Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(http): add skip-secret-file field #5522

Merged
merged 3 commits into from
Aug 16, 2024
Merged

feat(http): add skip-secret-file field #5522

merged 3 commits into from
Aug 16, 2024

Conversation

dwisiswant0
Copy link
Member

@dwisiswant0 dwisiswant0 commented Aug 14, 2024
edited
Loading

Proposed changes

Closes #5521 #5455

How has this been tested?

# secret-file-test.yaml
static:
  - type: basicauth
    domains:
      - scanme.sh
    username: foo
    password: bar
# secret-file-test-template.yaml
id: secret-file-test-template

info:
  name: Secret File Test Template
  author: dwisiswant0
  severity: info
  tags: test

http:
  - method: HEAD
    path:
      - "{{BaseURL}}/basic/use-secret-file"
    headers:
      Authorization: Bearer YmFyOmZvbwo= # bar:foo -- should be overriden by secret file
      X-Skip-Secret-File: false

  - method: HEAD
    path:
      - "{{BaseURL}}/basic/skip-secret-file"
    headers:
      Authorization: Bearer YmFyOmZvbwo= # bar:foo
      X-Skip-Secret-File: true
    skip-secret-file: true

  - raw:
      - |
        HEAD /raw/use-secret-file HTTP/1.1
        Host: {{Hostname}}
        Authorization: Bearer YmFyOmZvbwo=
        X-Skip-Secret-File: false
    skip-secret-file: false

  - raw:
      - |
        HEAD /raw/skip-secret-file HTTP/1.1
        Host: {{Hostname}}
        Authorization: Bearer YmFyOmZvbwo=
        X-Skip-Secret-File: true
    skip-secret-file: true

Proof

$ go run cmd/nuclei/main.go -duc -sf /tmp/secret-file-test.yaml -t /tmp/secret-file-test-template.yaml -u https://scanme.sh -debug-req
[INF] [secret-file-test-template] Dumped HTTP request for https://scanme.sh/basic/use-secret-file

HEAD /basic/use-secret-file HTTP/1.1
Host: scanme.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Connection: close
Accept: */*
Accept-Language: en
Authorization: Basic Zm9vOmJhcg==
X-Bypass-Secret-File: false

[INF] [secret-file-test-template] Dumped HTTP request for https://scanme.sh/basic/bypass-secret-file

HEAD /basic/bypass-secret-file HTTP/1.1
Host: scanme.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
Connection: close
Accept: */*
Accept-Language: en
Authorization: Bearer YmFyOmZvbwo=
X-Bypass-Secret-File: true

[INF] [secret-file-test-template] Dumped HTTP request for https://scanme.sh/raw/use-secret-file

HEAD /raw/use-secret-file HTTP/1.1
Host: scanme.sh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15
Connection: close
Authorization: Basic Zm9vOmJhcg==
X-Bypass-Secret-File: false

[INF] [secret-file-test-template] Dumped HTTP request for https://scanme.sh/raw/bypass-secret-file

HEAD /raw/bypass-secret-file HTTP/1.1
Host: scanme.sh
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.46
Connection: close
Authorization: Bearer YmFyOmZvbwo=
X-Bypass-Secret-File: true

[INF] No results found. Better luck next time!

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@dwisiswant0
feat(http): add BypassSecretFile field
b1e7a5c 
Signed-off-by: Dwi Siswanto <git@dw1.io>
@dwisiswant0
feat(http): conditionally apply auth strategies
4909c3d 
Signed-off-by: Dwi Siswanto <git@dw1.io>
@dwisiswant0 dwisiswant0 requested a review from ehsandeep August 14, 2024 16:05
@dwisiswant0 dwisiswant0 changed the title feat(http): add bypass-secret-file field feat(http): add skip-secret-file field Aug 16, 2024
@ehsandeep ehsandeep linked an issue Aug 16, 2024 that may be closed by this pull request
Authorization header is inserted into every raw HTTP request when using a Secret File #5455
Closed
ehsandeep
ehsandeep approved these changes Aug 16, 2024
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dwisiswant0 can we also update the docs at https://docs.projectdiscovery.io/tools/nuclei/authenticated-scans

@dwisiswant0
Copy link
Member Author

@dwisiswant0 can we also update the docs at https://docs.projectdiscovery.io/tools/nuclei/authenticated-scans

Yeah, I'm currently drafting this.

@ehsandeep ehsandeep mentioned this pull request Aug 16, 2024
Merged
@dwisiswant0 dwisiswant0 mentioned this pull request Aug 16, 2024
Merged
@ehsandeep ehsandeep merged commit 1af29f9 into dev Aug 16, 2024
11 of 12 checks passed
@ehsandeep ehsandeep deleted the dwisiswant0/feat/http/add-bypass-secret-file-field branch August 16, 2024 12:40
@BrewTestBot BrewTestBot mentioned this pull request Aug 16, 2024
Merged
@github-actions github-actions bot mentioned this pull request Sep 3, 2024
Closed
@blsaccess blsaccess mentioned this pull request Sep 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@tarunKoyalwar tarunKoyalwar Awaiting requested review from tarunKoyalwar

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@dwisiswant0 @ehsandeep