Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tlsx dep update #3792

Merged
merged 7 commits into from
Jun 19, 2023
Merged

tlsx dep update #3792

merged 7 commits into from
Jun 19, 2023

Conversation

ehsandeep
Copy link
Member

@ehsandeep ehsandeep commented Jun 7, 2023

Proposed changes

Indirectly fixes an issue with scan with ssl template getting stuck. (projectdiscovery/tlsx#263)

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@ehsandeep
Copy link
Member Author

ehsandeep commented Jun 8, 2023

nuclei -id tls-version -v -u 161.168.216.3

Max RSS: 158 MB
Sys Time: 505.787µs
User Time: 587.206µs
Actual Time: 5m43.239783916s
Voluntary Context Switch (nvcsw): 487

@ehsandeep ehsandeep requested review from RamanaReddy0M and removed request for ShubhamRasal June 12, 2023 09:01
@ehsandeep ehsandeep marked this pull request as draft June 12, 2023 09:06
@ehsandeep ehsandeep linked an issue Jun 12, 2023 that may be closed by this pull request
@tarunKoyalwar
Copy link
Member

POC

$ cmdutil ./nuclei -id "tls-version" -u localhost:440 -debug

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.9.6

		projectdiscovery.io

[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/wordpress-weak-credentials.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/linux-lfi-fuzzing.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/cves/2017/CVE-2017-17562.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/vulnerabilities/wordpress/wordpress-wp-cron.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/cves/2020/CVE-2020-16139.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/cves/2022/CVE-2022-2034.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/ssrf-via-proxy.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/mdb-database-file.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/prestashop-module-fuzz.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/default-logins/oracle/peoplesoft-default-login.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/waf-fuzz.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/header-command-injection.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/exposed-panels/adminer-panel-detect.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/cves/2019/CVE-2019-17382.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/misconfiguration/proxy/open-proxy-internal.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/misconfiguration/proxy/open-proxy-portscan.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/misconfiguration/proxy/open-proxy-localhost.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/exposures/backups/php-backup-files.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/wordpress-themes-detect.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/valid-gmail-check.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/xff-403-bypass.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/iis-shortname.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/cves/2019/CVE-2019-15043.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/cache-poisoning-fuzz.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/miscellaneous/ntlm-directories.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/misconfiguration/gitlab/gitlab-user-enum.yaml: the template was excluded
[WRN] Could not load template /Users/tarun/nuclei-templates/http/fuzzing/wordpress-plugins-detect.yaml: the template was excluded
[WRN] Found 3 templates loaded with deprecated protocol syntax, update before v2.9.5 for continued support.
[INF] Current nuclei version: v2.9.6 (latest)
[INF] Current nuclei-templates version: v9.5.2 (latest)
[INF] New templates added in latest release: 50
[INF] Templates loaded for current scan: 1
[INF] Targets loaded for current scan: 1
[WRN] [tls-version] Could not execute request for localhost:440: [tls-version,auto:RUNTIME] [ctls:RUNTIME] context deadline exceeded <- could not do handshake; [ztls:RUNTIME] read tcp 127.0.0.1:55847->127.0.0.1:440: i/o timeout <- could not do tls handshake; [LibreSSL3.3.6,/usr/bin/openssl,LibreSSL3.3.6:RUNTIME] failed to response from openssl <- Command: /usr/bin/openssl s_client -connect localhost:440 -servername localhost -tls1 <- failed to execute openssl got  <- signal: killed <- could not connect to host <- could not connect to server
[WRN] [tls-version] Could not execute request for localhost:440: [tls-version,auto:RUNTIME] [ctls:RUNTIME] context deadline exceeded <- could not do handshake; [ztls,ztls:RUNTIME] timeout while attempting handshake <- could not do tls handshake; [LibreSSL3.3.6,/usr/bin/openssl,LibreSSL3.3.6:RUNTIME] failed to response from openssl <- Command: /usr/bin/openssl s_client -connect localhost:440 -servername localhost -tls1_1 <- failed to execute openssl got  <- signal: killed <- could not connect to host <- could not connect to server
[WRN] [tls-version] Could not execute request for localhost:440: [tls-version,auto:RUNTIME] [ctls:RUNTIME] context deadline exceeded <- could not do handshake; [ztls:RUNTIME] read tcp 127.0.0.1:55898->127.0.0.1:440: i/o timeout <- could not do tls handshake; [LibreSSL3.3.6,/usr/bin/openssl,LibreSSL3.3.6:RUNTIME] failed to response from openssl <- Command: /usr/bin/openssl s_client -connect localhost:440 -servername localhost -tls1_2 <- failed to execute openssl got  <- signal: killed <- could not connect to host <- could not connect to server
[WRN] [tls-version] Could not execute request for localhost:440: [tls-version,auto:RUNTIME] [ctls:RUNTIME] context deadline exceeded <- could not do handshake; [openssl:RUNTIME] failed to generate openssl options <- unsupported version; [ctls:RUNTIME] context deadline exceeded <- could not do handshake; [openssl:RUNTIME] failed to generate openssl options <- unsupported version <- could not connect to host <- could not connect to server
[INF] No results found. Better luck next time!

------------------------------
Command: ./nuclei -id tls-version -u localhost:440 -debug
Max RSS: 146 MB
Sys Time: 352.828µs
User Time: 975.298µs
Actual Time: 1m52.325149083s
Voluntary Context Switch (nvcsw): 6467

In ^ it takes 1m52sec to complete executing template which is expected since in tls-version template we make 4 requests (with different min-max version) and template uses auto scan mode (i.e fallback and use all available implementations)
with default 10 sec timeout

@tarunKoyalwar tarunKoyalwar marked this pull request as ready for review June 15, 2023 13:51
@tarunKoyalwar tarunKoyalwar requested review from Mzack9999 and removed request for RamanaReddy0M June 15, 2023 13:51
@tarunKoyalwar tarunKoyalwar self-assigned this Jun 15, 2023
Copy link
Member

@Mzack9999 Mzack9999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm - note httpx was downgraded (it should be restored via dependant bot)

@Mzack9999 Mzack9999 merged commit a872864 into dev Jun 19, 2023
7 checks passed
@Mzack9999 Mzack9999 deleted the tlsx-dep-update branch June 19, 2023 10:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

nuclei getting stuck with running ssl template
3 participants