Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nuclei panic when using with passive mode #4652

Closed
CyL0NG opened this issue Jan 17, 2024 · 1 comment · Fixed by #4653
Closed

nuclei panic when using with passive mode #4652

CyL0NG opened this issue Jan 17, 2024 · 1 comment · Fixed by #4653
Assignees
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Milestone

Comments

@CyL0NG
Copy link

CyL0NG commented Jan 17, 2024

affect version: v3.1.4, v3.1.5

╰─$ nuclei -passive -u hm.baidu.com.response-1fc6b0c29bd6a49a.txt                                                      130 ↵

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.1.5

		projectdiscovery.io

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x30 pc=0x2c4da25]

goroutine 1 [running]:
github.com/projectdiscovery/nuclei/v3/pkg/tmplexec/flow.(*FlowExecutor).Compile(0x0)
	github.com/projectdiscovery/nuclei/v3/pkg/tmplexec/flow/flow_executor.go:104 +0x25
github.com/projectdiscovery/nuclei/v3/pkg/tmplexec.(*TemplateExecuter).Compile(0xc006c6b800)
	github.com/projectdiscovery/nuclei/v3/pkg/tmplexec/exec.go:84 +0x2bd
github.com/projectdiscovery/nuclei/v3/pkg/templates.parseTemplate({_, _, _}, {{0x0, 0x0}, {0xc000f6de00, 0x56}, {{0x0, 0x0}, {{0x0, ...}}, ...}, ...})
	github.com/projectdiscovery/nuclei/v3/pkg/templates/compile.go:371 +0x687
github.com/projectdiscovery/nuclei/v3/pkg/templates.ParseTemplateFromReader({_, _}, {_, _}, {{0x0, 0x0}, {0xc000f6de00, 0x56}, {{0x0, 0x0}, ...}, ...})
	github.com/projectdiscovery/nuclei/v3/pkg/templates/compile.go:260 +0x4d9
github.com/projectdiscovery/nuclei/v3/pkg/templates.Parse({_, _}, {_, _}, {{0x0, 0x0}, {0x0, 0x0}, {{0x0, 0x0}, ...}, ...})
	github.com/projectdiscovery/nuclei/v3/pkg/templates/compile.go:78 +0x3f0
github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader.(*Store).LoadTemplatesWithTags(0xc0001fb320, {0xc000d3d300?, 0x0?, 0x0?}, {0x0, 0x0, 0x0})
	github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader/loader.go:392 +0x40b
github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader.(*Store).LoadTemplates(...)
	github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader/loader.go:354
github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader.(*Store).Load(0xc0001fb320)
	github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader/loader.go:250 +0x30
github.com/projectdiscovery/nuclei/v3/internal/runner.(*Runner).RunEnumeration(0xc00130b550)
	github.com/projectdiscovery/nuclei/v3/internal/runner/runner.go:442 +0xe78
main.main()
	./main.go:149 +0x605

v3.1.3 works.

@CyL0NG CyL0NG added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Jan 17, 2024
@tarunKoyalwar tarunKoyalwar self-assigned this Jan 17, 2024
@tarunKoyalwar
Copy link
Member

@CyL0NG , thanks for reporting this , newly added flow engine did not support offlinehttp protocol which caused templates like ruijie-rg-eg-web-mis-rce to panic but this is now fixed and support has been added in linked pr #4653

you can temporarily use nuclei from that PR/branch and this fix will be included with next nuclei release

@ehsandeep ehsandeep added this to the nuclei v3.1.6 milestone Jan 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants