Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error handling + support offlinehttp in flow templates #4653

Merged
merged 1 commit into from
Jan 17, 2024
Merged

error handling + support offlinehttp in flow templates #4653

merged 1 commit into from
Jan 17, 2024

Conversation

tarunKoyalwar
Copy link
Member

@tarunKoyalwar tarunKoyalwar commented Jan 17, 2024
edited
Loading

Proposed Changes

  • support for offlinehttp /passive mode in flow executer
    • in flow http is represented by http() but offlinehttp was represented by offlinehttp() hence flow engine / templates were not working in passive mode
  • this is resolved now in addition to extra error handling
  • closes nuclei panic when using with passive mode #4652

@tarunKoyalwar tarunKoyalwar self-assigned this Jan 17, 2024
@tarunKoyalwar
Copy link
Member Author

example offline response

GET / HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Edg/101.0.1210.26
Accept-Charset: utf-8
Accept-Encoding: gzip

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Wed, 17 Jan 2024 11:01:36 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Length: 0




https://hm.baidu.com

example nuclei run

$ ./nuclei -passive -u hm.baidu.com.response.txt -v -id ruijie-rg-eg-web-mis-rce -debug

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.1.5

		projectdiscovery.io

[WRN] Excluded 34 template[s] with known weak matchers / tags excluded from default run using .nuclei-ignore
[INF] Current nuclei version: v3.1.5 (latest)
[INF] Current nuclei-templates version: v9.7.4 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 6
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[INF] [ruijie-rg-eg-web-mis-rce] Dumped offline-http request for hm.baidu.com.response.txt
GET / HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Edg/101.0.1210.26
Accept-Charset: utf-8
Accept-Encoding: gzip

HTTP/1.1 200 OK
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Wed, 17 Jan 2024 11:01:36 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Length: 0




https://hm.baidu.com
[INF] No results found. Better luck next time!

@tarunKoyalwar tarunKoyalwar marked this pull request as ready for review January 17, 2024 11:35
@tarunKoyalwar tarunKoyalwar mentioned this pull request Jan 17, 2024
Closed
@ehsandeep ehsandeep merged commit 68b9dd5 into dev Jan 17, 2024
12 checks passed
@ehsandeep ehsandeep deleted the issue-4652-panic branch January 17, 2024 17:46
@BrewTestBot BrewTestBot mentioned this pull request Jan 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

Assignees

@tarunKoyalwar tarunKoyalwar

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

nuclei panic when using with passive mode
2 participants
@tarunKoyalwar @ehsandeep