protocols

package
v3.3.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 21, 2024 License: MIT Imports: 32 Imported by: 31

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	MaxTemplateFileSizeForEncoding = unitutils.Mega
)

Functions

func MakeDefaultExtractFunc

func MakeDefaultExtractFunc(data map[string]interface{}, extractor *extractors.Extractor) map[string]struct{}

MakeDefaultExtractFunc performs extracting operation for an extractor on model and returns true or false.

func MakeDefaultMatchFunc

func MakeDefaultMatchFunc(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string)

MakeDefaultMatchFunc performs matching operation for a matcher on model and returns true or false.

func MakeDefaultResultEvent

func MakeDefaultResultEvent(request Request, wrapped *output.InternalWrappedEvent) []*output.ResultEvent

Types

type Executer

type Executer interface {
	// Compile compiles the execution generators preparing any requests possible.
	Compile() error
	// Requests returns the total number of requests the rule will perform
	Requests() int
	// Execute executes the protocol group and returns true or false if results were found.
	Execute(ctx *scan.ScanContext) (bool, error)
	// ExecuteWithResults executes the protocol requests and returns results instead of writing them.
	ExecuteWithResults(ctx *scan.ScanContext) ([]*output.ResultEvent, error)
}

Executer is an interface implemented any protocol based request executer.

type ExecutorOptions

type ExecutorOptions struct {
	// TemplateID is the ID of the template for the request
	TemplateID string
	// TemplatePath is the path of the template for the request
	TemplatePath string
	// TemplateInfo contains information block of the template request
	TemplateInfo model.Info
	// TemplateVerifier is the verifier for the template
	TemplateVerifier string
	// RawTemplate is the raw template for the request
	RawTemplate []byte
	// Output is a writer interface for writing output events from executer.
	Output output.Writer
	// Options contains configuration options for the executer.
	Options *types.Options
	// IssuesClient is a client for nuclei issue tracker reporting
	IssuesClient reporting.Client
	// Progress is a progress client for scan reporting
	Progress progress.Progress
	// RateLimiter is a rate-limiter for limiting sent number of requests.
	RateLimiter *ratelimit.Limiter
	// Catalog is a template catalog implementation for nuclei
	Catalog catalog.Catalog
	// ProjectFile is the project file for nuclei
	ProjectFile *projectfile.ProjectFile
	// Browser is a browser engine for running headless templates
	Browser *engine.Browser
	// Interactsh is a client for interactsh oob polling server
	Interactsh *interactsh.Client
	// HostErrorsCache is an optional cache for handling host errors
	HostErrorsCache hosterrorscache.CacheInterface
	// Stop execution once first match is found (Assigned while parsing templates)
	// Note: this is different from Options.StopAtFirstMatch (Assigned from CLI option)
	StopAtFirstMatch bool
	// Variables is a list of variables from template
	Variables variables.Variable
	// Constants is a list of constants from template
	Constants map[string]interface{}
	// ExcludeMatchers is the list of matchers to exclude
	ExcludeMatchers *excludematchers.ExcludeMatchers
	// InputHelper is a helper for input normalization
	InputHelper *input.Helper
	// FuzzParamsFrequency is a cache for parameter frequency
	FuzzParamsFrequency *frequency.Tracker

	Operators []*operators.Operators // only used by offlinehttp module

	// DoNotCache bool disables optional caching of the templates structure
	DoNotCache bool

	Colorizer      aurora.Aurora
	WorkflowLoader model.WorkflowLoader
	ResumeCfg      *types.ResumeCfg
	// ProtocolType is the type of the template
	ProtocolType templateTypes.ProtocolType
	// Flow is execution flow for the template (written in javascript)
	Flow string
	// IsMultiProtocol is true if template has more than one protocol
	IsMultiProtocol bool

	// JsCompiler is abstracted javascript compiler which adds node modules and provides execution
	// environment for javascript templates
	JsCompiler *compiler.Compiler
	// AuthProvider is a provider for auth strategies
	AuthProvider authprovider.AuthProvider
	//TemporaryDirectory is the directory to store temporary files
	TemporaryDirectory string
	Parser             parser.Parser
	// ExportReqURLPattern exports the request URL pattern
	// in ResultEvent it contains the exact url pattern (ex: {{BaseURL}}/{{randstr}}/xyz) used in the request
	ExportReqURLPattern bool
	// GlobalMatchers is the storage for global matchers with http passive templates
	GlobalMatchers *globalmatchers.Storage
	// contains filtered or unexported fields
}

ExecutorOptions contains the configuration options for executer clients

func (*ExecutorOptions) AddTemplateVar

func (e *ExecutorOptions) AddTemplateVar(input *contextargs.MetaInput, templateType templateTypes.ProtocolType, reqID string, key string, value interface{})

AddTemplateVar adds given var to template context with given template type as prefix this method is no-op if template is not multi protocol

func (*ExecutorOptions) AddTemplateVars

func (e *ExecutorOptions) AddTemplateVars(input *contextargs.MetaInput, reqType templateTypes.ProtocolType, reqID string, vars map[string]interface{})

AddTemplateVars adds vars to template context with given template type as prefix this method is no-op if template is not multi protocol

func (ExecutorOptions) Copy

Copy returns a copy of the executeroptions structure

func (*ExecutorOptions) CreateTemplateCtxStore

func (e *ExecutorOptions) CreateTemplateCtxStore()

CreateTemplateCtxStore creates template context store (which contains templateCtx for every scan)

func (*ExecutorOptions) EncodeTemplate added in v3.0.4

func (e *ExecutorOptions) EncodeTemplate() string

func (*ExecutorOptions) GetTemplateCtx

func (e *ExecutorOptions) GetTemplateCtx(input *contextargs.MetaInput) *contextargs.Context

GetTemplateCtx returns template context for given input

func (*ExecutorOptions) GetThreadsForNPayloadRequests added in v3.1.9

func (e *ExecutorOptions) GetThreadsForNPayloadRequests(totalRequests int, currentThreads int) int

GetThreadsForPayloadRequests returns the number of threads to use as default for given max-request of payloads

func (*ExecutorOptions) HasTemplateCtx added in v3.1.6

func (e *ExecutorOptions) HasTemplateCtx(input *contextargs.MetaInput) bool

HasTemplateCtx returns true if template context exists for given input

func (*ExecutorOptions) RateLimitTake added in v3.2.5

func (eo *ExecutorOptions) RateLimitTake()

todo: centralizing components is not feasible with current clogged architecture a possible approach could be an internal event bus with pub-subs? This would be less invasive than reworking dep injection from scratch

func (*ExecutorOptions) RemoveTemplateCtx

func (e *ExecutorOptions) RemoveTemplateCtx(input *contextargs.MetaInput)

RemoveTemplateCtx removes template context of given scan from store

type OutputEventCallback

type OutputEventCallback func(result *output.InternalWrappedEvent)

OutputEventCallback is a callback event for any results found during scanning.

type Request

type Request interface {
	// Compile compiles the request generators preparing any requests possible.
	Compile(options *ExecutorOptions) error
	// Requests returns the total number of requests the rule will perform
	Requests() int
	// GetID returns the ID for the request if any. IDs are used for multi-request
	// condition matching. So, two requests can be sent and their match can
	// be evaluated from the third request by using the IDs for both requests.
	GetID() string
	// Match performs matching operation for a matcher on model and returns:
	// true and a list of matched snippets if the matcher type is supports it
	// otherwise false and an empty string slice
	Match(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string)
	// Extract performs extracting operation for an extractor on model and returns true or false.
	Extract(data map[string]interface{}, matcher *extractors.Extractor) map[string]struct{}
	// ExecuteWithResults executes the protocol requests and returns results instead of writing them.
	ExecuteWithResults(input *contextargs.Context, dynamicValues, previous output.InternalEvent, callback OutputEventCallback) error
	// MakeResultEventItem creates a result event from internal wrapped event. Intended to be used by MakeResultEventItem internally
	MakeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent
	// MakeResultEvent creates a flat list of result events from an internal wrapped event, based on successful matchers and extracted data
	MakeResultEvent(wrapped *output.InternalWrappedEvent) []*output.ResultEvent
	// GetCompiledOperators returns a list of the compiled operators
	GetCompiledOperators() []*operators.Operators
	// Type returns the type of the protocol request
	Type() templateTypes.ProtocolType
}

Request is an interface implemented any protocol based request generator.

Directories

Path Synopsis
common
automaticscan
Package automaticscan implements automatic technology based template execution for a nuclei instance.
Package automaticscan implements automatic technology based template execution for a nuclei instance.
contextargs
Package contextargs implements a generic entity for shared context within workflows
Package contextargs implements a generic entity for shared context within workflows
helpers/deserialization
Package deserialization implements helpers for deserialization issues in nuclei.
Package deserialization implements helpers for deserialization issues in nuclei.
dns
raw
Package raw provides raw http request parsing abilities for nuclei.
Package raw provides raw http request parsing abilities for nuclei.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL