Skip to content

Fix: sometimes dnslog request record is uppercase caused by nuclei templates uneffective #4697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jan 30, 2024
Merged

Fix: sometimes dnslog request record is uppercase caused by nuclei templates uneffective #4697

merged 3 commits into from
Jan 30, 2024

Conversation

@monitor403
Copy link
Contributor

@monitor403 monitor403 commented Jan 29, 2024
edited
Loading

BackGround

Recently, when I was using nuclei to scan for vulnerabilities, I found that when nuclei was verifying dnslog-related vulnerabilities, I found that there would be uppercase of dnslog records leading to the failure of nuclei's templates regular matching, resulting in the inability to effectively detect the vulnerability
Picture1: dnslog Uppercase logs fail to detect vulnerabilities
image
Picture2: dnslog Lowercase logging detects vulnerability
image
Picture3: dnslog related templates can't match uppercase
image
Picture4: nuclei-templates
image

Proposed changes

Convert uppercase letters to lowercase to ensure proper detection.
image

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@tarunKoyalwar tarunKoyalwar self-requested a review January 30, 2024 14:55
tarunKoyalwar
tarunKoyalwar approved these changes Jan 30, 2024
View reviewed changes
Copy link
Member

@tarunKoyalwar tarunKoyalwar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm !

  • minor change ( only convert req to lower case if interactsh_protocol is dns )

@olearycrew
Copy link
Contributor

olearycrew commented Jan 30, 2024

Thanks for this contribution @monitor403 !

@ehsandeep ehsandeep merged commit c32acd0 into projectdiscovery:dev Jan 30, 2024
@BrewTestBot BrewTestBot mentioned this pull request Jan 31, 2024
Merged
@Mzack9999 Mzack9999 mentioned this pull request Mar 21, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@tarunKoyalwar tarunKoyalwar tarunKoyalwar approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@monitor403 @olearycrew @ehsandeep @tarunKoyalwar