Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Code protocol bug fixes and improvements #5767

Merged
merged 3 commits into from
Oct 25, 2024
Merged

Code protocol bug fixes and improvements #5767

merged 3 commits into from
Oct 25, 2024
+51 −22

Conversation

tarunKoyalwar
Copy link
Member

@tarunKoyalwar tarunKoyalwar commented Oct 24, 2024
edited by ehsandeep
Loading

Proposed Changes

  • fix flakiness when loading and executing code protocol templates in windows environment ( observed by @princechaddha in win with low spec with powershell engine )
  • improve debug mode in code protocol to dump actual output and the internal command being run , this increases visibility and outputs entire response instead of default behaviour of only showing output which causes confusion and has less observability when debugging
  • depends on Improve debugging and use LookPath gozero#18
id: py-code-snippet

info:
  name: py-code-snippet
  author: pdteam
  severity: info
  tags: code
  description: |
    py-code-snippet

code:
  - engine:
      - py
      - python3
      - python
    source: |
      import sys
      print("hello from " + sys.stdin.read())
    
    matchers:
      - type: word
        words:
          - "hello from input"
# digest: 4a0a00473045022100e958adc2ee66e0a5f6067bc26e620fd9912a4703896abee24a3689c0150e7388022032c4394bc2895fc84a472fa1e774323fb6d2ef01a8c544bc6306846c8ff6e3e8:73812c4e0e52692225979bd2d5f05a3c
./nuclei -code -t a.yaml -u input -debug                                                                

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.5

		projectdiscovery.io

[url] got empty hostname for input skipping ip selection
[INF] Current nuclei version: v3.3.5 (latest)
[INF] Current nuclei-templates version: v10.0.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 68
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from tarun
[INF] Targets loaded for current scan: 1
[DBG] [py-code-snippet] Dumped Executed Source Code for input/stdin: 'input'
---------------
Source Code:
---------------
import sys
print("hello from " + sys.stdin.read())


---------------
Command Executed:
---------------
/opt/homebrew/bin/python3 /var/folders/fs/50l_djns0db4w30ttbd6czgr0000gn/T/nuclei-tmp-1591574686/2180671583

---------------
Command Output:
---------------
hello from input

[WRN] Command Output here is stdout+sterr, in response variables they are seperate (use -v -svd flags for more details)
[DBG] [py-code-snippet] Dumped Code Execution for input

hello from input

[py-code-snippet:word-1] [code] [info] input

@tarunKoyalwar tarunKoyalwar self-assigned this Oct 24, 2024
@tarunKoyalwar tarunKoyalwar mentioned this pull request Oct 24, 2024
Merged
@tarunKoyalwar tarunKoyalwar marked this pull request as ready for review October 24, 2024 12:00
@tarunKoyalwar tarunKoyalwar changed the title bump gozero + improve debug mode (code protocol) Code protocol bug fixes and improvements Oct 24, 2024
@tarunKoyalwar
Copy link
Member Author

also indirectly resolves #5759

./nuclei -code -t code-go-engine.yaml -debug                                                    

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.5

		projectdiscovery.io

[INF] Current nuclei version: v3.3.5 (latest)
[INF] Current nuclei-templates version: v10.0.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 68
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from tarun
[DBG] [go-code-engine] Dumped Executed Source Code for input/stdin: ''
---------------
Source Code:
---------------
package main

import "fmt"

func main() {
    fmt.Println("hello world")
}


---------------
Command Executed:
---------------
/opt/homebrew/bin/go run /var/folders/fs/50l_djns0db4w30ttbd6czgr0000gn/T/nuclei-tmp-4227574755/2121898775.go

---------------
Command Output:
---------------
hello world

[WRN] Command Output here is stdout+sterr, in response variables they are seperate (use -v -svd flags for more details)
[DBG] [go-code-engine] Dumped Code Execution for 

hello world

[go-code-engine] [code] [info]  ["hello world"]

@tarunKoyalwar tarunKoyalwar mentioned this pull request Oct 24, 2024
Closed
4 tasks
@dogancanbakir dogancanbakir linked an issue Oct 25, 2024 that may be closed by this pull request
[BUG] go engine doesn't work in code template #5759
Closed
1 task
@ehsandeep ehsandeep merged commit 40a08a4 into dev Oct 25, 2024
8 of 11 checks passed
@ehsandeep ehsandeep deleted the improve-debugging branch October 25, 2024 18:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@Mzack9999 Mzack9999 Mzack9999 approved these changes

@dogancanbakir dogancanbakir dogancanbakir approved these changes

Assignees

@tarunKoyalwar tarunKoyalwar

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] go engine doesn't work in code template
4 participants
@tarunKoyalwar @ehsandeep @Mzack9999 @dogancanbakir