nuclei done

veo · Jun 22, 2022 · 608aaa8 · 608aaa8
1 parent 5dd3efe
commit 608aaa8
Show file tree

Hide file tree

Showing 18 changed files with 803 additions and 1,393 deletions.
diff --git a/pocs_yml/check/nucleiCheck.go b/pocs_yml/check/nucleiCheck.go
@@ -1,19 +1,21 @@
 package check
 
 import (
+	"embed"
 	"fmt"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader/filter"
-	"github.com/projectdiscovery/nuclei/v2/pkg/templates"
 	"github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
 	"github.com/veo/vscan/pkg"
 	"github.com/veo/vscan/pocs_yml/pkg/nuclei/parse"
+	"github.com/veo/vscan/pocs_yml/pkg/nuclei/templates"
+	"sync"
 )
 
-func LoadTemplatesWithTags(templatesList, tags []string) []*templates.Template {
+func LoadTemplatesWithTags(templatesList, tags []string, ExcludeTags []string, Pocs embed.FS) []*templates.Template {
 	tagFilter := filter.New(&filter.Config{
 		Tags:        []string{},
-		ExcludeTags: []string{"apache", "java", "php"},
+		ExcludeTags: ExcludeTags,
 		Authors:     []string{},
 		IncludeTags: []string{},
 		IncludeIds:  []string{},
@@ -28,12 +30,12 @@ func LoadTemplatesWithTags(templatesList, tags []string) []*templates.Template {
 
 	loadedTemplates := make([]*templates.Template, 0, len(templatePathMap))
 	for templatePath := range templatePathMap {
-		loaded, err := parse.LoadTemplate(templatePath, tagFilter, tags)
+		loaded, err := parse.LoadTemplate(templatePath, tagFilter, tags, Pocs)
 		if err != nil {
 			gologger.Warning().Msgf("Could not load template %s: %s\n", templatePath, err)
 		}
 		if loaded {
-			poc, err := parse.ParsePoc(templatePath)
+			poc, err := parse.ParsePoc(templatePath, Pocs)
 			if err != nil {
 				gologger.Warning().Msgf("Could not parse template %s: %s\n", templatePath, err)
 				return nil
@@ -60,12 +62,18 @@ func execute(template *templates.Template, URL string) bool {
 }
 
 func NucleiStart(target string, template []*templates.Template) []string {
+	var WaitGroup sync.WaitGroup
 	var Vullist []string
 	for _, t := range template {
-		if execute(t, target) {
-			pkg.NucleiLog(fmt.Sprintf("%s (%s)\n", target, t.ID))
-			Vullist = append(Vullist, "NucleiPOC_"+t.ID)
-		}
+		WaitGroup.Add(1)
+		go func(t *templates.Template) {
+			if execute(t, target) {
+				pkg.NucleiLog(fmt.Sprintf("%s (%s)\n", target, t.ID))
+				Vullist = append(Vullist, "NucleiPOC_"+t.ID)
+			}
+			WaitGroup.Done()
+		}(t)
 	}
+	WaitGroup.Wait()
 	return Vullist
 }
diff --git a/pocs_yml/pkg/nuclei/catalog/config/config.go b/pocs_yml/pkg/nuclei/catalog/config/config.go
diff --git a/pocs_yml/pkg/nuclei/catalog/find.go b/pocs_yml/pkg/nuclei/catalog/find.go
@@ -1,105 +1,32 @@
 package catalog
 
 import (
+	"embed"
 	"io/fs"
 	"os"
 	"path/filepath"
 	"strings"
 
 	"github.com/pkg/errors"
-
-	"github.com/projectdiscovery/gologger"
 )
 
-// GetTemplatesPath returns a list of absolute paths for the provided template list.
-func (c *Catalog) GetTemplatesPath(definitions []string) []string {
-	// keeps track of processed dirs and files
-	processed := make(map[string]bool)
-	allTemplates := []string{}
-
-	for _, t := range definitions {
-		if strings.HasPrefix(t, "http") && (strings.HasSuffix(t, ".yaml") || strings.HasSuffix(t, ".yml")) {
-			if _, ok := processed[t]; !ok {
-				processed[t] = true
-				allTemplates = append(allTemplates, t)
-			}
-		} else {
-			paths, err := c.GetTemplatePath(t)
-			if err != nil {
-				gologger.Error().Msgf("Could not find template '%s': %s\n", t, err)
-			}
-			for _, path := range paths {
-				if _, ok := processed[path]; !ok {
-					processed[path] = true
-					allTemplates = append(allTemplates, path)
-				}
-			}
-		}
-	}
-	return allTemplates
-}
-
 // GetTemplatePath parses the specified input template path and returns a compiled
 // list of finished absolute paths to the templates evaluating any glob patterns
 // or folders provided as in.
-func (c *Catalog) GetTemplatePath(target string) ([]string, error) {
+func (c *Catalog) GetTemplatePath(Pocs embed.FS) ([]string, error) {
 	processed := make(map[string]struct{})
-
-	absPath, err := c.convertPathToAbsolute(target)
-	if err != nil {
-		return nil, errors.Wrapf(err, "could not find template file")
-	}
-
-	// Template input includes a wildcard
-	if strings.Contains(absPath, "*") {
-		matches, findErr := c.findGlobPathMatches(absPath, processed)
-		if findErr != nil {
-			return nil, errors.Wrap(findErr, "could not find glob matches")
-		}
-		if len(matches) == 0 {
-			return nil, errors.Errorf("no templates found for path")
-		}
-		return matches, nil
-	}
-
-	// Template input is either a file or a directory
-	match, file, err := c.findFileMatches(absPath, processed)
-	if err != nil {
-		return nil, errors.Wrap(err, "could not find file")
-	}
-	if file {
-		if match != "" {
-			return []string{match}, nil
-		}
-		return nil, nil
-	}
-
 	// Recursively walk down the Templates directory and run all
 	// the template file checks
-	matches, err := c.findDirectoryMatches(absPath, processed)
+	matches, err := c.findDirectoryMatches(Pocs, processed)
 	if err != nil {
 		return nil, errors.Wrap(err, "could not find directory matches")
 	}
 	if len(matches) == 0 {
-		return nil, errors.Errorf("no templates found in path %s", absPath)
+		return nil, errors.New("no templates found in path")
 	}
 	return matches, nil
 }
 
-// convertPathToAbsolute resolves the paths provided to absolute paths
-// before doing any operations on them regardless of them being BLOB, folders, files, etc.
-func (c *Catalog) convertPathToAbsolute(t string) (string, error) {
-	if strings.Contains(t, "*") {
-		file := filepath.Base(t)
-		absPath, err := c.ResolvePath(filepath.Dir(t), "")
-		if err != nil {
-			return "", err
-		}
-		return filepath.Join(absPath, file), nil
-	}
-	return c.ResolvePath(t, "")
-}
-
 // findGlobPathMatches returns the matched files from a glob path
 func (c *Catalog) findGlobPathMatches(absPath string, processed map[string]struct{}) ([]string, error) {
 	matches, err := filepath.Glob(absPath)
@@ -134,23 +61,22 @@ func (c *Catalog) findFileMatches(absPath string, processed map[string]struct{})
 }
 
 // findDirectoryMatches finds matches for templates from a directory
-func (c *Catalog) findDirectoryMatches(absPath string, processed map[string]struct{}) ([]string, error) {
+func (c *Catalog) findDirectoryMatches(Pocs embed.FS, processed map[string]struct{}) ([]string, error) {
 	var results []string
-	err := filepath.WalkDir(
-		absPath,
-		func(path string, d fs.DirEntry, err error) error {
-			// continue on errors
-			if err != nil {
-				return nil
-			}
-			if !d.IsDir() && strings.HasSuffix(path, ".yaml") {
-				if _, ok := processed[path]; !ok {
-					results = append(results, path)
-					processed[path] = struct{}{}
-				}
+	err := fs.WalkDir(Pocs, ".", func(path string, d fs.DirEntry, err error) error {
+		if err != nil {
+			return err
+		}
+		if !d.IsDir() && strings.HasSuffix(path, ".yaml") {
+			if _, ok := processed[path]; !ok {
+				results = append(results, path)
+				processed[path] = struct{}{}
 			}
-			return nil
-		},
-	)
+		}
+		if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") {
+			results = append(results, path)
+		}
+		return nil
+	})
 	return results, err
 }