New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Nuclei parser: UnicodeDecodeError on special url characters (%c0) #9201
Comments
If needed I can fix this in a pull request relatively soon, as I understand the root cause and could find a fix pretty quickly |
@Tlafay1 could you please provide me a sample output? I will make a PR. |
See PR @Tlafay1 |
I'm not sure what you mean by sample output, are you talking about a nuclei scan that introduces the bug ? |
Yes, I was talking aboiut a scan that introduces the bug, but I already was able to reproduce it, see PR. |
This can be closed. |
Bug description
When importing a nuclei scan containing special URL characters in the
matched-at
section of the json, the exception UnicodeDecodeError is thrown (see stacktrace below). To my understanding, this is due to the character being decoded in hyperlink.parse (dojo/models.py:2543), and therefore interpreted as a special character (when it should just be treated as normal characters).Steps to reproduce
Steps to reproduce the behavior:
nuclei -target scanme.nmap.org -json-export /tmp/nuclei-poc.json
.matched-at
field by appending/%c0
at the end of the existing url.Expected behavior
Import is successful
Deployment method
Environment information
Logs
I removed the code from the try/except block in
importer.py
to backtrack the issue. I also purposefully removed a second error since fixing this one fixes everything:The text was updated successfully, but these errors were encountered: