Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix unresolved interactsh-url variable with fuzzing #5289

Merged
merged 3 commits into from
Jul 25, 2024
Merged

fix unresolved interactsh-url variable with fuzzing #5289

merged 3 commits into from
Jul 25, 2024

Conversation

RamanaReddy0M
Copy link
Contributor

@RamanaReddy0M RamanaReddy0M commented Jun 13, 2024
edited
Loading

Proposed changes

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@RamanaReddy0M RamanaReddy0M self-assigned this Jun 13, 2024
@RamanaReddy0M RamanaReddy0M linked an issue Jun 13, 2024 that may be closed by this pull request
unresolved variables found: interactsh-url issue - Fuzzing Template (Payloads) #5181
Closed
ehsandeep
ehsandeep requested changes Jul 15, 2024
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RamanaReddy0M this works for first example, not for second one.

id: variables-example

info:
  name: Variables Example
  author: pdteam
  severity: info

variables:
  test: "{{interactsh-url}}"

http:
  - pre-condition:
      - type: dsl
        dsl:
          - 'method == "GET"' 

    fuzzing:
      - part: query
        mode: multiple
        fuzz:
          - "{{url_encode(test)}}"
          - "{{base64(test)}}"
$ echo https://example.com/test?a=b | ./nuclei -t test.yaml -debug-req -v -dast

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.2.8

		projectdiscovery.io

[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.2.8 (outdated)
[INF] Current nuclei-templates version: v9.9.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 75
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] Using Interactsh Server: oast.me
[INF] [variables-example] Dumped HTTP request for https://example.com/test?a=cqag4tcbajf8h6sspge0u5rs19dzrtw5p.oast.me

GET /test?a=cqag4tcbajf8h6sspge0u5rs19dzrtw5p.oast.me HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Encoding: gzip

[VER] [variables-example] Sent HTTP request to https://example.com/test?a=cqag4tcbajf8h6sspge0u5rs19dzrtw5p.oast.me
[INF] [variables-example] Dumped HTTP request for https://example.com/test?a=e3tpbnRlcmFjdHNoLXVybH19

GET /test?a=e3tpbnRlcmFjdHNoLXVybH19 HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Accept-Encoding: gzip

[VER] [variables-example] Sent HTTP request to https://example.com/test?a=e3tpbnRlcmFjdHNoLXVybH19
[INF] No results found. Better luck next time!

Notice e3tpbnRlcmFjdHNoLXVybH19 is {{interactsh-url}} replaced as it is.

@RamanaReddy0M
Copy link
Contributor Author 

✗ echo 'https://example.com/test?a=b' | go run . -t test.yaml -v -dast

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0

                projectdiscovery.io

[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.3.0 (latest)
[INF] Current nuclei-templates version: v9.9.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 75
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] Using Interactsh Server: oast.fun
[VER] [variables-example] Sent HTTP request to https://example.com/test?a=cqgb9a7d5lbjdmrniu0gy7cispjegq7bj.oast.fun
[VER] [variables-example] Sent HTTP request to https://example.com/test?a=Y3FnYjlhN2Q1bGJqZG1ybml1MGd5N2Npc3BqZWdxN2JqLm9hc3QuZnVu
[INF] No results found. Better luck next time!

@ehsandeep ehsandeep merged commit 33dbb51 into dev Jul 25, 2024
12 checks passed
@ehsandeep ehsandeep deleted the issue-5181-unresolved-var-fuzz branch July 25, 2024 18:31
@BrewTestBot BrewTestBot mentioned this pull request Aug 16, 2024
Merged
@github-actions github-actions bot mentioned this pull request Sep 3, 2024
Closed
@blsaccess blsaccess mentioned this pull request Sep 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@Mzack9999 Mzack9999 Mzack9999 approved these changes

@dogancanbakir dogancanbakir dogancanbakir approved these changes

Assignees

@RamanaReddy0M RamanaReddy0M

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

unresolved variables found: interactsh-url issue - Fuzzing Template (Payloads)
4 participants
@RamanaReddy0M @ehsandeep @Mzack9999 @dogancanbakir