Merge pull request #884 from TheSecEng/impl/targets/targets_to_target…

…file implement `TargetsFile` and change logic of `Targets`
projectdiscovery · Aug 4, 2021 · ef7591d · ef7591d
2 parents f516136 + 68ab370
commit ef7591d
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 20 deletions.
diff --git a/README.md b/README.md
@@ -82,7 +82,7 @@ Usage:
 
 Flags:
 TARGET:
-   -u, -target string  target URL/host to scan
+   -u, -target string[]  target URLs/hosts to scan
    -l, -list string    path to file containing a list of target URLs/hosts to scan (one per line)
 
 TEMPLATES:

diff --git a/README_CN.md b/README_CN.md
@@ -97,7 +97,7 @@ nuclei -h
 |burp-collaborator-biid|使用burp-collaborator插件|nuclei -burp-collaborator-biid XXXX|
 |c|并行的最大模板数量(默认10)|nuclei -c 10|
 |l|对URL列表进行测试|nuclei -l urls.txt|
-|target|对目标进行测试|nuclei -target hxxps://example.com|
+|target|对目标进行测试|nuclei -target hxxps://example.com -target hxxps://example2.com|
 |t|要检测的模板种类|nuclei -t git-core.yaml -t cves/|
 |no-color|输出不显示颜色|nuclei -no-color|
 |no-meta|不显示匹配的元数据|nuclei -no-meta|
@@ -250,4 +250,4 @@ nano ~/nuclei-templates/.nuclei-ignore
 
 --------
 
-Nuclei是由[projectdiscovery](https://projectdiscovery.io)团队用🖤制作的，当然社区也贡献了很多，通过 **[Thanks.md](https://github.com/projectdiscovery/nuclei/blob/master/THANKS.md)**文件以获取更多详细信息。
+Nuclei是由[projectdiscovery](https://projectdiscovery.io)团队用🖤制作的，当然社区也贡献了很多，通过 **[Thanks.md](https://github.com/projectdiscovery/nuclei/blob/master/THANKS.md)**文件以获取更多详细信息。
diff --git a/v2/cmd/nuclei/main.go b/v2/cmd/nuclei/main.go
@@ -42,8 +42,8 @@ func readConfig() {
 on extensive configurability, massive extensibility and ease of use.`)
 
 	createGroup(flagSet, "input", "Target",
-		flagSet.StringVarP(&options.Target, "target", "u", "", "target URL/host to scan"),
-		flagSet.StringVarP(&options.Targets, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
+		flagSet.StringSliceVarP(&options.Targets, "target", "u", []string{}, "target URLs/hosts to scan"),
+		flagSet.StringVarP(&options.TargetsFilePath, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
 	)
 
 	createGroup(flagSet, "templates", "Templates",

diff --git a/v2/internal/runner/runner.go b/v2/internal/runner/runner.go
@@ -125,7 +125,7 @@ func New(options *types.Options) (*Runner, error) {
 		os.Exit(0)
 	}
 
-	if (len(options.Templates) == 0 || !options.NewTemplates || (options.Targets == "" && !options.Stdin && options.Target == "")) && options.UpdateTemplates {
+	if (len(options.Templates) == 0 || !options.NewTemplates || (options.TargetsFilePath == "" && !options.Stdin && len(options.Targets) == 0)) && options.UpdateTemplates {
 		os.Exit(0)
 	}
 	hm, err := hybrid.New(hybrid.DefaultDiskOptions)
@@ -137,11 +137,23 @@ func New(options *types.Options) (*Runner, error) {
 	runner.inputCount = 0
 	dupeCount := 0
 
-	// Handle single target
-	if options.Target != "" {
-		runner.inputCount++
-		// nolint:errcheck // ignoring error
-		runner.hostMap.Set(options.Target, nil)
+	// Handle multiple target
+	if len(options.Targets) != 0 {
+		for _, target := range options.Targets {
+			url := strings.TrimSpace(target)
+			if url == "" {
+				continue
+			}
+
+			if _, ok := runner.hostMap.Get(url); ok {
+				dupeCount++
+				continue
+			}
+
+			runner.inputCount++
+			// nolint:errcheck // ignoring error
+			runner.hostMap.Set(url, nil)
+		}
 	}
 
 	// Handle stdin
@@ -152,19 +164,21 @@ func New(options *types.Options) (*Runner, error) {
 			if url == "" {
 				continue
 			}
+
 			if _, ok := runner.hostMap.Get(url); ok {
 				dupeCount++
 				continue
 			}
+
 			runner.inputCount++
 			// nolint:errcheck // ignoring error
 			runner.hostMap.Set(url, nil)
 		}
 	}
 
-	// Handle taget file
-	if options.Targets != "" {
-		input, inputErr := os.Open(options.Targets)
+	// Handle target file
+	if options.TargetsFilePath != "" {
+		input, inputErr := os.Open(options.TargetsFilePath)
 		if inputErr != nil {
 			return nil, errors.Wrap(inputErr, "could not open targets file")
 		}

diff --git a/v2/internal/testutils/testutils.go b/v2/internal/testutils/testutils.go
@@ -45,8 +45,8 @@ var DefaultOptions = &types.Options{
 	RateLimit:          150,
 	ProjectPath:        "",
 	Severity:           []string{},
-	Target:             "",
-	Targets:            "",
+	Targets:            []string{},
+	TargetsFilePath:    "",
 	Output:             "",
 	ProxyURL:           "",
 	ProxySocksURL:      "",

diff --git a/v2/pkg/types/types.go b/v2/pkg/types/types.go
@@ -32,10 +32,10 @@ type Options struct {
 	ProjectPath string
 	// InteractshURL is the URL for the interactsh server.
 	InteractshURL string
-	// Target is a single URL/Domain to scan using a template
-	Target string
-	// Targets specifies the targets to scan using templates.
-	Targets string
+	// Target URLs/Domains to scan using a template
+	Targets goflags.StringSlice
+	// TargetsFilePath specifies the targets from a file to scan using templates.
+	TargetsFilePath string
 	// Output is the file to write found results to.
 	Output string
 	// ProxyURL is the URL for the proxy server