Skip to content

fix nuclei loading ignored templates #4849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 9, 2024
Merged

fix nuclei loading ignored templates #4849

merged 4 commits into from
Mar 9, 2024

Conversation

@tarunKoyalwar
Copy link
Member

@tarunKoyalwar tarunKoyalwar commented Mar 7, 2024
edited
Loading

Proposed Changes

Debug Data

 ./nuclei -tags dos -tl -debug

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.2.0-dev

		projectdiscovery.io

[INF] exclude tags: [fuzz dos local brute-force bruteforce] , tags: [dos]
[INF] Loaded template /Users/tarun/nuclei-templates/http/vulnerabilities/wordpress/wordpress-wp-cron.yaml
[INF] Loaded template /Users/tarun/nuclei-templates/http/cves/2019/CVE-2019-15043.yaml
[DBG] templateTag: 'cve', blocked: 'false', allowed: 'false' excluded: map[brute-force:{} bruteforce:{} fuzz:{} local:{}]
[DBG] templateTag: 'cve2020', blocked: 'false', allowed: 'false' excluded: map[brute-force:{} bruteforce:{} fuzz:{} local:{}]
[DBG] templateTag: 'dos', blocked: 'false', allowed: 'false' excluded: map[brute-force:{} bruteforce:{} fuzz:{} local:{}]
[DBG] templateTag: 'cisco', blocked: 'false', allowed: 'false' excluded: map[brute-force:{} bruteforce:{} fuzz:{} local:{}]
[DBG] templateTag: 'packetstorm', blocked: 'false', allowed: 'false' excluded: map[brute-force:{} bruteforce:{} fuzz:{} local:{}]
[INF] Loaded template /Users/tarun/nuclei-templates/http/cves/2020/CVE-2020-16139.yaml

After fix

$ ./nuclei -tags dos -tl                                                                                          130 ↵

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.2.0-dev

		projectdiscovery.io


Listing available v9.7.7 nuclei templates for /Users/tarun/nuclei-templates

@tarunKoyalwar tarunKoyalwar self-assigned this Mar 7, 2024
@tarunKoyalwar tarunKoyalwar changed the title fix tag include logic fix nuclei loading ignored templates Mar 7, 2024
@tarunKoyalwar tarunKoyalwar marked this pull request as ready for review March 7, 2024 11:04
@tarunKoyalwar tarunKoyalwar requested a review from ehsandeep March 7, 2024 11:05
@tarunKoyalwar
Copy link
Member Author

tarunKoyalwar commented Mar 7, 2024

Fix Extractor Output Quoting

Before

$  nuclei -u scanme.sh -t b.yaml 

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.1.10

		projectdiscovery.io

[INF] Current nuclei version: v3.1.10 (latest)
[INF] Current nuclei-templates version: v9.7.7 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 82
[INF] Templates loaded for current scan: 1
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[ssh-server-enumeration] [javascript] [info] scanme.sh:22 ["{\"algorithm_selection\":{\"client_to_server_alg_group\":{\"cipher\":\"aes128-ctr\",\"compression\":\"none\",\"mac\":\"hmac-sha2-256\"},\"dh_kex_algorithm\":\"[email protected]\",\"host_key_algorithm\":\"ecdsa-sha2-nistp256\",\"server_to_client_alg_group\":{\"cipher\":\"aes128-ctr\",\"compression\":\"none\",\"mac\":\"hmac-sha2-256\"}},\"key_exchange\":{\"curve25519_sha256_params\":{\"server_public\":\"r4IBQqSmCCOseSUR07CNAuUMVSiK/b6gn8rESTSVnyk=\"},\"server_host_key\":{\"algorithm\":\"ecdsa-sha2-nistp256\",\"ecdsa_public_key\":{\"b\":\"WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=\",\"curve\":\"P-256\",\"gx\":\"axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=\",\"gy\":\"T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=\",\"length\":256,\"n\":\"/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=\",\"p\":\"/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=\",\"x\":\"z26Q0tpPfVKxgLHzuj0SxaECCYLqlIm5tNy3Fz5KsUw=\",\"y\":\"tjGcTXlRlQy67VjJLj5iqO3X+VvGEFw2bkRSSsHHrCg=\"},\"fingerprint_sha256\":\"28cdf69e089470409de139506f5f33fdcc5b747641d974da3236863aa8a98ca5\",\"raw\":\"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM9ukNLaT31SsYCx87o9EsWhAgmC6pSJubTctxc+SrFMtjGcTXlRlQy67VjJLj5iqO3X+VvGEFw2bkRSSsHHrCg=\"},\"server_signature\":{\"h\":\"DP4kYTRy8A27n0IAQpBW64r/8hCsCrSjGriCakZH6p4=\",\"parsed\":{\"algorithm\":\"ecdsa-sha2-nistp256\",\"value\":\"AAAAIFnxNmWZH48p2Pu7waDQe9WHtrPVtt9nJyTreQeg3CopAAAAIQCh9C4DUBMeDMiaFHmOY9vH0xN3ZZy5lUWeKkg5kITFKw==\"},\"raw\":\"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABJAAAAIFnxNmWZH48p2Pu7waDQe9WHtrPVtt9nJyTreQeg3CopAAAAIQCh9C4DUBMeDMiaFHmOY9vH0xN3ZZy5lUWeKkg5kITFKw==\"}},\"server_id\":{\"comment\":\"Ubuntu-4ubuntu0.11\",\"raw\":\"SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11\",\"software\":\"OpenSSH_8.2p1\",\"version\":\"2.0\"},\"server_key_exchange\":{\"client_to_server_ciphers\":[\"[email protected]\",\"aes128-ctr\",\"aes192-ctr\",\"aes256-ctr\",\"[email protected]\",\"[email protected]\"],\"client_to_server_compression\":[\"none\",\"[email protected]\"],\"client_to_server_macs\":[\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"hmac-sha2-256\",\"hmac-sha2-512\",\"hmac-sha1\"],\"cookie\":\"SdMYt67sEXFm3AAJ0tQBVQ==\",\"first_kex_follows\":false,\"host_key_algorithms\":[\"rsa-sha2-512\",\"rsa-sha2-256\",\"ssh-rsa\",\"ecdsa-sha2-nistp256\",\"ssh-ed25519\"],\"kex_algorithms\":[\"curve25519-sha256\",\"[email protected]\",\"ecdh-sha2-nistp256\",\"ecdh-sha2-nistp384\",\"ecdh-sha2-nistp521\",\"diffie-hellman-group-exchange-sha256\",\"diffie-hellman-group16-sha512\",\"diffie-hellman-group18-sha512\",\"diffie-hellman-group14-sha256\",\"[email protected]\"],\"reserved\":0,\"server_to_client_ciphers\":[\"[email protected]\",\"aes128-ctr\",\"aes192-ctr\",\"aes256-ctr\",\"[email protected]\",\"[email protected]\"],\"server_to_client_compression\":[\"none\",\"[email protected]\"],\"server_to_client_macs\":[\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"[email protected]\",\"hmac-sha2-256\",\"hmac-sha2-512\",\"hmac-sha1\"]},\"userauth\":[\"publickey\",\"password\"]}"]

After fix

$  ./nuclei -u scanme.sh -t b.yaml                                                                                130 ↵

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.2.0-dev

		projectdiscovery.io

[INF] Current nuclei version: v3.2.0-dev (development)
[INF] Current nuclei-templates version: v9.7.7 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 82
[INF] Templates loaded for current scan: 1
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[ssh-server-enumeration] [javascript] [info] scanme.sh:22 [{"algorithm_selection":{"client_to_server_alg_group":{"cipher":"aes128-ctr","compression":"none","mac":"hmac-sha2-256"},"dh_kex_algorithm":"[email protected]","host_key_algorithm":"ecdsa-sha2-nistp256","server_to_client_alg_group":{"cipher":"aes128-ctr","compression":"none","mac":"hmac-sha2-256"}},"key_exchange":{"curve25519_sha256_params":{"server_public":"wO26y2nZaRVsfA4N+Mg4GGbVrdC5Uyg/SMAL5ZP8en8="},"server_host_key":{"algorithm":"ecdsa-sha2-nistp256","ecdsa_public_key":{"b":"WsY12Ko6k+ez671VdpiGvGUdBrDMU7D2O848PifSYEs=","curve":"P-256","gx":"axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpY=","gy":"T+NC4v4af5uO5+tKfA+eFivOM1drMV7Oy7ZAaDe/UfU=","length":256,"n":"/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVE=","p":"/////wAAAAEAAAAAAAAAAAAAAAD///////////////8=","x":"z26Q0tpPfVKxgLHzuj0SxaECCYLqlIm5tNy3Fz5KsUw=","y":"tjGcTXlRlQy67VjJLj5iqO3X+VvGEFw2bkRSSsHHrCg="},"fingerprint_sha256":"28cdf69e089470409de139506f5f33fdcc5b747641d974da3236863aa8a98ca5","raw":"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBM9ukNLaT31SsYCx87o9EsWhAgmC6pSJubTctxc+SrFMtjGcTXlRlQy67VjJLj5iqO3X+VvGEFw2bkRSSsHHrCg="},"server_signature":{"h":"+2HX1oD0d4f7PcIrbgbTZNhQIhv7/veovrmelJtyZ60=","parsed":{"algorithm":"ecdsa-sha2-nistp256","value":"AAAAIAv7MuZznwERud2Roav/auAUO+tsqJDnphvzUK01QJHJAAAAIQCMePseY4FPovt9AiPWaw0JaT1HV0Zp3D3tbFyVeEZFsA=="},"raw":"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABJAAAAIAv7MuZznwERud2Roav/auAUO+tsqJDnphvzUK01QJHJAAAAIQCMePseY4FPovt9AiPWaw0JaT1HV0Zp3D3tbFyVeEZFsA=="}},"server_id":{"comment":"Ubuntu-4ubuntu0.11","raw":"SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11","software":"OpenSSH_8.2p1","version":"2.0"},"server_key_exchange":{"client_to_server_ciphers":["[email protected]","aes128-ctr","aes192-ctr","aes256-ctr","[email protected]","[email protected]"],"client_to_server_compression":["none","[email protected]"],"client_to_server_macs":["[email protected]","[email protected]","[email protected]","[email protected]","[email protected]","[email protected]","[email protected]","hmac-sha2-256","hmac-sha2-512","hmac-sha1"],"cookie":"yOJt/EjtQf7175Grs6DWyg==","first_kex_follows":false,"host_key_algorithms":["rsa-sha2-512","rsa-sha2-256","ssh-rsa","ecdsa-sha2-nistp256","ssh-ed25519"],"kex_algorithms":["curve25519-sha256","[email protected]","ecdh-sha2-nistp256","ecdh-sha2-nistp384","ecdh-sha2-nistp521","diffie-hellman-group-exchange-sha256","diffie-hellman-group16-sha512","diffie-hellman-group18-sha512","diffie-hellman-group14-sha256","[email protected]"],"reserved":0,"server_to_client_ciphers":["[email protected]","aes128-ctr","aes192-ctr","aes256-ctr","[email protected]","[email protected]"],"server_to_client_compression":["none","[email protected]"],"server_to_client_macs":["[email protected]","[email protected]","[email protected]","[email protected]","[email protected]","[email protected]","[email protected]","hmac-sha2-256","hmac-sha2-512","hmac-sha1"]},"userauth":["publickey","password"]}]

@ehsandeep ehsandeep merged commit b1b4f0f into dev Mar 9, 2024
@ehsandeep ehsandeep deleted the issue-loader-fix branch March 9, 2024 15:50
tarunKoyalwar added a commit that referenced this pull request Mar 10, 2024
@tarunKoyalwar
fix nuclei loading ignored templates (#4849)
1d56767 
* fix tag include logic

* fix unit test

* remove quoting in extractor output

* remove quote in debug code command
ehsandeep added a commit that referenced this pull request Mar 13, 2024
@Ice3man543 @ehsandeep
@tarunKoyalwar @dogancanbakir @Mzack9999
Fuzzing layer enhancements + input-types support (#4477)
fa56800 
* feat: move fuzz package to root directory

* feat: added support for input providers like openapi,postman,etc

* feat: integration of new fuzzing logic in engine

* bugfix: use and instead of or

* fixed lint errors

* go mod tidy

* add new reqresp type + bump utils

* custom http request parser

* use new struct type RequestResponse

* introduce unified input/target provider

* abstract input formats via new inputprovider

* completed input provider refactor

* remove duplicated code

* add sdk method to load targets

* rename component url->path

* add new yaml format + remove duplicated code

* use gopkg.in/yaml.v3 for parsing

* update .gitignore

* refactor/move + docs fuzzing in http protocol

* fuzz: header + query integration test using fuzzplayground

* fix integration test runner in windows

* feat add support for filter in http fuzz

* rewrite header/query integration test with filter

* add replace regex rule

* support kv fuzzing + misc updates

* add path fuzzing example + misc improvements

* fix matchedURL + skip httpx on multi formats

* cookie fuzz integration test

* add json body + params body tests

* feat add multipart/form-data fuzzing support

* add all fuzz body integration test

* misc bug fixes + minor refactor

* add multipart form + body form unit tests

* only run fuzzing templates if -fuzz flag is given

* refactor/move fuzz playground server to pkg

* fix integration test + refactor

* add auth types and strategies

* add file auth provider

* start implementing auth logic in http

* add logic in http protocol

* static auth implemented for http

* default :80,:443 normalization

* feat: dynamic auth init

* feat: dynamic auth using templates

* validate targets count in openapi+swagger

* inputformats: add support to accept variables

* fix workflow integration test

* update lazy cred fetch logic

* fix unit test

* drop postman support

* domain related normalization

* update secrets.yaml file format + misc updates

* add auth prefetch option

* remove old secret files

* add fuzzing+auth related sdk options

* fix/support multiple mode in kv header fuzzing

* rename 'headers' -> 'header' in fuzzing rules

* fix deadlock due to merge conflict resolution

* misc update

* add bool type in parsed value

* add openapi validation+override+ new flags

* misc updates

* remove optional path parameters when unavailable

* fix swagger.yaml file

* misc updates

* update print msg

* multiple openapi validation enchancements + appMode

* add optional params in required_openapi_vars.yaml file

* improve warning/verbose msgs in format

* fix skip-format-validation not working

* use 'params/parameter' instead of 'variable' in openapi

* add retry support for falky tests

* fix nuclei loading ignored templates (#4849)

* fix tag include logic

* fix unit test

* remove quoting in extractor output

* remove quote in debug code command

* feat: issue tracker URLs in JSON + misc fixes (#4855)

* feat: issue tracker URLs in JSON + misc fixes

* misc changes

* feat: status update support for issues

* feat: report metadata generation hook support

* feat: added CLI summary of tickets created

* misc changes

* introduce `disable-unsigned-templates` flag (#4820)

* introduce `disable-unsigned-templates` flag

* minor

* skip instead of exit

* remove duplicate imports

* use stats package + misc enhancements

* force display warning + adjust skipped stats in unsigned count

* include unsigned skipped templates without -dut flag

---------

Co-authored-by: Tarun Koyalwar <[email protected]>

* Purge cache on global callback set (#4840)

* purge cache on global callback set

* lint

* purging cache

* purge cache in runner after loading templates

* include internal cache from parsers + add global cache register/purge via config

* remove disable cache purge option

---------

Co-authored-by: Tarun Koyalwar <[email protected]>

* misc update

* add application/octet-stream support

* openapi: support path specific params

* misc option + readme update

---------

Co-authored-by: Sandeep Singh <[email protected]>
Co-authored-by: sandeep <[email protected]>
Co-authored-by: Tarun Koyalwar <[email protected]>
Co-authored-by: Tarun Koyalwar <[email protected]>
Co-authored-by: Dogan Can Bakir <[email protected]>
Co-authored-by: Mzack9999 <[email protected]>
@BrewTestBot BrewTestBot mentioned this pull request Mar 14, 2024
Merged
@tarunKoyalwar tarunKoyalwar mentioned this pull request Mar 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

Assignees

@tarunKoyalwar tarunKoyalwar

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Nuclei Loading Ignored templates when using -tags Donot Escape Extractor Output

3 participants

@tarunKoyalwar @ehsandeep