Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

disable non default templates as default #5370

Open
wants to merge 5 commits into
base: dev
Choose a base branch
from
Open

disable non default templates as default #5370

wants to merge 5 commits into from

Conversation

dogancanbakir
Copy link
Member

Proposed changes

Closes #5231

$ go run .                    

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0-dev

                projectdiscovery.io

[WRN] Found 2 templates with runtime error (use -validate flag for further examination)
[WRN] Skipping 1030 self-contained template[s], use  -var or -env-vars flag to run them
[WRN] Skipping 403 file template[s], use file or directory as an input to run file templates
[INF] Current nuclei version: v3.3.0-dev (development)
[INF] Current nuclei-templates version: v9.9.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 164
[INF] Templates loaded for current scan: 6918
[INF] Executing 6918 signed templates from projectdiscovery/nuclei-templates
[INF] No results found. Better luck next time!

file:

$ go run . -u config.yaml

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0-dev

                projectdiscovery.io

[WRN] Skipping 1031 self-contained template[s], use  -var or -env-vars flag to run them
[INF] Current nuclei version: v3.3.0-dev (development)
[INF] Current nuclei-templates version: v9.9.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 164
[INF] Templates loaded for current scan: 7321
[INF] Executing 7321 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[INF] Running httpx on input host
[INF] Found 1 URL from httpx
[INF] Templates clustered: 1551 (Reduced 1468 Requests)
[xss-serialize-javascript] [file] [info] config.yaml
[url-extension-inspector:Database file] [file] [unknown] config.yaml [".db"]
[INF] Using Interactsh Server: oast.online
^C[INF] CTRL+C pressed: Exiting
[INF] Attempting graceful shutdown...
[INF] Creating resume file: /Users/dogancanbakir/Library/Caches/nuclei/resume-cq3frjqhc8a421ofa4lg.cfg
exit status 1

self-contained:

$ go run . -var dummy=dummy   

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0-dev

                projectdiscovery.io

[WRN] Found 1 templates with runtime error (use -validate flag for further examination)
[WRN] Skipping 403 file template[s], use file or directory as an input to run file templates
[INF] Current nuclei version: v3.3.0-dev (development)
[INF] Current nuclei-templates version: v9.9.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 164
[INF] Templates loaded for current scan: 7823
[INF] Executing 7823 signed templates from projectdiscovery/nuclei-templates
[INF] No results found. Better luck next time!

both:

$ go run . -u config.yaml -var dummy=dummy

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0-dev

                projectdiscovery.io

[INF] Current nuclei version: v3.3.0-dev (development)
[INF] Current nuclei-templates version: v9.9.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 164
[INF] Templates loaded for current scan: 8226
[INF] Executing 8226 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[INF] Running httpx on input host
^C[INF] CTRL+C pressed: Exiting
[INF] Attempting graceful shutdown...
[INF] Creating resume file: /Users/dogancanbakir/Library/Caches/nuclei/resume-cq3fseahc8a4686atdr0.cfg
exit status 1

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@dogancanbakir dogancanbakir self-assigned this Jul 4, 2024
ehsandeep
ehsandeep requested changes Jul 4, 2024
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For self-contained template we need to see if it expecting input from CLI variable or env variable to exclude, for example below template is good to run without any additional input.

id: basic-example

info:
  name: Test HTTP Template
  author: pdteam
  severity: info

self-contained: true
http:
  - method: GET
    path:
      - "https://example.com/test"
    matchers:
      - type: word
        words:
          - "This is test matcher text"

@dogancanbakir
Copy link
Member Author 

$ go run . -t test_template.yaml -v

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0-dev

                projectdiscovery.io

[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.3.0-dev (development)
[INF] Current nuclei-templates version: v9.9.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 164
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[VER] [basic-example] Sent HTTP request to https://example.com/test
[INF] No results found. Better luck next time!

tarunKoyalwar
tarunKoyalwar requested changes Jul 15, 2024
View reviewed changes
Copy link
Member

@tarunKoyalwar tarunKoyalwar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

$ ./nuclei -l data.txt -t js-analyse.yaml                                                            

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0-dev

		projectdiscovery.io

[WRN] Skipping 1 file template[s], use file or directory as an input to run file templates
[INF] Current nuclei version: v3.3.0-dev (development)
[INF] Current nuclei-templates version: v9.9.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] Targets loaded for current scan: 1
[INF] No results found. Better luck next time!
[FTL] Could not run nuclei: no templates provided for scan

currently it doesn't handle cases where

  • input is given using -l or target list
  • input is given from stdin
echo "pkg" | ./nuclei -t js-analyse.yaml

alternative implementation:

  • as mentioned in other comment we can precheck this and add state variables HasFileInput while loading targets ( see: pkg/input ). since this package deals with all input types adding this check in that package would apply this check on all supported input types

pkg/catalog/loader/loader.go
Comment on lines +552 to +597
var (
numericalExpressionRegex = regexp.MustCompile(`^[0-9+\-/\W]+$`)
unresolvedVariablesRegex = regexp.MustCompile(`(?:%7[B|b]|\{){2}([^}]+)(?:%7[D|d]|\}){2}["'\)\}]*`)
)

// copy of the original function from pkg/protocols/common/expressions/variables.go:ContainsUnresolvedVariables
func templateContainsUnresolvedVariables(templatePath string) bool {
data, err := os.ReadFile(templatePath)
if err != nil {
return false
}

matches := unresolvedVariablesRegex.FindAllStringSubmatch(string(data), -1)
if len(matches) == 0 {
return false
}

var unresolvedVariables []string
for _, match := range matches {
if len(match) < 2 {
continue
}

// Skip if the match is an expression
if numericalExpressionRegex.MatchString(match[1]) {
continue
}
// or if it contains only literals (can be solved from expression engine)
if hasLiteralsOnly(match[1]) {
continue
}
unresolvedVariables = append(unresolvedVariables, match[1])
}

return len(unresolvedVariables) > 0
}

func hasLiteralsOnly(data string) bool {
expr, err := govaluate.NewEvaluableExpressionWithFunctions(data, dsl.HelperFunctions)
if err != nil {
return false
}
if expr != nil {
_, err = expr.Evaluate(nil)
return err == nil
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if this is duplicated i think we can move it to pkg/utils because to avoid any inconsistencies in future and we can reuse it for other purpose as well

pkg/catalog/loader/loader.go
Comment on lines +473 to +488

if parsed.SelfContained &&
store.config.ExecutorOptions.Options.Vars.IsEmpty() && !store.config.ExecutorOptions.Options.EnvironmentVariables &&
templateContainsUnresolvedVariables(templatePath) {
stats.Increment(templates.SkippedSelfContainedStats)
return
}

if parsed.HasFileProtocol() &&
lo.NoneBy(store.config.ExecutorOptions.Options.Targets, func(target string) bool {
return fileutil.FileOrFolderExists(target)
}) {
stats.Increment(templates.SkippedFileStats)
return
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure if we should compute this check here , the stats definetly belong here but checking everytime if target is a file for every template might increase latency on small hosts/boxes . i think it would be better if we precalcuate and put it in types.Options ( we do this for headless,DAST and other filtering ) so we could also add 2 options

HasGlobalVars bool
HasFileInput bool

or something similar

another reason for this is that nuclei supports target from various flags -u , -l and even input mode and this logic currently only checks for values of -u and not -l

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarunKoyalwar tarunKoyalwar tarunKoyalwar requested changes

@ehsandeep ehsandeep Awaiting requested review from ehsandeep

Assignees

@dogancanbakir dogancanbakir

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

disable non default templates as default
3 participants
@dogancanbakir @ehsandeep @tarunKoyalwar