From f7ba2390bf39142ad512ea5ea9752601389f22ef Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Fri, 19 Jan 2024 02:02:58 +0530 Subject: [PATCH 1/9] dev version update --- pkg/catalog/config/constants.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/catalog/config/constants.go b/pkg/catalog/config/constants.go index dd27b23a23..f5c1ffef5d 100644 --- a/pkg/catalog/config/constants.go +++ b/pkg/catalog/config/constants.go @@ -17,7 +17,7 @@ const ( CLIConfigFileName = "config.yaml" ReportingConfigFilename = "reporting-config.yaml" // Version is the current version of nuclei - Version = `v3.1.6` + Version = `v3.1.7-dev` // Directory Names of custom templates CustomS3TemplatesDirName = "s3" CustomGitHubTemplatesDirName = "github" From 29b69a12ceaf73016f784fb0c3dfdfa53f597ad1 Mon Sep 17 00:00:00 2001 From: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com> Date: Sun, 21 Jan 2024 02:26:16 +0530 Subject: [PATCH 2/9] pdcp result chunked upload (#4662) * chunked pdcp cloud results upload * add -sid option to specify scanid * fix scan result append endpoint --- README.md | 5 +- README_CN.md | 7 +- README_ID.md | 5 +- README_KR.md | 5 +- cmd/nuclei/main.go | 7 ++ internal/pdcp/utils.go | 18 +++ internal/pdcp/writer.go | 224 +++++++++++++++++++++++++------------- internal/runner/runner.go | 9 +- pkg/types/types.go | 2 + 9 files changed, 197 insertions(+), 85 deletions(-) create mode 100644 internal/pdcp/utils.go diff --git a/README.md b/README.md index 14cb59819f..fa3edb36c5 100644 --- a/README.md +++ b/README.md @@ -290,8 +290,9 @@ STATISTICS: -mp, -metrics-port int port to expose nuclei metrics on (default 9092) CLOUD: - -auth configure projectdiscovery cloud (pdcp) api key - -cup, -cloud-upload upload scan results to pdcp dashboard + -auth configure projectdiscovery cloud (pdcp) api key + -cup, -cloud-upload upload scan results to pdcp dashboard + -sid, -scan-id string upload scan results to given scan id EXAMPLES: diff --git a/README_CN.md b/README_CN.md index 537a13122a..c2d31c1a8f 100644 --- a/README_CN.md +++ b/README_CN.md @@ -293,9 +293,10 @@ UNCOVER引擎: -si, -stats-inerval int 显示统计信息更新的间隔秒数(默认:5) -mp, -metrics-port int 更改metrics服务的端口(默认:9092) -云服务: - -auth 配置projectdiscovery云(pdcp)API密钥 - -cup, -cloud-upload 将扫描结果上传到pdcp仪表板 +云服务: + -auth 配置projectdiscovery云服务(pdcp)API密钥 + -cup, -cloud-upload 将扫描结果上传到pdcp仪表板 + -sid, -scan-id string 将扫描结果上传到指定的扫描ID 例子: 扫描一个单独的URL: diff --git a/README_ID.md b/README_ID.md index f0c09cd2ef..776c585480 100644 --- a/README_ID.md +++ b/README_ID.md @@ -266,8 +266,9 @@ STATISTICS: -mp, -metrics-port int port to expose nuclei metrics on (default 9092) CLOUD: - -auth configure projectdiscovery cloud (pdcp) api key - -cup, -cloud-upload upload scan results to pdcp dashboard + -auth configure projectdiscovery cloud (pdcp) api key + -cup, -cloud-upload upload scan results to pdcp dashboard + -sid, -scan-id string upload scan results to given scan id EXAMPLES: diff --git a/README_KR.md b/README_KR.md index 6fb8808536..394ece3349 100644 --- a/README_KR.md +++ b/README_KR.md @@ -264,8 +264,9 @@ STATISTICS: -mp, -metrics-port int nuclei 메트릭스를 노출할 포트 (기본값 9092) CLOUD: - -auth projectdiscovery cloud (pdcp) api 키 설정 - -cup, -cloud-upload 스캔 결과를 pdcp 대시보드에 업로드 + -auth projectdiscovery 클라우드 (pdcp) API 키 구성 + -cup, -cloud-upload 스캔 결과를 pdcp 대시보드에 업로드 + -sid, -scan-id string 주어진 스캔 ID에 스캔 결과 업로드 예시: diff --git a/cmd/nuclei/main.go b/cmd/nuclei/main.go index 546e2c4e6f..66789f27f9 100644 --- a/cmd/nuclei/main.go +++ b/cmd/nuclei/main.go @@ -127,6 +127,9 @@ func main() { defer cancel() stackMonitor.RegisterCallback(func(dumpID string) error { resumeFileName := fmt.Sprintf("crash-resume-file-%s.dump", dumpID) + if options.EnableCloudUpload { + gologger.Info().Msgf("Uploading scan results to cloud...") + } nucleiRunner.Close() gologger.Info().Msgf("Creating resume file: %s\n", resumeFileName) err := nucleiRunner.SaveResumeConfig(resumeFileName) @@ -143,6 +146,9 @@ func main() { for range c { gologger.Info().Msgf("CTRL+C pressed: Exiting\n") gologger.Info().Msgf("Attempting graceful shutdown...") + if options.EnableCloudUpload { + gologger.Info().Msgf("Uploading scan results to cloud...") + } nucleiRunner.Close() if options.ShouldSaveResume() { gologger.Info().Msgf("Creating resume file: %s\n", resumeFileName) @@ -380,6 +386,7 @@ on extensive configurability, massive extensibility and ease of use.`) flagSet.CreateGroup("cloud", "Cloud", flagSet.BoolVar(&pdcpauth, "auth", false, "configure projectdiscovery cloud (pdcp) api key"), flagSet.BoolVarP(&options.EnableCloudUpload, "cloud-upload", "cup", false, "upload scan results to pdcp dashboard"), + flagSet.StringVarP(&options.ScanID, "scan-id", "sid", "", "upload scan results to given scan id"), ) flagSet.SetCustomHelpText(`EXAMPLES: diff --git a/internal/pdcp/utils.go b/internal/pdcp/utils.go new file mode 100644 index 0000000000..5d4fa4e1f0 --- /dev/null +++ b/internal/pdcp/utils.go @@ -0,0 +1,18 @@ +package pdcp + +import ( + pdcpauth "github.com/projectdiscovery/utils/auth/pdcp" + urlutil "github.com/projectdiscovery/utils/url" +) + +func getScanDashBoardURL(id string) string { + ux, _ := urlutil.Parse(pdcpauth.DashBoardURL) + ux.Path = "/scans/" + id + ux.Update() + return ux.String() +} + +type uploadResponse struct { + ID string `json:"id"` + Message string `json:"message"` +} diff --git a/internal/pdcp/writer.go b/internal/pdcp/writer.go index 815633cc02..fa0fb17251 100644 --- a/internal/pdcp/writer.go +++ b/internal/pdcp/writer.go @@ -1,30 +1,30 @@ package pdcp import ( + "bufio" + "bytes" + "context" "encoding/json" "fmt" "io" "net/http" "net/url" - "os" - "path/filepath" - "strconv" "sync/atomic" "time" "github.com/projectdiscovery/gologger" - "github.com/projectdiscovery/nuclei/v3/pkg/catalog/config" "github.com/projectdiscovery/nuclei/v3/pkg/output" "github.com/projectdiscovery/retryablehttp-go" pdcpauth "github.com/projectdiscovery/utils/auth/pdcp" errorutil "github.com/projectdiscovery/utils/errors" - fileutil "github.com/projectdiscovery/utils/file" - folderutil "github.com/projectdiscovery/utils/folder" urlutil "github.com/projectdiscovery/utils/url" ) const ( uploadEndpoint = "/v1/scans/import" + appendEndpoint = "/v1/scans/%s/import" + flushTimer = time.Duration(1) * time.Minute + MaxChunkSize = 1024 * 1024 * 4 // 4 MB ) var _ output.Writer = &UploadWriter{} @@ -34,31 +34,28 @@ var _ output.Writer = &UploadWriter{} type UploadWriter struct { *output.StandardWriter creds *pdcpauth.PDCPCredentials - tempFile *os.File - done atomic.Bool uploadURL *url.URL + client *retryablehttp.Client + cancel context.CancelFunc + done chan struct{} + scanID string + counter atomic.Int32 } // NewUploadWriter creates a new upload writer -func NewUploadWriter(creds *pdcpauth.PDCPCredentials) (*UploadWriter, error) { +func NewUploadWriter(ctx context.Context, creds *pdcpauth.PDCPCredentials) (*UploadWriter, error) { if creds == nil { return nil, fmt.Errorf("no credentials provided") } - u := &UploadWriter{creds: creds} - // create a temporary file in cache directory - cacheDir := folderutil.AppCacheDirOrDefault("", config.BinaryName) - if !fileutil.FolderExists(cacheDir) { - _ = fileutil.CreateFolder(cacheDir) + u := &UploadWriter{ + creds: creds, + done: make(chan struct{}, 1), } - var err error - // tempfile is created in nuclei-results-.json format - u.tempFile, err = os.OpenFile(filepath.Join(cacheDir, "nuclei-results-"+strconv.Itoa(int(time.Now().Unix()))+".json"), os.O_RDWR|os.O_CREATE, 0600) - if err != nil { - return nil, errorutil.NewWithErr(err).Msgf("could not create temporary file") - } + reader, writer := io.Pipe() + // create standard writer u.StandardWriter, err = output.NewWriter( - output.WithWriter(u.tempFile), + output.WithWriter(writer), output.WithJson(true, true), ) if err != nil { @@ -71,87 +68,164 @@ func NewUploadWriter(creds *pdcpauth.PDCPCredentials) (*UploadWriter, error) { tmp.Path = uploadEndpoint tmp.Update() u.uploadURL = tmp.URL + + // create http client + opts := retryablehttp.DefaultOptionsSingle + opts.NoAdjustTimeout = true + opts.Timeout = time.Duration(3) * time.Minute + u.client = retryablehttp.NewClient(opts) + + // create context + ctx, u.cancel = context.WithCancel(ctx) + // start auto commit + // upload every 1 minute or when buffer is full + go u.autoCommit(ctx, reader) return u, nil } -type uploadResponse struct { - ID string `json:"id"` - Message string `json:"message"` +// SetScanID sets the scan id for the upload writer +func (u *UploadWriter) SetScanID(id string) { + u.scanID = id } -// Upload uploads the results to pdcp server -func (u *UploadWriter) Upload() { - defer u.done.Store(true) - - _ = u.tempFile.Sync() - info, err := u.tempFile.Stat() - if err != nil { - gologger.Error().Msgf("Failed to upload scan results on cloud: %v", err) - return +func (u *UploadWriter) autoCommit(ctx context.Context, r *io.PipeReader) { + reader := bufio.NewReader(r) + ch := make(chan string, 4) + + // continuously read from the reader and send to channel + go func() { + defer r.Close() + defer close(ch) + for { + data, err := reader.ReadString('\n') + if err != nil { + return + } + u.counter.Add(1) + ch <- data + } + }() + + // wait for context to be done + defer func() { + u.done <- struct{}{} + close(u.done) + // if no scanid is generated no results were uploaded + if u.scanID == "" { + gologger.Verbose().Msgf("Scan results upload to cloud skipped, no results found to upload") + } else { + gologger.Info().Msgf("%v Scan results uploaded to cloud, you can view scan results at %v", u.counter.Load(), getScanDashBoardURL(u.scanID)) + } + }() + // temporary buffer to store the results + buff := &bytes.Buffer{} + ticker := time.NewTicker(flushTimer) + + for { + select { + case <-ctx.Done(): + // flush before exit + if buff.Len() > 0 { + if err := u.uploadChunk(buff); err != nil { + gologger.Error().Msgf("Failed to upload scan results on cloud: %v", err) + } + } + return + case <-ticker.C: + // flush the buffer + if buff.Len() > 0 { + if err := u.uploadChunk(buff); err != nil { + gologger.Error().Msgf("Failed to upload scan results on cloud: %v", err) + } + } + case line, ok := <-ch: + if !ok { + if buff.Len() > 0 { + if err := u.uploadChunk(buff); err != nil { + gologger.Error().Msgf("Failed to upload scan results on cloud: %v", err) + } + } + return + } + if buff.Len()+len(line) > MaxChunkSize { + // flush existing buffer + if err := u.uploadChunk(buff); err != nil { + gologger.Error().Msgf("Failed to upload scan results on cloud: %v", err) + } + } else { + buff.WriteString(line) + } + } } - if info.Size() == 0 { - gologger.Verbose().Msgf("Scan results upload to cloud skipped, no results found to upload") - return - } - _, _ = u.tempFile.Seek(0, 0) +} - id, err := u.upload() - if err != nil { - gologger.Error().Msgf("Failed to upload scan results on cloud: %v", err) - return +// uploadChunk uploads a chunk of data to the server +func (u *UploadWriter) uploadChunk(buff *bytes.Buffer) error { + if err := u.upload(buff.Bytes()); err != nil { + return errorutil.NewWithErr(err).Msgf("could not upload chunk") } - gologger.Info().Msgf("Scan results uploaded! View them at %v", getScanDashBoardURL(id)) + // if successful, reset the buffer + buff.Reset() + // log in verbose mode + gologger.Warning().Msgf("Uploaded results chunk, you can view scan results at %v", getScanDashBoardURL(u.scanID)) + return nil } -func (u *UploadWriter) upload() (string, error) { - req, err := retryablehttp.NewRequest(http.MethodPost, u.uploadURL.String(), u.tempFile) +func (u *UploadWriter) upload(data []byte) error { + req, err := u.getRequest(data) if err != nil { - return "", errorutil.NewWithErr(err).Msgf("could not create cloud upload request") + return errorutil.NewWithErr(err).Msgf("could not create upload request") } - req.Header.Set(pdcpauth.ApiKeyHeaderName, u.creds.APIKey) - req.Header.Set("Content-Type", "application/octet-stream") - req.Header.Set("Accept", "application/json") - - opts := retryablehttp.DefaultOptionsSingle - // we are uploading nuclei results which can be large - // server has a size limit of ~20ish MB - opts.Timeout = time.Duration(3) * time.Minute - client := retryablehttp.NewClient(opts) - resp, err := client.Do(req) + resp, err := u.client.Do(req) if err != nil { - return "", errorutil.NewWithErr(err).Msgf("could not upload results") + return errorutil.NewWithErr(err).Msgf("could not upload results") } defer resp.Body.Close() bin, err := io.ReadAll(resp.Body) if err != nil { - return "", errorutil.NewWithErr(err).Msgf("could not get id from response") + return errorutil.NewWithErr(err).Msgf("could not get id from response") } if resp.StatusCode != http.StatusOK { - return "", fmt.Errorf("could not upload results got status code %v", resp.StatusCode) + return fmt.Errorf("could not upload results got status code %v on %v", resp.StatusCode, resp.Request.URL.String()) } var uploadResp uploadResponse if err := json.Unmarshal(bin, &uploadResp); err != nil { - return "", errorutil.NewWithErr(err).Msgf("could not unmarshal response got %v", string(bin)) + return errorutil.NewWithErr(err).Msgf("could not unmarshal response got %v", string(bin)) } - u.removeTempFile() - return uploadResp.ID, nil + if uploadResp.ID != "" && u.scanID == "" { + u.scanID = uploadResp.ID + } + return nil } -// removeTempFile removes the temporary file -func (u *UploadWriter) removeTempFile() { - _ = os.Remove(u.tempFile.Name()) +// getRequest returns a new request for upload +// if scanID is not provided create new scan by uploading the data +// if scanID is provided append the data to existing scan +func (u *UploadWriter) getRequest(bin []byte) (*retryablehttp.Request, error) { + var method, url string + + if u.scanID == "" { + u.uploadURL.Path = uploadEndpoint + method = http.MethodPost + url = u.uploadURL.String() + } else { + u.uploadURL.Path = fmt.Sprintf(appendEndpoint, u.scanID) + method = http.MethodPatch + url = u.uploadURL.String() + } + req, err := retryablehttp.NewRequest(method, url, bytes.NewReader(bin)) + if err != nil { + return nil, errorutil.NewWithErr(err).Msgf("could not create cloud upload request") + } + req.Header.Set(pdcpauth.ApiKeyHeaderName, u.creds.APIKey) + req.Header.Set("Content-Type", "application/octet-stream") + req.Header.Set("Accept", "application/json") + return req, nil } // Close closes the upload writer func (u *UploadWriter) Close() { - if !u.done.Load() { - u.Upload() - } -} - -func getScanDashBoardURL(id string) string { - ux, _ := urlutil.Parse(pdcpauth.DashBoardURL) - ux.Path = "/scans/" + id - ux.Update() - return ux.String() + u.cancel() + <-u.done + u.StandardWriter.Close() } diff --git a/internal/runner/runner.go b/internal/runner/runner.go index 0414def04b..5924a8b066 100644 --- a/internal/runner/runner.go +++ b/internal/runner/runner.go @@ -354,6 +354,10 @@ func (r *Runner) Close() { // setupPDCPUpload sets up the PDCP upload writer // by creating a new writer and returning it func (r *Runner) setupPDCPUpload(writer output.Writer) output.Writer { + // if scanid is given implicitly consider that scan upload is enabled + if r.options.ScanID != "" { + r.options.EnableCloudUpload = true + } if !(r.options.EnableCloudUpload || EnableCloudUpload) { r.pdcpUploadErrMsg = fmt.Sprintf("[%v] Scan results upload to cloud is disabled.", aurora.BrightYellow("WRN")) return writer @@ -368,11 +372,14 @@ func (r *Runner) setupPDCPUpload(writer output.Writer) output.Writer { r.pdcpUploadErrMsg = fmt.Sprintf("[%v] To view results on Cloud Dashboard, Configure API key from %v", color.BrightYellow("WRN"), pdcpauth.DashBoardURL) return writer } - uploadWriter, err := pdcp.NewUploadWriter(creds) + uploadWriter, err := pdcp.NewUploadWriter(context.Background(), creds) if err != nil { r.pdcpUploadErrMsg = fmt.Sprintf("[%v] PDCP (%v) Auto-Save Failed: %s\n", color.BrightYellow("WRN"), pdcpauth.DashBoardURL, err) return writer } + if r.options.ScanID != "" { + uploadWriter.SetScanID(r.options.ScanID) + } return output.NewMultiWriter(writer, uploadWriter) } diff --git a/pkg/types/types.go b/pkg/types/types.go index 7dfa845652..9e57b118f7 100644 --- a/pkg/types/types.go +++ b/pkg/types/types.go @@ -364,6 +364,8 @@ type Options struct { EnableCodeTemplates bool // Disables cloud upload EnableCloudUpload bool + // ScanID is the scan ID to use for cloud upload + ScanID string } // ShouldLoadResume resume file From 59d208d44a9d967f459928d356c0cbc2822b82e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 02:08:29 +0530 Subject: [PATCH 3/9] chore(deps): bump github.com/projectdiscovery/rawhttp (#4670) Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) from 0.1.33 to 0.1.35. - [Release notes](https://github.com/projectdiscovery/rawhttp/releases) - [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.33...v0.1.35) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/rawhttp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 47e414ffb1..32b3b8c549 100644 --- a/go.mod +++ b/go.mod @@ -24,7 +24,7 @@ require ( github.com/projectdiscovery/fastdialer v0.0.54 github.com/projectdiscovery/hmap v0.0.34 github.com/projectdiscovery/interactsh v1.1.8 - github.com/projectdiscovery/rawhttp v0.1.33 + github.com/projectdiscovery/rawhttp v0.1.35 github.com/projectdiscovery/retryabledns v1.0.51 github.com/projectdiscovery/retryablehttp-go v1.0.44 github.com/projectdiscovery/yamldoc-go v1.0.4 diff --git a/go.sum b/go.sum index db2480f330..d322bac8da 100644 --- a/go.sum +++ b/go.sum @@ -833,8 +833,8 @@ github.com/projectdiscovery/networkpolicy v0.0.7 h1:AwHqBRXBqDQgnWzBMuoJtHBNEYBw github.com/projectdiscovery/networkpolicy v0.0.7/go.mod h1:CK0CnFoLF1Nou6mY7P4WODSAxhPN8g8g7XpapgEP8tI= github.com/projectdiscovery/ratelimit v0.0.24 h1:ydCzcICK8eSYkCeN5NLikGjGayx66ELQmjpqepGC5Cg= github.com/projectdiscovery/ratelimit v0.0.24/go.mod h1:cHow8VY1Dt38/6Cj3b6LmJATnzXrs6838U2GiFYBoXE= -github.com/projectdiscovery/rawhttp v0.1.33 h1:H+QM7zVq/pprGrQrO0JyCSRwrCYdIHbQ3hueh6P5u/4= -github.com/projectdiscovery/rawhttp v0.1.33/go.mod h1:3W9ZZr3feIVbK0VQHZv6c5OKqb+tnTdh3cbNOOO8AY8= +github.com/projectdiscovery/rawhttp v0.1.35 h1:9Hkbu1WLN5coj6+HBaqi26PjMNFnw1XrMvJUS/G40OM= +github.com/projectdiscovery/rawhttp v0.1.35/go.mod h1:9mS0N3BfOBYwQWgyI+bXBaFVMFBtJVTcZF0FENea7mA= github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917 h1:m03X4gBVSorSzvmm0bFa7gDV4QNSOWPL/fgZ4kTXBxk= github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917/go.mod h1:JxXtZC9e195awe7EynrcnBJmFoad/BNDzW9mzFkK8Sg= github.com/projectdiscovery/retryabledns v1.0.51 h1:bX/apiRGZwhASBAT7o3qmZ0FznuBlHQlIQdCw1TAzcg= From e8d11559b348d2014a4cdbf6a475b3ad245b31db Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 02:16:40 +0530 Subject: [PATCH 4/9] chore(deps): bump github.com/projectdiscovery/fastdialer (#4672) Bumps [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) from 0.0.54 to 0.0.55. - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.0.54...v0.0.55) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 32b3b8c549..24ff12b5e8 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/olekukonko/tablewriter v0.0.5 github.com/pkg/errors v0.9.1 github.com/projectdiscovery/clistats v0.0.20 - github.com/projectdiscovery/fastdialer v0.0.54 + github.com/projectdiscovery/fastdialer v0.0.55 github.com/projectdiscovery/hmap v0.0.34 github.com/projectdiscovery/interactsh v1.1.8 github.com/projectdiscovery/rawhttp v0.1.35 diff --git a/go.sum b/go.sum index d322bac8da..0c8a820e89 100644 --- a/go.sum +++ b/go.sum @@ -805,8 +805,8 @@ github.com/projectdiscovery/clistats v0.0.20 h1:5jO5SLiRJ7f0nDV0ndBNmBeesbROouPo github.com/projectdiscovery/clistats v0.0.20/go.mod h1:GJ2av0KnOvK0AISQnP8hyDclYIji1LVkx2l0pwnzAu4= github.com/projectdiscovery/dsl v0.0.38 h1:wzObLZ4m4fMtPD0RiirnAp5naF43dJymjCmEeZzJLjM= github.com/projectdiscovery/dsl v0.0.38/go.mod h1:jYaosMHbna8jGxhClWovGFBNJGM19Go0wbk6FfrV/PA= -github.com/projectdiscovery/fastdialer v0.0.54 h1:c90JJ2cPlVV9JK/HlgVwiupun0ONa+IXQqwGE1/IMws= -github.com/projectdiscovery/fastdialer v0.0.54/go.mod h1:l1ktd+P7b68NH/0Xu7/EAx3uoNc4iowoYj6jckuY2+k= +github.com/projectdiscovery/fastdialer v0.0.55 h1:dcD3La9MsImgQMrBnG0/w5Mu8PRJu2TU1STycKSSodc= +github.com/projectdiscovery/fastdialer v0.0.55/go.mod h1:DNP62sWCLp0YHXwhlo73iyZODpSZE7dVstt2GNAC7+A= github.com/projectdiscovery/fasttemplate v0.0.2 h1:h2cISk5xDhlJEinlBQS6RRx0vOlOirB2y3Yu4PJzpiA= github.com/projectdiscovery/fasttemplate v0.0.2/go.mod h1:XYWWVMxnItd+r0GbjA1GCsUopMw1/XusuQxdyAIHMCw= github.com/projectdiscovery/freeport v0.0.5 h1:jnd3Oqsl4S8n0KuFkE5Hm8WGDP24ITBvmyw5pFTHS8Q= From 06bb8b578b1c3558b3b2cb57b5eca280aec3dd01 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 02:17:32 +0530 Subject: [PATCH 5/9] chore(deps): bump github.com/projectdiscovery/httpx from 1.3.7 to 1.3.8 (#4671) Bumps [github.com/projectdiscovery/httpx](https://github.com/projectdiscovery/httpx) from 1.3.7 to 1.3.8. - [Release notes](https://github.com/projectdiscovery/httpx/releases) - [Changelog](https://github.com/projectdiscovery/httpx/blob/main/.goreleaser.yml) - [Commits](https://github.com/projectdiscovery/httpx/compare/v1.3.7...v1.3.8) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/httpx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 24ff12b5e8..04003ff709 100644 --- a/go.mod +++ b/go.mod @@ -82,7 +82,7 @@ require ( github.com/projectdiscovery/gologger v1.1.12 github.com/projectdiscovery/gostruct v0.0.2 github.com/projectdiscovery/gozero v0.0.1 - github.com/projectdiscovery/httpx v1.3.7 + github.com/projectdiscovery/httpx v1.3.8 github.com/projectdiscovery/mapcidr v1.1.16 github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5 github.com/projectdiscovery/ratelimit v0.0.24 diff --git a/go.sum b/go.sum index 0c8a820e89..540ddbe611 100644 --- a/go.sum +++ b/go.sum @@ -821,8 +821,8 @@ github.com/projectdiscovery/gozero v0.0.1 h1:f08ZnYlbDZV/TNGDvIXV9s/oB/sAI+HWaSb github.com/projectdiscovery/gozero v0.0.1/go.mod h1:/dHwbly+1lhOX9UreVure4lEe7K4hIHeu/c/wZGNTDo= github.com/projectdiscovery/hmap v0.0.34 h1:Xz/CjuHVw/QCrupScMFkGN0YEIkz+jkAwqbHJ9A0C9I= github.com/projectdiscovery/hmap v0.0.34/go.mod h1:FQy913/mK7Tc2BoTpV2kZJMMuZp5FHcclGGMWtK8pBM= -github.com/projectdiscovery/httpx v1.3.7 h1:g/ZQIBdWWPQLF+niv39b7jRhAkyrcroJJfqbTQDKhyQ= -github.com/projectdiscovery/httpx v1.3.7/go.mod h1:FqEmL2zWZArgD1vSQ+tqHvmUItPqxYhOgKyfN8GyWMQ= +github.com/projectdiscovery/httpx v1.3.8 h1:D07kanG/AnZl4hErm4HPw3Clml+R3LZdBvfXxf6c5q8= +github.com/projectdiscovery/httpx v1.3.8/go.mod h1:ly2a5roeXONX2nIu5xaXCus6jc/4HLVwf3JP9kSaXbQ= github.com/projectdiscovery/interactsh v1.1.8 h1:mDD+f/oo2tV4Z1WyUync0tgYeJyuiS89Un64Gm6Pvgk= github.com/projectdiscovery/interactsh v1.1.8/go.mod h1:E20ywFb7bL01GcOOk+6VZF48XZ8AZvYvBpULoBUSTbg= github.com/projectdiscovery/mapcidr v1.1.16 h1:rjj1w5D6hbTsUQXYClLcGdfBEy9bryclgi70t0vBggo= From 74b572ef4539ee480fbffda06c1424ca1dc1c916 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 02:26:23 +0530 Subject: [PATCH 6/9] chore(deps): bump github.com/projectdiscovery/dsl from 0.0.38 to 0.0.40 (#4674) Bumps [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) from 0.0.38 to 0.0.40. - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](https://github.com/projectdiscovery/dsl/compare/v0.0.38...v0.0.40) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/dsl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 04003ff709..bb4fdd2ce7 100644 --- a/go.mod +++ b/go.mod @@ -76,7 +76,7 @@ require ( github.com/mholt/archiver v3.1.1+incompatible github.com/ory/dockertest/v3 v3.10.0 github.com/praetorian-inc/fingerprintx v1.1.9 - github.com/projectdiscovery/dsl v0.0.38 + github.com/projectdiscovery/dsl v0.0.40 github.com/projectdiscovery/fasttemplate v0.0.2 github.com/projectdiscovery/goflags v0.1.35 github.com/projectdiscovery/gologger v1.1.12 diff --git a/go.sum b/go.sum index 540ddbe611..cffc30623b 100644 --- a/go.sum +++ b/go.sum @@ -803,8 +803,8 @@ github.com/projectdiscovery/cdncheck v1.0.9 h1:BS15gzj9gb5AVSKqTDzPamfSgStu7nJQO github.com/projectdiscovery/cdncheck v1.0.9/go.mod h1:18SSl1w7rMj53CGeRIZTbDoa286a6xZIxGbaiEo4Fxs= github.com/projectdiscovery/clistats v0.0.20 h1:5jO5SLiRJ7f0nDV0ndBNmBeesbROouPooH+DGMgoWq4= github.com/projectdiscovery/clistats v0.0.20/go.mod h1:GJ2av0KnOvK0AISQnP8hyDclYIji1LVkx2l0pwnzAu4= -github.com/projectdiscovery/dsl v0.0.38 h1:wzObLZ4m4fMtPD0RiirnAp5naF43dJymjCmEeZzJLjM= -github.com/projectdiscovery/dsl v0.0.38/go.mod h1:jYaosMHbna8jGxhClWovGFBNJGM19Go0wbk6FfrV/PA= +github.com/projectdiscovery/dsl v0.0.40 h1:bY6aOPEIJ+YYYXX2qRZj1y4VsZlV9VU0oaD+GrR/j6I= +github.com/projectdiscovery/dsl v0.0.40/go.mod h1:wo6lB5vwKWbTo5qDdJ1q7S1bYthm2mwGZ+MVefJmdZo= github.com/projectdiscovery/fastdialer v0.0.55 h1:dcD3La9MsImgQMrBnG0/w5Mu8PRJu2TU1STycKSSodc= github.com/projectdiscovery/fastdialer v0.0.55/go.mod h1:DNP62sWCLp0YHXwhlo73iyZODpSZE7dVstt2GNAC7+A= github.com/projectdiscovery/fasttemplate v0.0.2 h1:h2cISk5xDhlJEinlBQS6RRx0vOlOirB2y3Yu4PJzpiA= From 124409fcb8f4b24f96e7367d29cd4f1c33ad7761 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Jan 2024 02:38:39 +0530 Subject: [PATCH 7/9] chore(deps): bump github.com/projectdiscovery/utils (#4676) Bumps [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) from 0.0.74-0.20240115220656-48fef326de18 to 0.0.75. - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](https://github.com/projectdiscovery/utils/commits/v0.0.75) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/utils dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index bb4fdd2ce7..312d7f5da6 100644 --- a/go.mod +++ b/go.mod @@ -90,7 +90,7 @@ require ( github.com/projectdiscovery/sarif v0.0.1 github.com/projectdiscovery/tlsx v1.1.6-0.20231116215000-e842dc367a74 github.com/projectdiscovery/uncover v1.0.7 - github.com/projectdiscovery/utils v0.0.74-0.20240115220656-48fef326de18 + github.com/projectdiscovery/utils v0.0.75 github.com/projectdiscovery/wappalyzergo v0.0.109 github.com/redis/go-redis/v9 v9.1.0 github.com/ropnop/gokrb5/v8 v8.0.0-20201111231119-729746023c02 diff --git a/go.sum b/go.sum index cffc30623b..f0f80639b5 100644 --- a/go.sum +++ b/go.sum @@ -849,8 +849,8 @@ github.com/projectdiscovery/tlsx v1.1.6-0.20231116215000-e842dc367a74 h1:G0gw+3z github.com/projectdiscovery/tlsx v1.1.6-0.20231116215000-e842dc367a74/go.mod h1:YH8el7/6pyZbNed1IibjzbGpeigiCVyvE28g5+LsPAw= github.com/projectdiscovery/uncover v1.0.7 h1:ut+2lTuvmftmveqF5RTjMWAgyLj8ltPQC7siFy9sj0A= github.com/projectdiscovery/uncover v1.0.7/go.mod h1:HFXgm1sRPuoN0D4oATljPIdmbo/EEh1wVuxQqo/dwFE= -github.com/projectdiscovery/utils v0.0.74-0.20240115220656-48fef326de18 h1:hQHfr0YlGGODVMQrN3c41itC477xdFDy/3hJbOfjPqY= -github.com/projectdiscovery/utils v0.0.74-0.20240115220656-48fef326de18/go.mod h1:SEb3ZoGy1nxdnPNXAGhMZNhRcokRkoMEjC6l9H59t1s= +github.com/projectdiscovery/utils v0.0.75 h1:VroGyPBTyFARP7HYa2lbmZvt40/bCaXu1q+NIhkKEmk= +github.com/projectdiscovery/utils v0.0.75/go.mod h1:4MBUFfZ9Mm96PiWUj2zJ99sx2AVOpZkGukC6O16+p+o= github.com/projectdiscovery/wappalyzergo v0.0.109 h1:BERfwTRn1dvB1tbhyc5m67R8VkC9zbVuPsEq4VEm07k= github.com/projectdiscovery/wappalyzergo v0.0.109/go.mod h1:4Z3DKhi75zIPMuA+qSDDWxZvnhL4qTLmDx4dxNMu7MA= github.com/projectdiscovery/yamldoc-go v1.0.4 h1:eZoESapnMw6WAHiVgRwNqvbJEfNHEH148uthhFbG5jE= From 62f73fd7ef3aa0d1838a187afd196861df82f298 Mon Sep 17 00:00:00 2001 From: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com> Date: Tue, 23 Jan 2024 03:01:27 +0530 Subject: [PATCH 8/9] pdcp env fix: make PDCP_API_SERVER env optional (#4675) * bump utils * add pdcp directory to -version * dep update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> --- cmd/nuclei/main.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cmd/nuclei/main.go b/cmd/nuclei/main.go index 66789f27f9..f28ac0f8fb 100644 --- a/cmd/nuclei/main.go +++ b/cmd/nuclei/main.go @@ -12,6 +12,7 @@ import ( "strings" "time" + "github.com/projectdiscovery/utils/auth/pdcp" _ "github.com/projectdiscovery/utils/pprof" "github.com/projectdiscovery/goflags" @@ -507,6 +508,7 @@ func printVersion() { gologger.Info().Msgf("Nuclei Engine Version: %s", config.Version) gologger.Info().Msgf("Nuclei Config Directory: %s", config.DefaultConfig.GetConfigDir()) gologger.Info().Msgf("Nuclei Cache Directory: %s", config.DefaultConfig.GetCacheDir()) // cache dir contains resume files + gologger.Info().Msgf("PDCP Directory: %s", pdcp.PDCPDir) os.Exit(0) } From b9e2665e9e4f341a16081ce07808a5d4cc28f4f2 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Tue, 23 Jan 2024 03:12:50 +0530 Subject: [PATCH 9/9] version update --- pkg/catalog/config/constants.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/catalog/config/constants.go b/pkg/catalog/config/constants.go index f5c1ffef5d..f4af470ed1 100644 --- a/pkg/catalog/config/constants.go +++ b/pkg/catalog/config/constants.go @@ -17,7 +17,7 @@ const ( CLIConfigFileName = "config.yaml" ReportingConfigFilename = "reporting-config.yaml" // Version is the current version of nuclei - Version = `v3.1.7-dev` + Version = `v3.1.7` // Directory Names of custom templates CustomS3TemplatesDirName = "s3" CustomGitHubTemplatesDirName = "github"