matchers

package
v3.3.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 21, 2024 License: MIT Imports: 20 Imported by: 15

Documentation

Overview

Package matchers implements matchers for http response matching with templates.

Index

Constants

This section is empty.

Variables

View Source
var ConditionTypes = map[string]ConditionType{
	"and": ANDCondition,
	"or":  ORCondition,
}

ConditionTypes is a table for conversion of condition type from string.

View Source
var MatcherTypes = map[MatcherType]string{
	StatusMatcher: "status",
	SizeMatcher:   "size",
	WordsMatcher:  "word",
	RegexMatcher:  "regex",
	BinaryMatcher: "binary",
	DSLMatcher:    "dsl",
	XPathMatcher:  "xpath",
}

MatcherTypes is a table for conversion of matcher type from string.

Functions

This section is empty.

Types

type ConditionType

type ConditionType int

ConditionType is the type of condition for matcher

const (
	// ANDCondition matches responses with AND condition in arguments.
	ANDCondition ConditionType = iota + 1
	// ORCondition matches responses with AND condition in arguments.
	ORCondition
)

type Matcher

type Matcher struct {
	// description: |
	//   Type is the type of the matcher.
	Type MatcherTypeHolder `` /* 154-byte string literal not displayed */
	// description: |
	//   Condition is the optional condition between two matcher variables. By default,
	//   the condition is assumed to be OR.
	// values:
	//   - "and"
	//   - "or"
	Condition string `` /* 177-byte string literal not displayed */

	// description: |
	//   Part is the part of the request response to match data from.
	//
	//   Each protocol exposes a lot of different parts which are well
	//   documented in docs for each request type.
	// examples:
	//   - value: "\"body\""
	//   - value: "\"raw\""
	Part string `` /* 136-byte string literal not displayed */

	// description: |
	//   Negative specifies if the match should be reversed
	//   It will only match if the condition is not true.
	Negative bool `` /* 219-byte string literal not displayed */

	// description: |
	//   Name of the matcher. Name should be lowercase and must not contain
	//   spaces or underscores (_).
	// examples:
	//   - value: "\"cookie-matcher\""
	Name string `yaml:"name,omitempty" json:"name,omitempty" jsonschema:"title=name of the matcher,description=Name of the matcher"`
	// description: |
	//   Status are the acceptable status codes for the response.
	// examples:
	//   - value: >
	//       []int{200, 302}
	Status []int `` /* 127-byte string literal not displayed */
	// description: |
	//   Size is the acceptable size for the response
	// examples:
	//   - value: >
	//       []int{3029, 2042}
	Size []int `` /* 148-byte string literal not displayed */
	// description: |
	//   Words contains word patterns required to be present in the response part.
	// examples:
	//   - name: Match for Outlook mail protection domain
	//     value: >
	//       []string{"mail.protection.outlook.com"}
	//   - name: Match for application/json in response headers
	//     value: >
	//       []string{"application/json"}
	Words []string `` /* 177-byte string literal not displayed */
	// description: |
	//   Regex contains Regular Expression patterns required to be present in the response part.
	// examples:
	//   - name: Match for Linkerd Service via Regex
	//     value: >
	//       []string{`(?mi)^Via\\s*?:.*?linkerd.*$`}
	//   - name: Match for Open Redirect via Location header
	//     value: >
	//       []string{`(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)example\\.com.*$`}
	Regex []string `` /* 177-byte string literal not displayed */
	// description: |
	//   Binary are the binary patterns required to be present in the response part.
	// examples:
	//   - name: Match for Springboot Heapdump Actuator "JAVA PROFILE", "HPROF", "Gunzip magic byte"
	//     value: >
	//       []string{"4a4156412050524f46494c45", "4850524f46", "1f8b080000000000"}
	//   - name: Match for 7zip files
	//     value: >
	//       []string{"377ABCAF271C"}
	Binary []string `` /* 190-byte string literal not displayed */
	// description: |
	//   DSL are the dsl expressions that will be evaluated as part of nuclei matching rules.
	//   A list of these helper functions are available [here](https://nuclei.projectdiscovery.io/templating-guide/helper-functions/).
	// examples:
	//   - name: DSL Matcher for package.json file
	//     value: >
	//       []string{"contains(body, 'packages') && contains(tolower(all_headers), 'application/octet-stream') && status_code == 200"}
	//   - name: DSL Matcher for missing strict transport security header
	//     value: >
	//       []string{"!contains(tolower(all_headers), ”strict-transport-security”)"}
	DSL []string `` /* 193-byte string literal not displayed */
	// description: |
	//   XPath are the xpath queries expressions that will be evaluated against the response part.
	// examples:
	//   - name: XPath Matcher to check a title
	//     value: >
	//       []string{"/html/head/title[contains(text(), 'How to Find XPath')]"}
	//   - name: XPath Matcher for finding links with target="_blank"
	//     value: >
	//       []string{"//a[@target=\"_blank\"]"}
	XPath []string `` /* 213-byte string literal not displayed */
	// description: |
	//   Encoding specifies the encoding for the words field if any.
	// values:
	//   - "hex"
	Encoding string `` /* 153-byte string literal not displayed */
	// description: |
	//   CaseInsensitive enables case-insensitive matches. Default is false.
	// values:
	//   - false
	//   - true
	CaseInsensitive bool `` /* 152-byte string literal not displayed */
	// description: |
	//   MatchAll enables matching for all matcher values. Default is false.
	// values:
	//   - false
	//   - true
	MatchAll bool `` /* 145-byte string literal not displayed */
	// description: |
	//  Internal when true hides the matcher from output. Default is false.
	// It is meant to be used in multiprotocol / flow templates to create internal matcher condition without printing it in output.
	// or other similar use cases.
	// values:
	//   - false
	//   - true
	Internal bool `` /* 132-byte string literal not displayed */
	// contains filtered or unexported fields
}

Matcher is used to match a part in the output from a protocol.

func (*Matcher) CompileMatchers

func (matcher *Matcher) CompileMatchers() error

CompileMatchers performs the initial setup operation on a matcher

func (*Matcher) GetCondition

func (matcher *Matcher) GetCondition() ConditionType

GetType returns the condition type of the matcher todo: the field should be exposed natively

func (*Matcher) GetType

func (matcher *Matcher) GetType() MatcherType

GetType returns the type of the matcher

func (*Matcher) MatchBinary

func (matcher *Matcher) MatchBinary(corpus string) (bool, []string)

MatchBinary matches a binary check against a corpus

func (*Matcher) MatchDSL

func (matcher *Matcher) MatchDSL(data map[string]interface{}) bool

MatchDSL matches on a generic map result

func (*Matcher) MatchHTML

func (matcher *Matcher) MatchHTML(corpus string) bool

MatchHTML matches items from HTML using XPath selectors

func (*Matcher) MatchRegex

func (matcher *Matcher) MatchRegex(corpus string) (bool, []string)

MatchRegex matches a regex check against a corpus

func (*Matcher) MatchSize

func (matcher *Matcher) MatchSize(length int) bool

MatchSize matches a size check against a corpus

func (*Matcher) MatchStatusCode

func (matcher *Matcher) MatchStatusCode(statusCode int) bool

MatchStatusCode matches a status code check against a corpus

func (*Matcher) MatchWords

func (matcher *Matcher) MatchWords(corpus string, data map[string]interface{}) (bool, []string)

MatchWords matches a word check against a corpus.

func (*Matcher) MatchXML

func (matcher *Matcher) MatchXML(corpus string) bool

MatchXML matches items from XML using XPath selectors

func (*Matcher) MatchXPath

func (matcher *Matcher) MatchXPath(corpus string) bool

MatchXPath matches on a generic map result

func (*Matcher) Result

func (matcher *Matcher) Result(data bool) bool

Result reverts the results of the match if the matcher is of type negative.

func (*Matcher) ResultWithMatchedSnippet

func (matcher *Matcher) ResultWithMatchedSnippet(data bool, matchedSnippet []string) (bool, []string)

ResultWithMatchedSnippet returns true and the matched snippet, or false and an empty string

func (*Matcher) Validate

func (matcher *Matcher) Validate() error

Validate perform initial validation on the matcher structure

type MatcherType

type MatcherType int

MatcherType is the type of the matcher specified

const (
	// name:word
	WordsMatcher MatcherType = iota + 1
	// name:regex
	RegexMatcher
	// name:binary
	BinaryMatcher
	// name:status
	StatusMatcher
	// name:size
	SizeMatcher
	// name:dsl
	DSLMatcher
	// name:xpath
	XPathMatcher
)

name:MatcherType

func GetSupportedMatcherTypes

func GetSupportedMatcherTypes() []MatcherType

GetSupportedMatcherTypes returns list of supported types

func (MatcherType) String

func (t MatcherType) String() string

type MatcherTypeHolder

type MatcherTypeHolder struct {
	MatcherType MatcherType `mapping:"true"`
}

MatcherTypeHolder is used to hold internal type of the matcher

func (MatcherTypeHolder) JSONSchema added in v3.2.4

func (holder MatcherTypeHolder) JSONSchema() *jsonschema.Schema

func (MatcherTypeHolder) MarshalJSON

func (holder MatcherTypeHolder) MarshalJSON() ([]byte, error)

func (MatcherTypeHolder) MarshalYAML

func (holder MatcherTypeHolder) MarshalYAML() (interface{}, error)

func (MatcherTypeHolder) String

func (t MatcherTypeHolder) String() string

func (*MatcherTypeHolder) UnmarshalJSON

func (holder *MatcherTypeHolder) UnmarshalJSON(data []byte) error

func (*MatcherTypeHolder) UnmarshalYAML

func (holder *MatcherTypeHolder) UnmarshalYAML(unmarshal func(interface{}) error) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL