-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add case-insensitive option to word matcher #1130
Add case-insensitive option to word matcher #1130
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code-wise this looks good to me, regarding tests, yeah, a few more tests with matches and extractors of different kinds would be appreciated.
Also regarding lowercase, could we do it so that if the user passed |
Using |
We need to make sure the changes do not negatively impact the request clustering functionality. |
Looks like clustering ability does not depend on the nuclei/v2/pkg/protocols/http/cluster.go Lines 12 to 29 in efbef30
So I think these changes are safe. But I can add a simple test to check this. |
@zerodivisi0n the problem is that the clusterer uses the same OperatorResult so it's modified in case-sensitive template, it can lead to other templates not behaving correctly in a cluster. Relevant logic here - https://github.com/projectdiscovery/nuclei/blob/efbef301bfbc0d68bd8da88bb7ab0da9179aca13/v2/pkg/protocols/common/clusterer/executer.go |
@Ice3man543 I moved nuclei/v2/pkg/operators/operators.go Lines 138 to 140 in 84e584a
In addition, this made it possible to remove PrepareData() call from each protocol. Now, this call is made in one single place.
I also added an integration test to check cluster functionality with two requests - base and case-insensitive. The test looks a bit ugly, but I decided not to change test harness a lot in this PR. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As agreed, the case-insensitive flag should be applied to KVal
and Word
matchers only. Currently the flag is set on Operator
level, which is not correct/misleading (even if the underlying logic only modifies only the data related to KVal
and Word
). It also means that one template cannot have one case-sensitive and insensitive Word
/KVal
matcher.
Thanks for your feedback @forgedhallpass . I moved the nuclei/integration_tests/http/get-case-insensitive.yaml Lines 8 to 16 in fedb3ca
If this version will be ok for you, can I clean up the code before merging? I want to squash some commits and delete unnecessary ones. |
@zerodivisi0n yeah sure, you can go ahead with the cleanup. I'll do a review after your cleanup then we can merge! |
fedb3ca
to
392ea23
Compare
Hi @Ice3man543 , |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm!
Thank you for your contribution @zerodivisi0n, it looks much better now! |
In this PR I tried to implement case-insensitive matches (#261).
I added this support for the following protocols:
http
,dns
,file
,headless
,network
.Although this solution implements the feature, it has several drawbacks:
Are these drawbacks critical to fix or current solution is enough? I think fixing them will require significant refactoring.
Do I need to add more tests? So far I have added a single test for the http protocol.
Example template:-