bug fixes in js , network protocol and flow #4313
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
tarunKoyalwar
changed the title
example templateid: js_test
info:
name: Testing JS
author: rahulmaini
severity: info
javascript:
- code: |
let m = require('nuclei/net');
let name=Host+':'+Port;
let conn = m.OpenTLS('tcp', name);
conn.Send('GET / HTTP/1.1\r\nHost:'+name+'\r\nConnection: close\r\n\r\n');
resp = conn.RecvString()
log(resp)
args:
Host: "{{Host}}"
Port: "443"$ ./nuclei -t simplejs.yaml -u vps.noob.ninja
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.0.2
projectdiscovery.io
[INF] Current nuclei version: v3.0.2 (latest)
[INF] Current nuclei-templates version: v9.6.8 (latest)
[INF] New templates added in latest release: 79
[INF] Templates loaded for current scan: 1
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[JS] HTTP/1.1 200 OK
Date: Mon, 30 Oct 2023 12:44:01 GMT
Server: Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: application/json
155
{
"swagger": "2.0",
"info": {
"title": "xxxxxxx",
"description": "test",
"version": "2017-06-04T22:56:06+00:00",
"contact": {
"name": "test",
"url": "javascript:alert(document.domain)",
"email": "xx.team@%0D%0Ajavascript%3Aalert(1)%2F%2F%0A.com"
}
}
}
0
[INF] No results found. Better luck next time! |
TODO
id: network-port-example
info:
name: Example Template with Network Port
author: pdteam
severity: high
description: This is an updated description for the network port example.
reference: https://updated-reference-link
tcp:
- host:
- "tls://{{Hostname}}"
port: 443
inputs:
- data: "GET / HTTP/1.1\r\nHost: {{Hostname}}\r\nConnection: close\r\n\r\n"
read-size: 5000
extractors:
- type: dsl
dsl:
- "len(data)"$ ./nuclei -u projectdiscovery.io -t network-https.yaml
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.0.2
projectdiscovery.io
[INF] Current nuclei version: v3.0.2 (latest)
[INF] Current nuclei-templates version: v9.6.8 (latest)
[INF] New templates added in latest release: 79
[INF] Templates loaded for current scan: 1
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[network-port-example] [tcp] [high] projectdiscovery.io:443 [1369] |
New Changes
$ ./nuclei -u scanme.sh -t ~/test-templates/jshelper.yaml
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.0.2
projectdiscovery.io
[INF] Current nuclei version: v3.0.2 (latest)
[INF] Current nuclei-templates version: v9.6.8 (latest)
[INF] New templates added in latest release: 79
[INF] Templates loaded for current scan: 1
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] Running httpx on input host
[INF] Found 1 URL from httpx
[js_test] [http] [info] https://scanme.sh/6f6b
|
tarunKoyalwar
added
the
Status: Review Needed
|
tests are passing locally . only interactsh related test is failing in gh workflow (which is expected) |
tarunKoyalwar
changed the title
New Changes
$ TESTS="flow/flow-hide-matcher.yaml" ./run.sh
::group::Build nuclei
::endgroup::
::group::Build nuclei integration-test
::endgroup::
::group::Installing nuclei templates
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.0.2
projectdiscovery.io
[INF] No new updates found for nuclei templates
[✓] Test "flow/flow-hide-matcher.yaml" passed! |
ehsandeep
approved these changes
Nov 1, 2023
ehsandeep
removed
the
Status: Review Needed
olearycrew
pushed a commit
to olearycrew/nuclei
that referenced
this pull request
Nov 3, 2023
* fix net read * only return N bytes if extra available * use ConnReadN from readerutil * add integration test * print unsigned warning in stderr * fix js protocol in flow projectdiscovery#4318 * fix integration test: url encoding issue * fix network protocol issue + integration tests * multiple improvements to integration test * replace all conn.Read() from tests * disable network-basic.yaml in windows * disable code protocol in win CI * fix bitwise login ps1-snippet.yaml * hide previous matcher events in flow * remove dead code+ update integration tests --------- Co-authored-by: Sandeep Singh <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed Changes
TCPis stream protocol and when we callconn.Readit reads whatever is available at that moment in buffer and does not necessarily mean everything sent by server. same is the case if we specifyconn.Read(N)