mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-18 17:25:28 +00:00
a7fb15d0bd
* Adding support for code templates * adding support for python, powershell and echo (test) * removing debug code * introducing command + trivial trust store mechanism * updating tests * adding basic tests * removing deprecated oracle * mod tidy * adding signature proto with debug prints * removing debug code * fixing test * fixing param order * improving test conditional build * disable file+offlinehttp+code with cloud * adding env vars * removing debug code * reorganizing test folders * adding code template test prototype with dummy priv/pub keys * bump go to 1.20 * fixing go version * fixing lint errors * adding fatal on pub-key test failure * switching to ecdsa asn1 * removing unused signature * fixing signature * adding more tests * extending core with engine args + powershell win test * adding unsigned code test * skip template signing in particular test case * improving test coverage * refactoring key names + adding already signed algo * removing debug code * fixing syntax * fixing lint issues * removing test template * fixing dns tests path * output fmt * adding interact * fixing lint issues * adding -sign cli helper * fixing nil pointer + parse inline keys * making rsa default * adding code prot. ref * moving file to correct loc * moving test * Issue 3339 headless fuzz (#3790) * Basic headless fuzzing * Remove debug statements * Add integration tests * Update template * Fix recognize payload value in matcher * Update tempalte * use req.SetURL() --------- Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io> * Auto Generate Syntax Docs + JSONSchema [Fri Jun 9 00:23:32 UTC 2023] 🤖 * Add headless header and status matchers (#3794) * add headless header and status matchers * rename headers as header * add integration test for header+status * fix typo * add retry to py-interactsh integration test --------- Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io> Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io> Co-authored-by: GitHub Action <action@github.com> Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com> Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
181 lines
4.4 KiB
Go
181 lines
4.4 KiB
Go
package main
|
|
|
|
import (
|
|
"errors"
|
|
"log"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
osutils "github.com/projectdiscovery/utils/os"
|
|
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/templates/signer"
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
|
|
"github.com/projectdiscovery/nuclei/v2/pkg/utils"
|
|
)
|
|
|
|
var codeTestCases = map[string]testutils.TestCase{
|
|
"protocols/code/py-snippet.yaml": &codeSnippet{},
|
|
"protocols/code/py-file.yaml": &codeFile{},
|
|
"protocols/code/py-env-var.yaml": &codeEnvVar{},
|
|
"protocols/code/unsigned.yaml": &unsignedCode{},
|
|
"protocols/code/rsa-signed.yaml": &rsaSignedCode{},
|
|
"protocols/code/py-interactsh.yaml": &codeSnippet{},
|
|
}
|
|
|
|
var (
|
|
ecdsaPrivateKeyAbsPath string
|
|
ecdsaPublicKeyAbsPath string
|
|
|
|
// rsaPrivateKeyAbsPath string
|
|
rsaPublicKeyAbsPath string
|
|
)
|
|
|
|
func init() {
|
|
var err error
|
|
ecdsaPrivateKeyAbsPath, err = filepath.Abs("protocols/code/ecdsa-priv-key.pem")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
ecdsaPublicKeyAbsPath, err = filepath.Abs("protocols/code/ecdsa-pub-key.pem")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// rsaPrivateKeyAbsPath, err = filepath.Abs("protocols/code/rsa-priv-key.pem")
|
|
// if err != nil {
|
|
// panic(err)
|
|
// }
|
|
rsaPublicKeyAbsPath, err = filepath.Abs("protocols/code/rsa-pub-key.pem")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
if osutils.IsWindows() {
|
|
codeTestCases["protocols/code/ps1-snippet.yaml"] = &codeSnippet{}
|
|
}
|
|
|
|
signTemplates()
|
|
}
|
|
|
|
// signTemplates tests the signing procedure on various platforms
|
|
func signTemplates() {
|
|
signerOptions := &signer.Options{
|
|
PrivateKeyName: ecdsaPrivateKeyAbsPath,
|
|
PublicKeyName: ecdsaPublicKeyAbsPath,
|
|
Algorithm: signer.ECDSA,
|
|
}
|
|
sign, err := signer.New(signerOptions)
|
|
if err != nil {
|
|
log.Fatalf("couldn't create crypto engine: %s\n", err)
|
|
}
|
|
|
|
for templatePath, testCase := range codeTestCases {
|
|
templatePath, err := filepath.Abs(templatePath)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// skip
|
|
// - unsigned test case
|
|
if _, ok := testCase.(*unsignedCode); ok {
|
|
continue
|
|
}
|
|
// - already rsa signed
|
|
if _, ok := testCase.(*rsaSignedCode); ok {
|
|
continue
|
|
}
|
|
|
|
if err := utils.ProcessFile(sign, templatePath); err != nil {
|
|
log.Fatalf("Could not walk directory: %s\n", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
func prepareEnv(keypath string) {
|
|
os.Setenv("NUCLEI_SIGNATURE_PUBLIC_KEY", keypath)
|
|
os.Setenv("NUCLEI_SIGNATURE_ALGORITHM", "ecdsa")
|
|
}
|
|
|
|
func tearDownEnv() {
|
|
os.Unsetenv("NUCLEI_SIGNATURE_PUBLIC_KEY")
|
|
os.Unsetenv("NUCLEI_SIGNATURE_ALGORITHM")
|
|
}
|
|
|
|
type codeSnippet struct{}
|
|
|
|
// Execute executes a test case and returns an error if occurred
|
|
func (h *codeSnippet) Execute(filePath string) error {
|
|
prepareEnv(ecdsaPublicKeyAbsPath)
|
|
defer tearDownEnv()
|
|
|
|
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "input", debug)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return expectResultsCount(results, 1)
|
|
}
|
|
|
|
type codeFile struct{}
|
|
|
|
// Execute executes a test case and returns an error if occurred
|
|
func (h *codeFile) Execute(filePath string) error {
|
|
prepareEnv(ecdsaPublicKeyAbsPath)
|
|
defer tearDownEnv()
|
|
|
|
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "input", debug)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return expectResultsCount(results, 1)
|
|
}
|
|
|
|
type codeEnvVar struct{}
|
|
|
|
// Execute executes a test case and returns an error if occurred
|
|
func (h *codeEnvVar) Execute(filePath string) error {
|
|
prepareEnv(ecdsaPublicKeyAbsPath)
|
|
defer tearDownEnv()
|
|
|
|
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "input", debug, "-V", "baz=baz")
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return expectResultsCount(results, 1)
|
|
}
|
|
|
|
type unsignedCode struct{}
|
|
|
|
// Execute executes a test case and returns an error if occurred
|
|
func (h *unsignedCode) Execute(filePath string) error {
|
|
prepareEnv(ecdsaPublicKeyAbsPath)
|
|
defer tearDownEnv()
|
|
|
|
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "input", debug)
|
|
|
|
// should error out
|
|
if err != nil {
|
|
return nil
|
|
}
|
|
|
|
// this point should never be reached
|
|
return errors.Join(expectResultsCount(results, 1), errors.New("unsigned template was executed"))
|
|
}
|
|
|
|
type rsaSignedCode struct{}
|
|
|
|
// Execute executes a test case and returns an error if occurred
|
|
func (h *rsaSignedCode) Execute(filePath string) error {
|
|
prepareEnv(rsaPublicKeyAbsPath)
|
|
defer tearDownEnv()
|
|
|
|
results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "input", debug)
|
|
|
|
// should error out
|
|
if err != nil {
|
|
return nil
|
|
}
|
|
|
|
// this point should never be reached
|
|
return errors.Join(expectResultsCount(results, 1), errors.New("unsigned template was executed"))
|
|
}
|