-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issue 3033 deny list #3037
Issue 3033 deny list #3037
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Mzack9999 issue doesnot seems to be fixed .
Results of Template without
|
Results of template with denylistecho $HOME/test | ./nuclei -t ~/test/deny-list.yaml
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.8.4-dev
projectdiscovery.io
[INF] Using Nuclei Engine 2.8.4-dev (development)
[INF] Using Nuclei Templates 9.3.1 (latest)
[INF] Templates added in last update: 2
[INF] Templates loaded for scan: 1
[INF] Targets loaded for scan: 1
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x40 pc=0x100eb0c38]
goroutine 56 [running]:
github.com/projectdiscovery/nuclei/v2/pkg/operators.(*Operators).GetMatchersCondition(...)
/Users/tarun/Codebase/nuclei/v2/pkg/operators/operators.go:69
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).findMatchesWithReader(0x1400044b9e0, {0x1026e62c0, 0x140005b85e8}, {0x14000305848, 0x11}, {0x1400085c870, 0x27}, 0x10013b41c?, 0x1400052b260?)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/request.go:205 +0xd8
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).processReader(0x1400044b9e0, {0x1026e6960?, 0x14000010238}, {0x1400085c870, 0x27}, {0x14000305848, 0x11}, 0x48?, 0x140005af478?)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/request.go:189 +0xbc
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).processFile(0x1400044b9e0, {0x1400085c870, 0x27}, {0x14000305848, 0x11}, 0x80?)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/request.go:184 +0x368
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).ExecuteWithResults.func1.1(0x1400007ee60?, 0x1400044b9e0, 0x1400007ee20, 0x14000902150, 0x140009021e0, {0x1400085c870, 0x27})
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/request.go:139 +0x9c8
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).ExecuteWithResults.func1({0x1400085c870, 0x27})
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/request.go:156 +0x88
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).findDirectoryMatches.func1({0x1400085c870, 0x27}, {0x1026f79a0?, 0x140009dbb00?}, {0x0?, 0x0?})
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/find.go:103 +0xc0
path/filepath.walkDir({0x1400085c870, 0x27}, {0x1026f79a0, 0x140009dbb00}, 0x140005afb78)
/opt/homebrew/Cellar/go/1.19.3/libexec/src/path/filepath/path.go:398 +0x44
path/filepath.walkDir({0x14000305848, 0x11}, {0x1026f79d8, 0x140008fddd0}, 0x140005afb78)
/opt/homebrew/Cellar/go/1.19.3/libexec/src/path/filepath/path.go:420 +0x228
path/filepath.WalkDir({0x14000305848, 0x11}, 0x140004f8b78)
/opt/homebrew/Cellar/go/1.19.3/libexec/src/path/filepath/path.go:484 +0xb4
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).findDirectoryMatches(0x14000305848?, {0x14000305848?, 0x11?}, 0x100aeaebc?, 0x140004f8d28?)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/find.go:89 +0x58
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).getInputPaths(0x1400044b9e0, {0x14000305848, 0x11}, 0x30?)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/find.go:43 +0x110
github.com/projectdiscovery/nuclei/v2/pkg/protocols/file.(*Request).ExecuteWithResults(0x1400044b9e0, 0x1400007ee20, 0x14000e16638?, 0x14000902150, 0x140009021e0)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/file/request.go:50 +0x104
github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/executer.(*Executer).Execute(0x1400007e4a0, 0x1400007ecc0)
/Users/tarun/Codebase/nuclei/v2/pkg/protocols/common/executer/executer.go:80 +0x384
github.com/projectdiscovery/nuclei/v2/pkg/core.(*Engine).executeModelWithInput.func2.1(0x0?, 0x0?, 0x1400007ea40)
/Users/tarun/Codebase/nuclei/v2/pkg/core/execute.go:146 +0x144
created by github.com/projectdiscovery/nuclei/v2/pkg/core.(*Engine).executeModelWithInput.func2
/Users/tarun/Codebase/nuclei/v2/pkg/core/execute.go:131 +0x610 id: basic-auth-creds
info:
name: Basic Auth Credentials
author: gaurang
severity: high
tags: token,file,auth
file:
- extensions:
- all
- denylist:
- test
- experimental
- qa
extractors:
- type: regex
regex:
- "[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\"'\\s]" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm!
echo $HOME/test | ./nuclei -t deny-template.yaml
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.8.4-dev
projectdiscovery.io
[INF] Using Nuclei Engine 2.8.4-dev (development)
[INF] Using Nuclei Templates 9.3.1 (latest)
[INF] Templates added in last update: 2
[INF] Templates loaded for scan: 1
[INF] Targets loaded for scan: 1
[INF] No results found. Better luck next time!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Mzack9999 we can resolve the conflict and merge this PR.
Proposed changes
Closes #3033
Checklist