Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mixing internal and non-internal extractor results in internal extractor not working #4865

Closed
mwulftange opened this issue Mar 11, 2024 · 0 comments · Fixed by #4868
Closed

Mixing internal and non-internal extractor results in internal extractor not working #4865

mwulftange opened this issue Mar 11, 2024 · 0 comments · Fixed by #4868
Assignees
@tarunKoyalwar
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Milestone
nuclei v3.2.0

Comments

@mwulftange
Copy link

When an internal extractor is used with a non-internal extractor, the internal extractor no longer appears to find a match and can no longer be referenced in a subsequent request.

Consider the following template:

id: internal-non-internal-extractor-test
info:
  name: Internal with non-internal extractor test
  description: >
    This template tests the behavior of an internal when combined with a
    non-internal extractor. To be targeted at <https://www.iana.org/>.
  author: unknown
  severity: unknown

http:
  - raw:
      - |
        GET {{BaseURL}} HTTP/1.1
      - |
        GET {{absolutePath}} HTTP/1.1

    req-condition: true
    extractors:
      - type: regex
        internal: true
        part: body_1
        name: absolutePath
        regex:
          - '<a href="(/domains)">'
        group: 1
      - type: regex
        internal: false
        part: body_2
        name: title
        regex:
          - '<title[^>]*>([^<]+)</title>'
        group: 1
    matchers:
      - type: regex
        part: body_2
        regex:
          - '<title[^>]*>([^<]+)</title>'

Nuclei version:

v3.1.10

Current Behavior:

Nuclei 3.1.4 and later with -debug return the following:

[WRN] [example] Could not make http request for https://www.iana.org/: unresolved variables found: absolutePath

Expected Behavior:

Nuclei 3.1.3 and 2.9.15 return the following:

[example:title] [http] [unknown] https://www.iana.org/domains [Domain Name Services]

Steps To Reproduce:

Run the template above against https://www.iana.org/:

nuclei -t internal-non-internal-extractor-test.yaml -u https://www.iana.org/
@mwulftange mwulftange added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Mar 11, 2024
@tarunKoyalwar tarunKoyalwar self-assigned this Mar 12, 2024
@tarunKoyalwar tarunKoyalwar mentioned this issue Mar 12, 2024
Merged
@ehsandeep ehsandeep added this to the nuclei v3.2.0 milestone Mar 13, 2024
@mwulftange mwulftange mentioned this issue Apr 8, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tarunKoyalwar tarunKoyalwar

Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
nuclei v3.2.0
Development

Successfully merging a pull request may close this issue.

multiple bug fixes + -payload-concurrency flag projectdiscovery/nuclei
3 participants
@mwulftange @ehsandeep @tarunKoyalwar