mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-17 22:45:28 +00:00
f26996cb89
* introducing execution id * wip * . * adding separate execution context id * lint * vet * fixing pg dialers * test ignore * fixing loader FD limit * test * fd fix * wip: remove CloseProcesses() from dev merge * wip: fix merge issue * protocolstate: stop memguarding on last dialer delete * avoid data race in dialers.RawHTTPClient * use shared logger and avoid race conditions * use shared logger and avoid race conditions * go mod * patch executionId into compiled template cache * clean up comment in Parse * go mod update * bump echarts * address merge issues * fix use of gologger * switch cmd/nuclei to options.Logger * address merge issues with go.mod * go vet: address copy of lock with new Copy function * fixing tests * disable speed control * fix nil ExecuterOptions * removing deprecated code * fixing result print * default logger * cli default logger * filter warning from results * fix performance test * hardcoding path * disable upload * refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg` Signed-off-by: Dwi Siswanto <git@dw1.io> * Revert "disable upload" This reverts commit 114fbe6663361bf41cf8b2645fd2d57083d53682. * Revert "hardcoding path" This reverts commit cf12ca800e0a0e974bd9fd4826a24e51547f7c00. --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> Co-authored-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com>
153 lines
3.4 KiB
Go
153 lines
3.4 KiB
Go
package fuzzplayground
|
|
|
|
import (
|
|
"database/sql"
|
|
"encoding/xml"
|
|
"fmt"
|
|
"os"
|
|
"strconv"
|
|
"strings"
|
|
|
|
_ "github.com/mattn/go-sqlite3"
|
|
)
|
|
|
|
var (
|
|
db *sql.DB
|
|
tempDBDir string
|
|
)
|
|
|
|
func init() {
|
|
dir, err := os.MkdirTemp("", "fuzzplayground-*")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
tempDBDir = dir
|
|
|
|
db, err = sql.Open("sqlite3", fmt.Sprintf("file:%v/test.db?cache=shared&mode=memory", tempDBDir))
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
addDummyUsers(db)
|
|
addDummyPosts(db)
|
|
}
|
|
|
|
// Cleanup cleans up the temporary database directory
|
|
func Cleanup() {
|
|
if db != nil {
|
|
_ = db.Close()
|
|
}
|
|
if tempDBDir != "" {
|
|
_ = os.RemoveAll(tempDBDir)
|
|
}
|
|
}
|
|
|
|
type User struct {
|
|
XMLName xml.Name `xml:"user"`
|
|
ID int `xml:"id"`
|
|
Name string `xml:"name"`
|
|
Age int `xml:"age"`
|
|
Role string `xml:"role"`
|
|
}
|
|
|
|
func addDummyUsers(db *sql.DB) {
|
|
_, err := db.Exec("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, name TEXT, age INTEGER, role TEXT)")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
_, err = db.Exec("INSERT INTO users (id , name, age, role) VALUES (1,'admin', 30, 'admin')")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
_, err = db.Exec("INSERT INTO users (id , name, age, role) VALUES (75,'user', 30, 'user')")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
func patchUnsanitizedUser(db *sql.DB, user User) error {
|
|
setClauses := ""
|
|
|
|
if user.Name != "" {
|
|
setClauses += "name = '" + user.Name + "', "
|
|
}
|
|
if user.Age > 0 {
|
|
setClauses += "age = " + strconv.Itoa(user.Age) + ", "
|
|
}
|
|
if user.Role != "" {
|
|
setClauses += "role = '" + user.Role + "', "
|
|
}
|
|
if setClauses == "" {
|
|
// No fields to update
|
|
return nil
|
|
}
|
|
setClauses = strings.TrimSuffix(setClauses, ", ")
|
|
|
|
query := "UPDATE users SET " + setClauses + " WHERE id = ?"
|
|
_, err := db.Exec(query, user.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func getUnsanitizedUser(db *sql.DB, id string) (User, error) {
|
|
var user User
|
|
err := db.QueryRow("SELECT id, name, age, role FROM users WHERE id = "+id).Scan(&user.ID, &user.Name, &user.Age, &user.Role)
|
|
if err != nil {
|
|
return user, err
|
|
}
|
|
return user, nil
|
|
}
|
|
|
|
type Posts struct {
|
|
ID int
|
|
Title string
|
|
Content string
|
|
Lang string
|
|
}
|
|
|
|
func addDummyPosts(db *sql.DB) {
|
|
_, err := db.Exec("CREATE TABLE IF NOT EXISTS posts (id INTEGER PRIMARY KEY, title TEXT, content TEXT, lang TEXT)")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
// Inserting English dummy posts
|
|
_, err = db.Exec("INSERT INTO posts (id, title, content, lang) VALUES (1, 'The Joy of Programming', 'Programming is like painting a canvas with logic.', 'en')")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
_, err = db.Exec("INSERT INTO posts (id, title, content, lang) VALUES (2, 'A Journey Through Code', 'Every line of code tells a story.', 'en')")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
// Inserting a Spanish dummy post
|
|
_, err = db.Exec("INSERT INTO posts (id, title, content, lang) VALUES (3, 'La belleza del código', 'Cada función es un poema en un mar de algoritmos.', 'es')")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
func getUnsanitizedPostsByLang(db *sql.DB, lang string) ([]Posts, error) {
|
|
var posts []Posts
|
|
query := "SELECT id, title, content, lang FROM posts WHERE lang = '" + lang + "'"
|
|
rows, err := db.Query(query)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer func() {
|
|
_ = rows.Close()
|
|
}()
|
|
|
|
for rows.Next() {
|
|
var post Posts
|
|
if err := rows.Scan(&post.ID, &post.Title, &post.Content, &post.Lang); err != nil {
|
|
return nil, err
|
|
}
|
|
posts = append(posts, post)
|
|
}
|
|
if err = rows.Err(); err != nil {
|
|
return nil, err
|
|
}
|
|
return posts, nil
|
|
}
|