mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-18 00:55:27 +00:00
f26996cb89
* introducing execution id * wip * . * adding separate execution context id * lint * vet * fixing pg dialers * test ignore * fixing loader FD limit * test * fd fix * wip: remove CloseProcesses() from dev merge * wip: fix merge issue * protocolstate: stop memguarding on last dialer delete * avoid data race in dialers.RawHTTPClient * use shared logger and avoid race conditions * use shared logger and avoid race conditions * go mod * patch executionId into compiled template cache * clean up comment in Parse * go mod update * bump echarts * address merge issues * fix use of gologger * switch cmd/nuclei to options.Logger * address merge issues with go.mod * go vet: address copy of lock with new Copy function * fixing tests * disable speed control * fix nil ExecuterOptions * removing deprecated code * fixing result print * default logger * cli default logger * filter warning from results * fix performance test * hardcoding path * disable upload * refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg` Signed-off-by: Dwi Siswanto <git@dw1.io> * Revert "disable upload" This reverts commit 114fbe6663361bf41cf8b2645fd2d57083d53682. * Revert "hardcoding path" This reverts commit cf12ca800e0a0e974bd9fd4826a24e51547f7c00. --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> Co-authored-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com>
211 lines
5.7 KiB
Go
211 lines
5.7 KiB
Go
package redis
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
|
|
"github.com/redis/go-redis/v9"
|
|
|
|
"github.com/praetorian-inc/fingerprintx/pkg/plugins"
|
|
pluginsredis "github.com/praetorian-inc/fingerprintx/pkg/plugins/services/redis"
|
|
)
|
|
|
|
// GetServerInfo returns the server info for a redis server
|
|
// @example
|
|
// ```javascript
|
|
// const redis = require('nuclei/redis');
|
|
// const info = redis.GetServerInfo('acme.com', 6379);
|
|
// ```
|
|
func GetServerInfo(ctx context.Context, host string, port int) (string, error) {
|
|
executionId := ctx.Value("executionId").(string)
|
|
return memoizedgetServerInfo(executionId, host, port)
|
|
}
|
|
|
|
// @memo
|
|
func getServerInfo(executionId string, host string, port int) (string, error) {
|
|
if !protocolstate.IsHostAllowed(executionId, host) {
|
|
// host is not valid according to network policy
|
|
return "", protocolstate.ErrHostDenied.Msgf(host)
|
|
}
|
|
// create a new client
|
|
client := redis.NewClient(&redis.Options{
|
|
Addr: fmt.Sprintf("%s:%d", host, port),
|
|
Password: "", // no password set
|
|
DB: 0, // use default DB
|
|
})
|
|
defer func() {
|
|
_ = client.Close()
|
|
}()
|
|
|
|
// Ping the Redis server
|
|
_, err := client.Ping(context.TODO()).Result()
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
// Get Redis server info
|
|
infoCmd := client.Info(context.TODO())
|
|
if infoCmd.Err() != nil {
|
|
return "", infoCmd.Err()
|
|
}
|
|
|
|
return infoCmd.Val(), nil
|
|
}
|
|
|
|
// Connect tries to connect redis server with password
|
|
// @example
|
|
// ```javascript
|
|
// const redis = require('nuclei/redis');
|
|
// const connected = redis.Connect('acme.com', 6379, 'password');
|
|
// ```
|
|
func Connect(ctx context.Context, host string, port int, password string) (bool, error) {
|
|
executionId := ctx.Value("executionId").(string)
|
|
return memoizedconnect(executionId, host, port, password)
|
|
}
|
|
|
|
// @memo
|
|
func connect(executionId string, host string, port int, password string) (bool, error) {
|
|
if !protocolstate.IsHostAllowed(executionId, host) {
|
|
// host is not valid according to network policy
|
|
return false, protocolstate.ErrHostDenied.Msgf(host)
|
|
}
|
|
// create a new client
|
|
client := redis.NewClient(&redis.Options{
|
|
Addr: fmt.Sprintf("%s:%d", host, port),
|
|
Password: password, // no password set
|
|
DB: 0, // use default DB
|
|
})
|
|
defer func() {
|
|
_ = client.Close()
|
|
}()
|
|
|
|
_, err := client.Ping(context.TODO()).Result()
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
// Get Redis server info
|
|
infoCmd := client.Info(context.TODO())
|
|
if infoCmd.Err() != nil {
|
|
return false, infoCmd.Err()
|
|
}
|
|
|
|
return true, nil
|
|
}
|
|
|
|
// GetServerInfoAuth returns the server info for a redis server
|
|
// @example
|
|
// ```javascript
|
|
// const redis = require('nuclei/redis');
|
|
// const info = redis.GetServerInfoAuth('acme.com', 6379, 'password');
|
|
// ```
|
|
func GetServerInfoAuth(ctx context.Context, host string, port int, password string) (string, error) {
|
|
executionId := ctx.Value("executionId").(string)
|
|
return memoizedgetServerInfoAuth(executionId, host, port, password)
|
|
}
|
|
|
|
// @memo
|
|
func getServerInfoAuth(executionId string, host string, port int, password string) (string, error) {
|
|
if !protocolstate.IsHostAllowed(executionId, host) {
|
|
// host is not valid according to network policy
|
|
return "", protocolstate.ErrHostDenied.Msgf(host)
|
|
}
|
|
// create a new client
|
|
client := redis.NewClient(&redis.Options{
|
|
Addr: fmt.Sprintf("%s:%d", host, port),
|
|
Password: password, // no password set
|
|
DB: 0, // use default DB
|
|
})
|
|
defer func() {
|
|
_ = client.Close()
|
|
}()
|
|
|
|
// Ping the Redis server
|
|
_, err := client.Ping(context.TODO()).Result()
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
// Get Redis server info
|
|
infoCmd := client.Info(context.TODO())
|
|
if infoCmd.Err() != nil {
|
|
return "", infoCmd.Err()
|
|
}
|
|
|
|
return infoCmd.Val(), nil
|
|
}
|
|
|
|
// IsAuthenticated checks if the redis server requires authentication
|
|
// @example
|
|
// ```javascript
|
|
// const redis = require('nuclei/redis');
|
|
// const isAuthenticated = redis.IsAuthenticated('acme.com', 6379);
|
|
// ```
|
|
func IsAuthenticated(ctx context.Context, host string, port int) (bool, error) {
|
|
executionId := ctx.Value("executionId").(string)
|
|
return memoizedisAuthenticated(executionId, host, port)
|
|
}
|
|
|
|
// @memo
|
|
func isAuthenticated(executionId string, host string, port int) (bool, error) {
|
|
plugin := pluginsredis.REDISPlugin{}
|
|
timeout := 5 * time.Second
|
|
dialer := protocolstate.GetDialersWithId(executionId)
|
|
if dialer == nil {
|
|
return false, fmt.Errorf("dialers not initialized for %s", executionId)
|
|
}
|
|
|
|
conn, err := dialer.Fastdialer.Dial(context.TODO(), "tcp", fmt.Sprintf("%s:%d", host, port))
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
defer func() {
|
|
_ = conn.Close()
|
|
}()
|
|
|
|
_, err = plugin.Run(conn, timeout, plugins.Target{Host: host})
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
return true, nil
|
|
}
|
|
|
|
// RunLuaScript runs a lua script on the redis server
|
|
// @example
|
|
// ```javascript
|
|
// const redis = require('nuclei/redis');
|
|
// const result = redis.RunLuaScript('acme.com', 6379, 'password', 'return redis.call("get", KEYS[1])');
|
|
// ```
|
|
func RunLuaScript(ctx context.Context, host string, port int, password string, script string) (interface{}, error) {
|
|
executionId := ctx.Value("executionId").(string)
|
|
if !protocolstate.IsHostAllowed(executionId, host) {
|
|
// host is not valid according to network policy
|
|
return false, protocolstate.ErrHostDenied.Msgf(host)
|
|
}
|
|
// create a new client
|
|
client := redis.NewClient(&redis.Options{
|
|
Addr: fmt.Sprintf("%s:%d", host, port),
|
|
Password: password,
|
|
DB: 0, // use default DB
|
|
})
|
|
defer func() {
|
|
_ = client.Close()
|
|
}()
|
|
|
|
// Ping the Redis server
|
|
_, err := client.Ping(context.TODO()).Result()
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
// Get Redis server info
|
|
infoCmd := client.Eval(context.Background(), script, []string{})
|
|
|
|
if infoCmd.Err() != nil {
|
|
return "", infoCmd.Err()
|
|
}
|
|
|
|
return infoCmd.Val(), nil
|
|
}
|