-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added clustering support for TLS templates #3209
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$ ./nuclei -t ~/nuclei-templates/ssl -u scanme.sh
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.8.7
projectdiscovery.io
[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 1
[INF] Templates clustered: 7 (Reduced 6 Requests)
[mismatched-ssl] [ssl] [low] scanme.sh
[self-signed-ssl] [ssl] [low] scanme.sh
[ssl-issuer] [ssl] [low] scanme.sh [pd]
[tls-version] [ssl] [low] scanme.sh [tls13]
[deprecated-tls] [ssl] [info] scanme.sh [tls10]
[deprecated-tls] [ssl] [info] scanme.sh [tls11]
$ ./nuclei -t ~/nuclei-templates/ssl -u scanme.sh -disable-clustering
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.8.7
projectdiscovery.io
[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 1
[tls-version] [ssl] [info] scanme.sh [tls13]
[mismatched-ssl] [ssl] [low] scanme.sh
[deprecated-tls] [ssl] [info] scanme.sh [tls10]
[ssl-issuer] [ssl] [info] scanme.sh [pd]
[deprecated-tls] [ssl] [info] scanme.sh [tls11]
[self-signed-ssl] [ssl] [low] scanme.sh
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cat h1.txt | ./nuclei -pt ssl
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.8.7
projectdiscovery.io
[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 21
[INF] Templates clustered: 7 (Reduced 126 Requests)
[ssl-issuer] [ssl] [medium] docs.hackerone.com [Let's Encrypt]
[ssl-dns-names] [ssl] [medium] docs.hackerone.com [docs.hackerone.com]
[tls-version] [ssl] [medium] docs.hackerone.com [tls13]
[ssl-issuer] [ssl] [medium] mta-sts.hackerone.com [Let's Encrypt]
[ssl-dns-names] [ssl] [medium] mta-sts.hackerone.com [mta-sts.hackerone.com]
[tls-version] [ssl] [medium] mta-sts.hackerone.com [tls13]
[ssl-issuer] [ssl] [medium] mta-sts.forwarding.hackerone.com [Let's Encrypt]
[ssl-dns-names] [ssl] [medium] mta-sts.forwarding.hackerone.com [mta-sts.forwarding.hackerone.com]
[tls-version] [ssl] [medium] mta-sts.forwarding.hackerone.com [tls13]
Severity information is being wrongly populated randomly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
echo 66.96.146.129 | ./nuclei -id tls-version,ssl-issuer
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.8.7
projectdiscovery.io
[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 2
[INF] Targets loaded for scan: 1
[INF] Templates clustered: 2 (Reduced 1 Requests)
[tls-version] [ssl] [info] 66.96.146.129 [tls12]
[ssl-issuer] [ssl] [info] 66.96.146.129 [Sectigo Limited]
Results into single server hello, instead two (running with -dc
option)
Proposed changes
Closes #2440
Default run leads to reduction of 6 requests per public templates.
Checklist