|
|
_, data, ok := generator.nextValue()
|
|
if !ok {
|
|
break
|
|
}
|
|
payloads = append(payloads, data)
|
|
}
|
|
require.Equal(t, 18, len(payloads), "Could not get correct number of payloads")
|
|
}
|