engine

package
v3.3.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 30, 2024 License: MIT Imports: 53 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrLFAccessDenied = errorutil.New("Use -allow-local-file-access flag to enable local file access")
	// ErrActionExecDealine is the error returned when alloted time for action execution exceeds
	ErrActionExecDealine = errkit.New("headless action execution deadline exceeded").SetKind(errkit.ErrKindDeadline).Build()
)
View Source
var ActionStringToAction = map[string]ActionType{
	"navigate":     ActionNavigate,
	"script":       ActionScript,
	"click":        ActionClick,
	"rightclick":   ActionRightClick,
	"text":         ActionTextInput,
	"screenshot":   ActionScreenshot,
	"time":         ActionTimeInput,
	"select":       ActionSelectInput,
	"files":        ActionFilesInput,
	"waitdom":      ActionWaitDOM,
	"waitfcp":      ActionWaitFCP,
	"waitfmp":      ActionWaitFMP,
	"waitidle":     ActionWaitIdle,
	"waitload":     ActionWaitLoad,
	"waitstable":   ActionWaitStable,
	"getresource":  ActionGetResource,
	"extract":      ActionExtract,
	"setmethod":    ActionSetMethod,
	"addheader":    ActionAddHeader,
	"setheader":    ActionSetHeader,
	"deleteheader": ActionDeleteHeader,
	"setbody":      ActionSetBody,
	"waitevent":    ActionWaitEvent,
	"waitdialog":   ActionWaitDialog,
	"keyboard":     ActionKeyboard,
	"debug":        ActionDebug,
	"sleep":        ActionSleep,
	"waitvisible":  ActionWaitVisible,
}

ActionStringToAction converts an action from string to internal representation

View Source
var ActionToActionString = map[ActionType]string{
	ActionNavigate:     "navigate",
	ActionScript:       "script",
	ActionClick:        "click",
	ActionRightClick:   "rightclick",
	ActionTextInput:    "text",
	ActionScreenshot:   "screenshot",
	ActionTimeInput:    "time",
	ActionSelectInput:  "select",
	ActionFilesInput:   "files",
	ActionWaitDOM:      "waitdom",
	ActionWaitFCP:      "waitfcp",
	ActionWaitFMP:      "waitfmp",
	ActionWaitIdle:     "waitidle",
	ActionWaitLoad:     "waitload",
	ActionWaitStable:   "waitstable",
	ActionGetResource:  "getresource",
	ActionExtract:      "extract",
	ActionSetMethod:    "setmethod",
	ActionAddHeader:    "addheader",
	ActionSetHeader:    "setheader",
	ActionDeleteHeader: "deleteheader",
	ActionSetBody:      "setbody",
	ActionWaitEvent:    "waitevent",
	ActionWaitDialog:   "waitdialog",
	ActionKeyboard:     "keyboard",
	ActionDebug:        "debug",
	ActionSleep:        "sleep",
	ActionWaitVisible:  "waitvisible",
}

ActionToActionString converts an action from internal representation to string

Functions

func FetchContinueRequest

func FetchContinueRequest(page *rod.Page, e *proto.FetchRequestPaused) error

FetchContinueRequest continue request

func FetchGetResponseBody

func FetchGetResponseBody(page *rod.Page, e *proto.FetchRequestPaused) ([]byte, error)

FetchGetResponseBody get request body.

func GetSameSite

func GetSameSite(cookie *http.Cookie) string

func MustDisableSandbox

func MustDisableSandbox() bool

MustDisableSandbox determines if the current os and user needs sandbox mode disabled

Types

type Action

type Action struct {
	// description:
	//   Args contain arguments for the headless action.
	//
	//   Per action arguments are described in detail [here](https://nuclei.projectdiscovery.io/templating-guide/protocols/headless/).
	Data map[string]string `` /* 151-byte string literal not displayed */
	// description: |
	//   Name is the name assigned to the headless action.
	//
	//   This can be used to execute code, for instance in browser
	//   DOM using script action, and get the result in a variable
	//   which can be matched upon by nuclei. An Example template [here](https://github.com/devilsfang/nuclei-templates/blob/main/headless/prototype-pollution-check.yaml).
	Name string `` /* 148-byte string literal not displayed */
	// description: |
	//   Description is the optional description of the headless action
	Description string `` /* 155-byte string literal not displayed */
	// description: |
	//   Action is the type of the action to perform.
	ActionType ActionTypeHolder `` /* 386-byte string literal not displayed */
}

Action is an action taken by the browser to reach a navigation

Each step that the browser executes is an action. Most navigations usually start from the ActionLoadURL event, and further navigations are discovered on the found page. We also keep track and only scrape new navigation from pages we haven't crawled yet.

func (*Action) GetArg

func (a *Action) GetArg(name string) string

GetArg returns an arg for a name

func (Action) JSONSchemaExtend

func (a Action) JSONSchemaExtend(schema *jsonschema.Schema)

func (*Action) String

func (a *Action) String() string

String returns the string representation of an action

type ActionData

type ActionData = mapsutil.Map[string, any]

ActionData stores the action output data

type ActionType

type ActionType int8

ActionType defines the action type for a browser action

const (
	// ActionNavigate performs a navigation to the specified URL
	// name:navigate
	ActionNavigate ActionType = iota + 1
	// ActionScript executes a JS snippet on the page.
	// name:script
	ActionScript
	// ActionClick performs the left-click action on an Element.
	// name:click
	ActionClick
	// ActionRightClick performs the right-click action on an Element.
	// name:rightclick
	ActionRightClick
	// ActionTextInput performs an action for a text input
	// name:text
	ActionTextInput
	// ActionScreenshot performs the screenshot action writing to a file.
	// name:screenshot
	ActionScreenshot
	// ActionTimeInput performs an action on a time input.
	// name:time
	ActionTimeInput
	// ActionSelectInput performs an action on a select input.
	// name:select
	ActionSelectInput
	// ActionFilesInput performs an action on a file input.
	// name:files
	ActionFilesInput
	// ActionWaitDOM waits for the HTML document has been completely loaded & parsed.
	// name:waitdom
	ActionWaitDOM
	// ActionWaitFCP waits for the first piece of content (text, image, etc.) is painted on the screen.
	// name:waitfcp
	ActionWaitFCP
	// ActionWaitFMP waits for page has rendered enough meaningful content to be useful to the user.
	// name:waitfmp
	ActionWaitFMP
	// ActionWaitIdle waits for the network is completely idle (no ongoing network requests).
	// name:waitidle
	ActionWaitIdle
	// ActionWaitLoad waits for the page and all its resources (like stylesheets and images) have finished loading.
	// name:waitload
	ActionWaitLoad
	// ActionWaitStable waits until the page is stable.
	// name:waitstable
	ActionWaitStable
	// ActionGetResource performs a get resource action on an element
	// name:getresource
	ActionGetResource
	// ActionExtract performs an extraction on an element
	// name:extract
	ActionExtract
	// ActionSetMethod sets the request method
	// name:setmethod
	ActionSetMethod
	// ActionAddHeader adds a header to the request
	// name:addheader
	ActionAddHeader
	// ActionSetHeader sets a header in the request
	// name:setheader
	ActionSetHeader
	// ActionDeleteHeader deletes a header from the request
	// name:deleteheader
	ActionDeleteHeader
	// ActionSetBody sets the value of the request body
	// name:setbody
	ActionSetBody
	// ActionWaitEvent waits for a specific event.
	// name:waitevent
	ActionWaitEvent
	// ActionWaitDialog waits for JavaScript dialog (alert, confirm, prompt, or onbeforeunload).
	// name:dialog
	ActionWaitDialog
	// ActionKeyboard performs a keyboard action event on a page.
	// name:keyboard
	ActionKeyboard
	// ActionDebug debug slows down headless and adds a sleep to each page.
	// name:debug
	ActionDebug
	// ActionSleep executes a sleep for a specified duration
	// name:sleep
	ActionSleep
	// ActionWaitVisible waits until an element appears.
	// name:waitvisible
	ActionWaitVisible
)

Types to be executed by the user. name:ActionType

func GetSupportedActionTypes

func GetSupportedActionTypes() []ActionType

GetSupportedActionTypes returns list of supported types

func (ActionType) String

func (t ActionType) String() string

type ActionTypeHolder

type ActionTypeHolder struct {
	ActionType ActionType `mapping:"true"`
}

ActionTypeHolder is used to hold internal type of the action

func (ActionTypeHolder) JSONSchema

func (holder ActionTypeHolder) JSONSchema() *jsonschema.Schema

func (*ActionTypeHolder) MarshalJSON

func (holder *ActionTypeHolder) MarshalJSON() ([]byte, error)

func (ActionTypeHolder) MarshalYAML

func (holder ActionTypeHolder) MarshalYAML() (interface{}, error)

func (ActionTypeHolder) String

func (holder ActionTypeHolder) String() string

func (*ActionTypeHolder) UnmarshalJSON

func (holder *ActionTypeHolder) UnmarshalJSON(data []byte) error

func (*ActionTypeHolder) UnmarshalYAML

func (holder *ActionTypeHolder) UnmarshalYAML(unmarshal func(interface{}) error) error

type Browser

type Browser struct {
	// contains filtered or unexported fields
}

Browser is a browser structure for nuclei headless module

func New

func New(options *types.Options) (*Browser, error)

New creates a new nuclei headless browser module

func (*Browser) Close

func (b *Browser) Close()

Close closes the browser engine

func (*Browser) NewInstance

func (b *Browser) NewInstance() (*Instance, error)

NewInstance creates a new instance for the current browser.

The login process is repeated only once for a browser, and the created isolated browser instance is used for entire navigation one by one.

Users can also choose to run the login->actions process again which uses a new incognito browser instance to run actions.

func (*Browser) SetUserAgent

func (b *Browser) SetUserAgent(customUserAgent string)

SetUserAgent sets custom user agent to the browser

func (*Browser) UserAgent

func (b *Browser) UserAgent() string

UserAgent fetch the currently set custom user agent

type Hijack

type Hijack struct {
	// contains filtered or unexported fields
}

Hijack is a hijack handler

func NewHijack

func NewHijack(page *rod.Page) *Hijack

NewHijack create hijack from page.

func (*Hijack) SetPattern

func (h *Hijack) SetPattern(pattern *proto.FetchRequestPattern)

SetPattern set pattern directly

func (*Hijack) Start

func (h *Hijack) Start(handler HijackHandler) func() error

Start hijack.

func (*Hijack) Stop

func (h *Hijack) Stop() error

Stop

type HijackHandler

type HijackHandler = func(e *proto.FetchRequestPaused) error

HijackHandler type

type HistoryData

type HistoryData struct {
	RawRequest  string
	RawResponse string
}

HistoryData contains the page request/response pairs

type Instance

type Instance struct {
	// contains filtered or unexported fields
}

Instance is an isolated browser instance opened for doing operations with it.

func (*Instance) Close

func (i *Instance) Close() error

Close closes all the tabs and pages for a browser instance

func (*Instance) GetRequestLog

func (i *Instance) GetRequestLog() map[string]string

returns a map of [template-defined-urls] -> [actual-request-sent] Note: this does not include CORS or other requests while rendering that were not explicitly specified in template

func (*Instance) Run

func (i *Instance) Run(input *contextargs.Context, actions []*Action, payloads map[string]interface{}, options *Options) (ActionData, *Page, error)

Run runs a list of actions by creating a new page in the browser.

func (*Instance) SetInteractsh

func (i *Instance) SetInteractsh(interactsh *interactsh.Client)

SetInteractsh client

type Options

type Options struct {
	Timeout       time.Duration
	DisableCookie bool
	Options       *types.Options
}

Options contains additional configuration options for the browser instance

type Page

type Page struct {
	History        []HistoryData
	InteractshURLs []string
	// contains filtered or unexported fields
}

Page is a single page in an isolated browser instance

func (*Page) ActionAddHeader

func (p *Page) ActionAddHeader(act *Action, out ActionData) error

ActionAddHeader executes a AddHeader action.

func (*Page) ActionDeleteHeader

func (p *Page) ActionDeleteHeader(act *Action, out ActionData) error

ActionDeleteHeader executes a DeleteHeader action.

func (*Page) ActionSetBody

func (p *Page) ActionSetBody(act *Action, out ActionData) error

ActionSetBody executes a SetBody action.

func (*Page) ActionSetHeader

func (p *Page) ActionSetHeader(act *Action, out ActionData) error

ActionSetHeader executes a SetHeader action.

func (*Page) ActionSetMethod

func (p *Page) ActionSetMethod(act *Action, out ActionData) error

ActionSetMethod executes an SetMethod action.

func (*Page) Browser

func (p *Page) Browser() *rod.Browser

Browser returns the browser that created the current page

func (*Page) ClickElement

func (p *Page) ClickElement(act *Action, out ActionData) error

ClickElement executes click actions for an element.

func (*Page) Close

func (p *Page) Close()

Close closes a browser page

func (*Page) DebugAction

func (p *Page) DebugAction(act *Action, out ActionData) error

DebugAction enables debug action on a page.

func (*Page) DumpHistory

func (p *Page) DumpHistory() string

DumpHistory returns the full page navigation history

func (*Page) ExecuteActions

func (p *Page) ExecuteActions(input *contextargs.Context, actions []*Action, variables map[string]interface{}) (outData ActionData, err error)

ExecuteActions executes a list of actions on a page.

func (*Page) ExtractElement

func (p *Page) ExtractElement(act *Action, out ActionData) error

ExtractElement extracts from an element on the page.

func (*Page) FilesInput

func (p *Page) FilesInput(act *Action, out ActionData) error

FilesInput acts with a file input element on page

func (*Page) GetResource

func (p *Page) GetResource(act *Action, out ActionData) error

GetResource gets a resource from an element from page.

func (*Page) HandleDialog

func (p *Page) HandleDialog(act *Action, out ActionData) error

HandleDialog handles JavaScript dialog (alert, confirm, prompt, or onbeforeunload).

func (*Page) InputElement

func (p *Page) InputElement(act *Action, out ActionData) error

InputElement executes input element actions for an element.

func (*Page) KeyboardAction

func (p *Page) KeyboardAction(act *Action, out ActionData) error

KeyboardAction executes a keyboard action on the page.

func (*Page) NavigateURL

func (p *Page) NavigateURL(action *Action, out ActionData, allvars map[string]interface{}) error

NavigateURL executes an ActionLoadURL actions loading a URL for the page.

func (*Page) Page

func (p *Page) Page() *rod.Page

Page returns the current page for the actions

func (*Page) RightClickElement

func (p *Page) RightClickElement(act *Action, out ActionData) error

RightClickElement executes right click actions for an element.

func (*Page) RunScript

func (p *Page) RunScript(action *Action, out ActionData) error

RunScript runs a script on the loaded page

func (*Page) Screenshot

func (p *Page) Screenshot(act *Action, out ActionData) error

Screenshot executes screenshot action on a page

func (*Page) SelectInputElement

func (p *Page) SelectInputElement(act *Action, out ActionData) error

SelectInputElement executes select input statement action on a element

func (*Page) SleepAction

func (p *Page) SleepAction(act *Action, out ActionData) error

SleepAction sleeps on the page for a specified duration

func (*Page) Sleeper

func (p *Page) Sleeper(pollTimeout, timeout time.Duration) *Page

func (*Page) TimeInputElement

func (p *Page) TimeInputElement(act *Action, out ActionData) error

TimeInputElement executes time input on an element

func (*Page) Timeout

func (p *Page) Timeout(timeout time.Duration) *Page

func (*Page) URL

func (p *Page) URL() string

URL returns the URL for the current page.

func (*Page) WaitEvent

func (p *Page) WaitEvent(act *Action, out ActionData) (func() error, error)

WaitEvent waits for an event to happen on the page.

func (*Page) WaitPageLifecycleEvent

func (p *Page) WaitPageLifecycleEvent(act *Action, out ActionData, event proto.PageLifecycleEventName) error

WaitPageLifecycleEvent waits for specified page lifecycle event name

func (*Page) WaitStable

func (p *Page) WaitStable(act *Action, out ActionData) error

WaitStable waits until the page is stable

func (*Page) WaitVisible

func (p *Page) WaitVisible(act *Action, out ActionData) error

WaitVisible waits until an element appears.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL