Documentation
¶
Index ¶
- Variables
- func BuildPayloadFromOptions(options *Options) map[string]interface{}
- func CopyMap(originalMap map[string]interface{}) map[string]interface{}
- type ConditionType
- type Executer
- type ExecuterOptions
- type Extractor
- type ExtractorType
- type Generator
- type InternalEvent
- type InternalWrappedEvent
- type Iterator
- type Matcher
- func (m *Matcher) CompileMatchers() error
- func (m *Matcher) GetType() MatcherType
- func (m *Matcher) MatchBinary(corpus string) bool
- func (m *Matcher) MatchRegex(corpus string) bool
- func (m *Matcher) MatchSize(length int) bool
- func (m *Matcher) MatchStatusCode(statusCode int) bool
- func (m *Matcher) MatchWords(corpus string) bool
- func (m *Matcher) Result(data bool) bool
- type MatcherType
- type Operators
- func (r *Operators) Compile() error
- func (operators *Operators) Execute(data map[string]interface{}, match matchFunc, extract extractFunc) (*Result, bool)
- func (operators *Operators) ExecuteInternalExtractors(data map[string]interface{}, extract extractFunc) map[string]interface{}
- func (r *Operators) GetMatchersCondition() ConditionType
- type Options
- type OutputEventCallback
- type Request
- type Result
- type ResultEvent
- type Type
Constants ¶
This section is empty.
Variables ¶
View Source
var StringToType = map[string]Type{ "sniper": Sniper, "pitchfork": PitchFork, "clusterbomb": ClusterBomb, }
StringToType is an table for conversion of attack type from string.
Functions ¶
func BuildPayloadFromOptions ¶
BuildPayloadFromOptions returns a map with the payloads provided via CLI
Types ¶
type Executer ¶
type Executer interface {
// Compile compiles the execution generators preparing any requests possible.
Compile() error
// Requests returns the total number of requests the rule will perform
Requests() int
// Execute executes the protocol group and returns true or false if results were found.
Execute(input string) (*Result, error)
}
Executer is an interface implemented any protocol based request executer.
type ExecuterOptions ¶
type Extractor ¶
type Extractor struct {
// description: |
// Name of the extractor. Name should be lowercase and must not contain
// spaces or underscores (_).
// examples:
// - value: "\"cookie-extractor\""
Name string `json:"name,omitempty" `
// description: |
// Type is the type of the extractor.
Type string `json:"type"`
// description: |
// Regex contains the regular expression patterns to extract from a part.
//
// Go regex engine does not support lookaheads or lookbehinds, so as a result
// they are also not supported in nuclei.
// examples:
// - name: Braintree Access Token Regex
// value: >
// []string{"access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}"}
// - name: Wordpress Author Extraction regex
// value: >
// []string{"Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"}
Regex []string `json:"regex,omitempty" `
// description: |
// Group specifies a numbered group to extract from the regex.
// examples:
// - name: Example Regex Group
// value: "1"
RegexGroup int `json:"group,omitempty" `
// description: |
// kval contains the key-value pairs present in the HTTP response header.
// kval extractor can be used to extract HTTP response header and cookie key-value pairs.
// kval extractor inputs are case-insensitive, and does not support dash (-) in input which can replaced with underscores (_)
// For example, Content-Type should be replaced with content_type
//
// A list of supported parts is available in docs for request types.
// examples:
// - name: Extract Server Header From HTTP Response
// value: >
// []string{"server"}
// - name: Extracting value of PHPSESSID Cookie
// value: >
// []string{"phpsessid"}
// - name: Extracting value of Content-Type Cookie
// value: >
// []string{"content_type"}
KVal []string `json:"kval,omitempty" `
// description: |
// Part is the part of the request response to extract data from.
//
// Each protocol exposes a lot of different parts which are well
// documented in docs for each request type.
// examples:
// - value: "\"body\""
// - value: "\"raw\""
Part string `json:"part,omitempty" `
// description: |
// Internal, when set to true will allow using the value extracted
// in the next request for some protocols (like HTTP).
Internal bool `json:"internal,omitempty"`
// description: |
// CaseInsensitive enables case-insensitive extractions. Default is false.
// values:
// - false
// - true
CaseInsensitive bool `json:"case-insensitive,omitempty" `
// contains filtered or unexported fields
}
Extractor is used to extract part of response using a regex.
func (*Extractor) CompileExtractors ¶
CompileExtractors performs the initial setup operation on an extractor
func (*Extractor) ExtractKval ¶
ExtractKval extracts key value pairs from a data map
func (*Extractor) ExtractRegex ¶
ExtractRegex extracts text from a corpus and returns it
func (*Extractor) GetType ¶
func (e *Extractor) GetType() ExtractorType
GetType returns the type of the matcher
type ExtractorType ¶
type ExtractorType int
ExtractorType is the type of the extractor specified
const ( // name:regex RegexExtractor ExtractorType = iota + 1 // name:kval KValExtractor )
name:ExtractorType
func GetSupportedExtractorTypes ¶
func GetSupportedExtractorTypes() []ExtractorType
GetSupportedExtractorTypes returns list of supported types
type Generator ¶
type Generator struct {
Type Type
// contains filtered or unexported fields
}
generator is the generator struct for generating payloads
func (*Generator) NewIterator ¶
NewIterator creates a new iterator for the payloads generator
type InternalEvent ¶
type InternalEvent map[string]interface{}
type InternalWrappedEvent ¶
type InternalWrappedEvent struct {
InternalEvent InternalEvent
Results []*ResultEvent
OperatorsResult *Result
}
type Iterator ¶
type Iterator struct {
Type Type
// contains filtered or unexported fields
}
Iterator is a single instance of an iterator for a generator structure
func (*Iterator) Reset ¶
func (i *Iterator) Reset()
Reset resets the iterator back to its initial value
type Matcher ¶
type Matcher struct {
// Type is the type of the matcher
Type string `json:"type"`
// Condition is the optional condition between two matcher variables
//
// By default, the condition is assumed to be OR.
Condition string `json:"condition,omitempty"`
// Part is the part of the data to match
Part string `json:"part,omitempty"`
// Negative specifies if the match should be reversed
// It will only match if the condition is not true.
Negative bool `json:"negative,omitempty"`
// Name is matcher Name
Name string `json:"name,omitempty"`
// Status are the acceptable status codes for the response
Status []int `json:"status,omitempty"`
// Size is the acceptable size for the response
Size []int `json:"size,omitempty"`
// Words are the words required to be present in the response
Words []string `json:"words,omitempty"`
// Regex are the regex pattern required to be present in the response
Regex []string `json:"regex,omitempty"`
// Binary are the binary characters required to be present in the response
Binary []string `json:"binary,omitempty"`
// DSL are the dsl queries
DSL []string `json:"dsl,omitempty"`
// Encoding specifies the encoding for the word content if any.
Encoding string `json:"encoding,omitempty"`
MatchersCondition string `json:"matchers-condition"`
Matchers []Matcher
// contains filtered or unexported fields
}
func (*Matcher) CompileMatchers ¶
CompileMatchers performs the initial setup operation on a matcher
func (*Matcher) GetType ¶
func (m *Matcher) GetType() MatcherType
getType returns the type of the matcher
func (*Matcher) MatchBinary ¶
MatchBinary matches a binary check against a corpus
func (*Matcher) MatchRegex ¶
MatchRegex matches a regex check against a corpus
func (*Matcher) MatchStatusCode ¶
MatchStatusCode matches a status code check against a corpus
func (*Matcher) MatchWords ¶
MatchWords matches a word check against a corpus.
type MatcherType ¶
type MatcherType = int
MatcherType is the type of the matcher specified
const ( // WordsMatcher matches responses with words WordsMatcher MatcherType = iota + 1 // RegexMatcher matches responses with regexes RegexMatcher // BinaryMatcher matches responses with words BinaryMatcher // StatusMatcher matches responses with status codes StatusMatcher // SizeMatcher matches responses with response size SizeMatcher // DSLMatcher matches based upon dsl syntax DSLMatcher )
type Operators ¶
type Operators struct {
// Matchers contains the detection mechanism for the request to identify
// whether the request was successful
Matchers []*Matcher `json:"matchers,omitempty"`
// Extractors contains the extraction mechanism for the request to identify
// and extract parts of the response.
Extractors []*Extractor `json:"extractors,omitempty"`
// MatchersCondition is the condition of the matchers
// whether to use AND or OR. Default is OR.
MatchersCondition string `json:"matchers-condition,omitempty"`
// contains filtered or unexported fields
}
operators contains the operators that can be applied on protocols
func (*Operators) Execute ¶
func (operators *Operators) Execute(data map[string]interface{}, match matchFunc, extract extractFunc) (*Result, bool)
Execute executes the operators on data and returns a result structure
func (*Operators) ExecuteInternalExtractors ¶
func (operators *Operators) ExecuteInternalExtractors(data map[string]interface{}, extract extractFunc) map[string]interface{}
ExecuteInternalExtractors executes internal dynamic extractors
func (*Operators) GetMatchersCondition ¶
func (r *Operators) GetMatchersCondition() ConditionType
getMatchersCondition returns the condition for the matchers
type OutputEventCallback ¶
type OutputEventCallback func(result *InternalWrappedEvent)
type Request ¶
type Request interface {
// Compile compiles the request generators preparing any requests possible.
Compile(options *ExecuterOptions) error
// Requests returns the total number of requests the rule will perform
Requests() int
// GetID returns the ID for the request if any. IDs are used for multi-request
// condition matching. So, two requests can be sent and their match can
// be evaluated from the third request by using the IDs for both requests.
//GetID() string
// Match performs matching operation for a matcher on model and returns true or false.
Match(data map[string]interface{}, matcher *Matcher) bool
// Extract performs extracting operation for a extractor on model and returns true or false.
//Extract(data map[string]interface{}, matcher *extractors.Extractor) map[string]struct{}
// ExecuteWithResults executes the protocol requests and returns results instead of writing them.
ExecuteWithResults(input string, dynamicValues map[string]interface{}, callback OutputEventCallback) error
}
Request is an interface implemented any protocol based request generator.
type Result ¶
type Result struct {
// Matched is true if any matchers matched
Matched bool
// Extracted is true if any result type values were extracted
Extracted bool
// Matches is a map of matcher names that we matched
Matches map[string]struct{}
// Extracts contains all the data extracted from inputs
Extracts map[string][]string
// OutputExtracts is the list of extracts to be displayed on screen.
OutputExtracts []string
// DynamicValues contains any dynamic values to be templated
DynamicValues map[string]interface{}
// PayloadValues contains payload values provided by user. (Optional)
PayloadValues map[string]interface{}
}
Result is a result structure created from operators running on data.
type ResultEvent ¶
type ResultEvent struct {
//TemplateID is the ID of the template for the result.
TemplateID string `json:"templateID"`
// Info contains information block of the template for the result.
//Info map[string]interface{} `json:"info,inline"`
// MatcherName is the name of the matcher matched if any.
MatcherName string `json:"matcher_name,omitempty"`
// ExtractorName is the name of the extractor matched if any.
ExtractorName string `json:"extractor_name,omitempty"`
// Type is the type of the result event.
Type string `json:"type"`
// Host is the host input on which match was found.
Host string `json:"host,omitempty"`
// Path is the path input on which match was found.
Path string `json:"path,omitempty"`
// Matched contains the matched input in its transformed form.
Matched string `json:"matched,omitempty"`
// ExtractedResults contains the extraction result from the inputs.
ExtractedResults []string `json:"extracted_results,omitempty"`
// Request is the optional dumped request for the match.
//Request string `json:"request,omitempty"`
// Response is the optional dumped response for the match.
//Response string `json:"response,omitempty"`
// Metadata contains any optional metadata for the event
Metadata map[string]interface{} `json:"meta,omitempty"`
// IP is the IP address for the found result event.
IP string `json:"ip,omitempty"`
// Timestamp is the time the result was found at.
Timestamp time.Time `json:"timestamp"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.