diff --git a/internal/runner/healthcheck.go b/internal/runner/healthcheck.go index 627b55cb12..28fee99d81 100644 --- a/internal/runner/healthcheck.go +++ b/internal/runner/healthcheck.go @@ -15,11 +15,11 @@ import ( func DoHealthCheck(options *types.Options) string { // RW permissions on config file var test strings.Builder - test.WriteString(fmt.Sprintf("Version: %s\n", config.Version)) - test.WriteString(fmt.Sprintf("Operating System: %s\n", runtime.GOOS)) - test.WriteString(fmt.Sprintf("Architecture: %s\n", runtime.GOARCH)) - test.WriteString(fmt.Sprintf("Go Version: %s\n", runtime.Version())) - test.WriteString(fmt.Sprintf("Compiler: %s\n", runtime.Compiler)) + fmt.Fprintf(&test, "Version: %s\n", config.Version) + fmt.Fprintf(&test, "Operating System: %s\n", runtime.GOOS) + fmt.Fprintf(&test, "Architecture: %s\n", runtime.GOARCH) + fmt.Fprintf(&test, "Go Version: %s\n", runtime.Version()) + fmt.Fprintf(&test, "Compiler: %s\n", runtime.Compiler) var testResult string cfg := config.DefaultConfig @@ -33,7 +33,7 @@ func DoHealthCheck(options *types.Options) string { if err != nil { testResult += fmt.Sprintf(" (%s)", err) } - test.WriteString(fmt.Sprintf("File \"%s\" Read => %s\n", filename, testResult)) + fmt.Fprintf(&test, "File \"%s\" Read => %s\n", filename, testResult) ok, err = fileutil.IsWriteable(filename) if ok { testResult = "Ok" @@ -43,7 +43,7 @@ func DoHealthCheck(options *types.Options) string { if err != nil { testResult += fmt.Sprintf(" (%s)", err) } - test.WriteString(fmt.Sprintf("File \"%s\" Write => %s\n", filename, testResult)) + fmt.Fprintf(&test, "File \"%s\" Write => %s\n", filename, testResult) } c4, err := net.Dial("tcp4", "scanme.sh:80") if err == nil && c4 != nil { @@ -53,7 +53,7 @@ func DoHealthCheck(options *types.Options) string { if err != nil { testResult = fmt.Sprintf("Ko (%s)", err) } - test.WriteString(fmt.Sprintf("IPv4 connectivity to scanme.sh:80 => %s\n", testResult)) + fmt.Fprintf(&test, "IPv4 connectivity to scanme.sh:80 => %s\n", testResult) c6, err := net.Dial("tcp6", "scanme.sh:80") if err == nil && c6 != nil { _ = c6.Close() @@ -62,7 +62,7 @@ func DoHealthCheck(options *types.Options) string { if err != nil { testResult = fmt.Sprintf("Ko (%s)", err) } - test.WriteString(fmt.Sprintf("IPv6 connectivity to scanme.sh:80 => %s\n", testResult)) + fmt.Fprintf(&test, "IPv6 connectivity to scanme.sh:80 => %s\n", testResult) u4, err := net.Dial("udp4", "scanme.sh:53") if err == nil && u4 != nil { _ = u4.Close() @@ -71,7 +71,7 @@ func DoHealthCheck(options *types.Options) string { if err != nil { testResult = fmt.Sprintf("Ko (%s)", err) } - test.WriteString(fmt.Sprintf("IPv4 UDP connectivity to scanme.sh:53 => %s\n", testResult)) + fmt.Fprintf(&test, "IPv4 UDP connectivity to scanme.sh:53 => %s\n", testResult) return test.String() } diff --git a/lib/sdk_private.go b/lib/sdk_private.go index aa8ad9fe37..78c45d2759 100644 --- a/lib/sdk_private.go +++ b/lib/sdk_private.go @@ -51,7 +51,7 @@ func (e *NucleiEngine) applyRequiredDefaults(ctx context.Context) { return } sb := strings.Builder{} - sb.WriteString(fmt.Sprintf("[%v] ", event.TemplateID)) + fmt.Fprintf(&sb, "[%v] ", event.TemplateID) if event.Matched != "" { sb.WriteString(event.Matched) } else { diff --git a/pkg/fuzz/analyzers/time/time_delay.go b/pkg/fuzz/analyzers/time/time_delay.go index e22c99999f..77fe15346f 100644 --- a/pkg/fuzz/analyzers/time/time_delay.go +++ b/pkg/fuzz/analyzers/time/time_delay.go @@ -98,15 +98,13 @@ func checkTimingDependency( result := regression.IsWithinConfidence(correlationErrorRange, 1.0, slopeErrorRange) if result { var resultReason strings.Builder - resultReason.WriteString(fmt.Sprintf( - "[time_delay] made %d requests (baseline: %.2fs) successfully, with a regression slope of %.2f and correlation %.2f", + fmt.Fprintf(&resultReason, "[time_delay] made %d requests (baseline: %.2fs) successfully, with a regression slope of %.2f and correlation %.2f", requestsLimit, baselineDelay, regression.slope, - regression.correlation, - )) + regression.correlation) for _, request := range requestsSent { - resultReason.WriteString(fmt.Sprintf("\n - delay: %ds, delayReceived: %fs", request.delay, request.delayReceived)) + fmt.Fprintf(&resultReason, "\n - delay: %ds, delayReceived: %fs", request.delay, request.delayReceived) } return result, resultReason.String(), nil } diff --git a/pkg/js/devtools/scrapefuncs/main.go b/pkg/js/devtools/scrapefuncs/main.go index aac105ebc0..cd7fe765cc 100644 --- a/pkg/js/devtools/scrapefuncs/main.go +++ b/pkg/js/devtools/scrapefuncs/main.go @@ -168,7 +168,7 @@ iconType: "solid" for _, sig := range f.Signatures { sigSlice = append(sigSlice, "`"+sig+"`") } - sb.WriteString(fmt.Sprintf("| %s | %s | %s |\n", f.Name, f.Description, strings.Join(sigSlice, ", "))) + fmt.Fprintf(&sb, "| %s | %s | %s |\n", f.Name, f.Description, strings.Join(sigSlice, ", ")) } sb.WriteString("\n") } diff --git a/pkg/js/devtools/tsgen/cmd/tsgen/main.go b/pkg/js/devtools/tsgen/cmd/tsgen/main.go index 5296c11933..4446c20d8f 100644 --- a/pkg/js/devtools/tsgen/cmd/tsgen/main.go +++ b/pkg/js/devtools/tsgen/cmd/tsgen/main.go @@ -99,7 +99,7 @@ func main() { // generating index.ts file var buff bytes.Buffer for _, dir := range dirs { - buff.WriteString(fmt.Sprintf("export * as %s from './%s';\n", filepath.Base(dir), filepath.Base(dir))) + fmt.Fprintf(&buff, "export * as %s from './%s';\n", filepath.Base(dir), filepath.Base(dir)) } _ = os.WriteFile(filepath.Join(out, "index.ts"), buff.Bytes(), 0755) } diff --git a/pkg/js/libs/ldap/utils.go b/pkg/js/libs/ldap/utils.go index bcff41dc49..ba913d28c4 100644 --- a/pkg/js/libs/ldap/utils.go +++ b/pkg/js/libs/ldap/utils.go @@ -219,10 +219,10 @@ func DecodeSID(s string) string { var builder strings.Builder builder.WriteString("S-") - builder.WriteString(fmt.Sprintf("%d-", revisionLvl)) - builder.WriteString(fmt.Sprintf("%d", authority)) + fmt.Fprintf(&builder, "%d-", revisionLvl) + fmt.Fprintf(&builder, "%d", authority) for _, v := range subAuthorities { - builder.WriteString(fmt.Sprintf("-%d", v)) + fmt.Fprintf(&builder, "-%d", v) } return builder.String() } diff --git a/pkg/js/libs/mysql/mysql_private.go b/pkg/js/libs/mysql/mysql_private.go index fae42ecd1f..5124af7bde 100644 --- a/pkg/js/libs/mysql/mysql_private.go +++ b/pkg/js/libs/mysql/mysql_private.go @@ -60,9 +60,9 @@ func BuildDSN(opts MySQLOptions) (string, error) { } target := net.JoinHostPort(opts.Host, fmt.Sprintf("%d", opts.Port)) var dsn strings.Builder - dsn.WriteString(fmt.Sprintf("%v:%v", url.QueryEscape(opts.Username), opts.Password)) + fmt.Fprintf(&dsn, "%v:%v", url.QueryEscape(opts.Username), opts.Password) dsn.WriteString("@") - dsn.WriteString(fmt.Sprintf("%v(%v)", opts.Protocol, target)) + fmt.Fprintf(&dsn, "%v(%v)", opts.Protocol, target) if opts.DbName != "" { dsn.WriteString(opts.DbName) } diff --git a/pkg/protocols/headless/engine/engine.go b/pkg/protocols/headless/engine/engine.go index 0d2a75786c..ff663528bf 100644 --- a/pkg/protocols/headless/engine/engine.go +++ b/pkg/protocols/headless/engine/engine.go @@ -15,7 +15,6 @@ import ( "github.com/projectdiscovery/nuclei/v3/pkg/types" fileutil "github.com/projectdiscovery/utils/file" osutils "github.com/projectdiscovery/utils/os" - processutil "github.com/projectdiscovery/utils/process" ) // Browser is a browser structure for nuclei headless module @@ -23,7 +22,6 @@ type Browser struct { customAgent string defaultHeaders map[string]string tempDir string - previousPIDs map[int32]struct{} // track already running PIDs engine *rod.Browser options *types.Options launcher *launcher.Launcher @@ -36,14 +34,11 @@ type Browser struct { // New creates a new nuclei headless browser module func New(options *types.Options) (*Browser, error) { var launcherURL, dataStore string - var previousPIDs map[int32]struct{} var err error chromeLauncher := launcher.New() if options.CDPEndpoint == "" { - previousPIDs = processutil.FindProcesses(processutil.IsChromeProcess) - dataStore, err = os.MkdirTemp("", "nuclei-*") if err != nil { return nil, errors.Wrap(err, "could not create temporary directory") @@ -135,7 +130,6 @@ func New(options *types.Options) (*Browser, error) { httpClientOnce: &sync.Once{}, launcher: chromeLauncher, } - engine.previousPIDs = previousPIDs return engine, nil } @@ -199,5 +193,4 @@ func (b *Browser) Close() { _ = b.engine.Close() b.launcher.Kill() _ = os.RemoveAll(b.tempDir) - processutil.CloseProcesses(processutil.IsChromeProcess, b.previousPIDs) } diff --git a/pkg/protocols/headless/engine/page_actions_test.go b/pkg/protocols/headless/engine/page_actions_test.go index 59ff75ef9e..bbd95de366 100644 --- a/pkg/protocols/headless/engine/page_actions_test.go +++ b/pkg/protocols/headless/engine/page_actions_test.go @@ -41,7 +41,10 @@ func TestActionNavigate(t *testing.T) { testHeadlessSimpleResponse(t, response, actions, 60*time.Second, func(page *Page, err error, out ActionData) { require.Nilf(t, err, "could not run page actions") - require.Equal(t, "Nuclei Test Page", page.Page().MustInfo().Title, "could not navigate correctly") + require.NotNil(t, page, "page should not be nil") + info, infoErr := page.Page().Info() + require.NoError(t, infoErr, "could not fetch page info") + require.Equal(t, "Nuclei Test Page", info.Title, "could not navigate correctly") }) } diff --git a/pkg/protocols/headless/engine/rules.go b/pkg/protocols/headless/engine/rules.go index 0ff933aeaa..9e2af4bc16 100644 --- a/pkg/protocols/headless/engine/rules.go +++ b/pkg/protocols/headless/engine/rules.go @@ -88,7 +88,7 @@ func (p *Page) routingRuleHandler(httpClient *http.Client) func(ctx *rod.Hijack) var rawResp strings.Builder respPayloads := ctx.Response.Payload() if respPayloads != nil { - rawResp.WriteString(fmt.Sprintf("HTTP/1.1 %d %s\n", respPayloads.ResponseCode, respPayloads.ResponsePhrase)) + fmt.Fprintf(&rawResp, "HTTP/1.1 %d %s\n", respPayloads.ResponseCode, respPayloads.ResponsePhrase) for _, header := range respPayloads.ResponseHeaders { rawResp.WriteString(header.Name + ": " + header.Value + "\n") } @@ -126,17 +126,17 @@ func (p *Page) routingRuleHandlerNative(e *proto.FetchRequestPaused) error { // attempts to rebuild request var rawReq strings.Builder - rawReq.WriteString(fmt.Sprintf("%s %s %s\n", e.Request.Method, e.Request.URL, "HTTP/1.1")) + fmt.Fprintf(&rawReq, "%s %s %s\n", e.Request.Method, e.Request.URL, "HTTP/1.1") for _, header := range e.Request.Headers { - rawReq.WriteString(fmt.Sprintf("%s\n", header.String())) + fmt.Fprintf(&rawReq, "%s\n", header.String()) } if e.Request.HasPostData { - rawReq.WriteString(fmt.Sprintf("\n%s\n", e.Request.PostData)) + fmt.Fprintf(&rawReq, "\n%s\n", e.Request.PostData) } // attempts to rebuild the response var rawResp strings.Builder - rawResp.WriteString(fmt.Sprintf("HTTP/1.1 %d %s\n", statusCode, e.ResponseStatusText)) + fmt.Fprintf(&rawResp, "HTTP/1.1 %d %s\n", statusCode, e.ResponseStatusText) for _, header := range e.ResponseHeaders { rawResp.WriteString(header.Name + ": " + header.Value + "\n") } diff --git a/pkg/reporting/reporting.go b/pkg/reporting/reporting.go index 58d7f61fb1..1b08afe3e8 100644 --- a/pkg/reporting/reporting.go +++ b/pkg/reporting/reporting.go @@ -262,10 +262,10 @@ func (c *ReportingClient) Close() { continue } var msgBuilder strings.Builder - msgBuilder.WriteString(fmt.Sprintf("%d %s tickets created successfully", created, trackerName)) + fmt.Fprintf(&msgBuilder, "%d %s tickets created successfully", created, trackerName) failed := stats.Failed.Load() if failed > 0 { - msgBuilder.WriteString(fmt.Sprintf(", %d failed", failed)) + fmt.Fprintf(&msgBuilder, ", %d failed", failed) } gologger.Info().Msgf("%v", msgBuilder.String()) } diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 471c0e73ae..021ca8bbd6 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -70,7 +70,7 @@ func MapHash[K constraints.Ordered, V any](m map[K]V) uint64 { keys := mapsutil.GetSortedKeys(m) var sb strings.Builder for _, k := range keys { - sb.WriteString(fmt.Sprintf("%v:%v\n", k, m[k])) + fmt.Fprintf(&sb, "%v:%v\n", k, m[k]) } return xxhash.Sum64([]byte(sb.String())) }