Skip to content

Commit 2b4b058

Browse files
alban-stourbe-wmxtarunKoyalwar
alban-stourbe-wmx
and
tarunKoyalwar
authored
handle env variables in dynamic secret file (#5835)
* handle env variables in dynamic secret file * inject more variables from -v and -env-vars * use expand with env * fix missing replacer --------- Co-authored-by: Tarun Koyalwar <[email protected]>
1 parent 63687c2 commit 2b4b058

File tree

1 file changed

+22
-0
lines changed

1 file changed

+22
-0
lines changed

internal/runner/lazy.go

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,16 +3,20 @@ package runner
33
import (
44
"context"
55
"fmt"
6+
"strings"
67

78
"github.com/projectdiscovery/nuclei/v3/pkg/authprovider/authx"
89
"github.com/projectdiscovery/nuclei/v3/pkg/catalog"
910
"github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader"
1011
"github.com/projectdiscovery/nuclei/v3/pkg/output"
1112
"github.com/projectdiscovery/nuclei/v3/pkg/protocols"
1213
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
14+
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/generators"
1315
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/helpers/writer"
16+
"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/replacer"
1417
"github.com/projectdiscovery/nuclei/v3/pkg/scan"
1518
"github.com/projectdiscovery/nuclei/v3/pkg/types"
19+
"github.com/projectdiscovery/utils/env"
1620
errorutil "github.com/projectdiscovery/utils/errors"
1721
)
1822

@@ -75,7 +79,25 @@ func GetLazyAuthFetchCallback(opts *AuthLazyFetchOptions) authx.LazyFetchSecret
7579
vars := map[string]interface{}{}
7680
mainCtx := context.Background()
7781
ctx := scan.NewScanContext(mainCtx, contextargs.NewWithInput(mainCtx, d.Input))
82+
83+
cliVars := map[string]interface{}{}
84+
if opts.ExecOpts.Options != nil {
85+
// gets variables passed from cli -v and -env-vars
86+
cliVars = generators.BuildPayloadFromOptions(opts.ExecOpts.Options)
87+
}
88+
7889
for _, v := range d.Variables {
90+
// Check if the template has any env variables and expand them
91+
if strings.HasPrefix(v.Value, "$") {
92+
env.ExpandWithEnv(&v.Value)
93+
}
94+
if strings.Contains(v.Value, "{{") {
95+
// if variables had value like {{username}}, then replace it with the value from cliVars
96+
// variables:
97+
// - key: username
98+
// value: {{username}}
99+
v.Value = replacer.Replace(v.Value, cliVars)
100+
}
79101
vars[v.Key] = v.Value
80102
ctx.Input.Add(v.Key, v.Value)
81103
}

0 commit comments

Comments
 (0)