Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added clustering support for TLS templates #3209

Merged
merged 5 commits into from
Jan 17, 2023
Merged

Added clustering support for TLS templates #3209

merged 5 commits into from
Jan 17, 2023

Conversation

Ice3man543
Copy link
Member

@Ice3man543 Ice3man543 commented Jan 17, 2023
edited
Loading

Proposed changes

Closes #2440

./nuclei -t ./report -u docs.hackerone.com:443 

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.7

                projectdiscovery.io

[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 2
[INF] Targets loaded for scan: 1
[INF] Templates clustered: 2 (Reduced 1 Requests)
[ssl-issuer] [ssl] [info] docs.hackerone.com [Let's Encrypt]

Default run leads to reduction of 6 requests per public templates.

 ./nuclei -t ~/nuclei-templates/ssl -u docs.hackerone.com:443 

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.7

                projectdiscovery.io

[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 1
[INF] Templates clustered: 7 (Reduced 6 Requests)
[ssl-dns-names] [ssl] [low] docs.hackerone.com [docs.hackerone.com]
[tls-version] [ssl] [low] docs.hackerone.com [tls13]
[ssl-issuer] [ssl] [low] docs.hackerone.com [Let's Encrypt]

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@Ice3man543 Ice3man543 self-assigned this Jan 17, 2023
@Ice3man543 Ice3man543 added the Status: Review Needed The issue has a PR attached to it which needs to be reviewed label Jan 17, 2023
@Ice3man543 Ice3man543 linked an issue Jan 17, 2023 that may be closed by this pull request
Add support for TLS clustering #2440
Closed
Base automatically changed from dns-clustering to dev January 17, 2023 07:31
tarunKoyalwar
tarunKoyalwar approved these changes Jan 17, 2023
View reviewed changes
Copy link
Member

@tarunKoyalwar tarunKoyalwar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

$  ./nuclei -t ~/nuclei-templates/ssl -u scanme.sh

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.7

		projectdiscovery.io

[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 1
[INF] Templates clustered: 7 (Reduced 6 Requests)
[mismatched-ssl] [ssl] [low] scanme.sh
[self-signed-ssl] [ssl] [low] scanme.sh
[ssl-issuer] [ssl] [low] scanme.sh [pd]
[tls-version] [ssl] [low] scanme.sh [tls13]
[deprecated-tls] [ssl] [info] scanme.sh [tls10]
[deprecated-tls] [ssl] [info] scanme.sh [tls11]
$ ./nuclei -t ~/nuclei-templates/ssl -u scanme.sh -disable-clustering

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.7

		projectdiscovery.io

[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 1
[tls-version] [ssl] [info] scanme.sh [tls13]
[mismatched-ssl] [ssl] [low] scanme.sh
[deprecated-tls] [ssl] [info] scanme.sh [tls10]
[ssl-issuer] [ssl] [info] scanme.sh [pd]
[deprecated-tls] [ssl] [info] scanme.sh [tls11]
[self-signed-ssl] [ssl] [low] scanme.sh

v2/pkg/templates/cluster.go Outdated Show resolved Hide resolved
ehsandeep
ehsandeep requested changes Jan 17, 2023
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

cat h1.txt | ./nuclei -pt ssl 

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.7

		projectdiscovery.io

[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 8
[INF] Targets loaded for scan: 21
[INF] Templates clustered: 7 (Reduced 126 Requests)
[ssl-issuer] [ssl] [medium] docs.hackerone.com [Let's Encrypt]
[ssl-dns-names] [ssl] [medium] docs.hackerone.com [docs.hackerone.com]
[tls-version] [ssl] [medium] docs.hackerone.com [tls13]
[ssl-issuer] [ssl] [medium] mta-sts.hackerone.com [Let's Encrypt]
[ssl-dns-names] [ssl] [medium] mta-sts.hackerone.com [mta-sts.hackerone.com]
[tls-version] [ssl] [medium] mta-sts.hackerone.com [tls13]
[ssl-issuer] [ssl] [medium] mta-sts.forwarding.hackerone.com [Let's Encrypt]
[ssl-dns-names] [ssl] [medium] mta-sts.forwarding.hackerone.com [mta-sts.forwarding.hackerone.com]
[tls-version] [ssl] [medium] mta-sts.forwarding.hackerone.com [tls13]

Severity information is being wrongly populated randomly.

ehsandeep
ehsandeep approved these changes Jan 17, 2023
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

echo 66.96.146.129 | ./nuclei -id tls-version,ssl-issuer

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.7

		projectdiscovery.io

[INF] Using Nuclei Engine 2.8.7 (latest)
[INF] Using Nuclei Templates 9.3.4 (latest)
[INF] Templates added in last update: 15
[INF] Templates loaded for scan: 2
[INF] Targets loaded for scan: 1
[INF] Templates clustered: 2 (Reduced 1 Requests)
[tls-version] [ssl] [info] 66.96.146.129 [tls12]
[ssl-issuer] [ssl] [info] 66.96.146.129 [Sectigo Limited]

Results into single server hello, instead two (running with -dc option)

image

@ehsandeep ehsandeep merged commit 78c4b9b into dev Jan 17, 2023
@ehsandeep ehsandeep deleted the tls-clustering branch January 17, 2023 12:50
@ehsandeep ehsandeep removed the Status: Review Needed The issue has a PR attached to it which needs to be reviewed label Jan 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarunKoyalwar tarunKoyalwar tarunKoyalwar approved these changes

@ehsandeep ehsandeep ehsandeep approved these changes

Assignees

@Ice3man543 Ice3man543

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support for TLS clustering
3 participants
@Ice3man543 @ehsandeep @tarunKoyalwar