Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
projectdiscovery
GitHub Repository: projectdiscovery/nuclei
 Path: blob/dev/cmd/integration-test/headless.go
2070 views
1
package main

2


3
import (

4
	"fmt"

5
	"io"

6
	"net/http"

7
	"net/http/httptest"

8


9
	"github.com/julienschmidt/httprouter"

10


11
	"github.com/projectdiscovery/nuclei/v3/pkg/testutils"

12
)

13


14
var headlessTestcases = []TestCaseInfo{

15
	{Path: "protocols/headless/headless-basic.yaml", TestCase: &headlessBasic{}},

16
	{Path: "protocols/headless/headless-waitevent.yaml", TestCase: &headlessBasic{}},

17
	{Path: "protocols/headless/headless-dsl.yaml", TestCase: &headlessBasic{}},

18
	{Path: "protocols/headless/headless-self-contained.yaml", TestCase: &headlessSelfContained{}},

19
	{Path: "protocols/headless/headless-header-action.yaml", TestCase: &headlessHeaderActions{}},

20
	{Path: "protocols/headless/headless-extract-values.yaml", TestCase: &headlessExtractValues{}},

21
	{Path: "protocols/headless/headless-payloads.yaml", TestCase: &headlessPayloads{}},

22
	{Path: "protocols/headless/variables.yaml", TestCase: &headlessVariables{}},

23
	{Path: "protocols/headless/headless-local.yaml", TestCase: &headlessLocal{}},

24
	{Path: "protocols/headless/file-upload.yaml", TestCase: &headlessFileUpload{}},

25
	{Path: "protocols/headless/file-upload-negative.yaml", TestCase: &headlessFileUploadNegative{}},

26
	{Path: "protocols/headless/headless-header-status-test.yaml", TestCase: &headlessHeaderStatus{}},

27
}

28


29
type headlessBasic struct{}

30


31
// Execute executes a test case and returns an error if occurred

32
func (h *headlessBasic) Execute(filePath string) error {

33
	router := httprouter.New()

34
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

35
		_, _ = fmt.Fprintf(w, "<html><body>%s</body></html>", r.URL.Query().Get("_"))

36
	})

37
	ts := httptest.NewServer(router)

38
	defer ts.Close()

39


40
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-headless")

41
	if err != nil {

42
		return err

43
	}

44


45
	return expectResultsCount(results, 1)

46
}

47


48
type headlessSelfContained struct{}

49


50
// Execute executes a test case and returns an error if occurred

51
func (h *headlessSelfContained) Execute(filePath string) error {

52
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "", debug, "-headless", "-var query=selfcontained")

53
	if err != nil {

54
		return err

55
	}

56


57
	return expectResultsCount(results, 1)

58
}

59


60
type headlessLocal struct{}

61


62
// Execute executes a test case and returns an error if occurred

63
// in this testcases local network access is disabled

64
func (h *headlessLocal) Execute(filePath string) error {

65
	router := httprouter.New()

66
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

67
		_, _ = w.Write([]byte("<html><body></body></html>"))

68
	})

69
	ts := httptest.NewServer(router)

70
	defer ts.Close()

71


72
	args := []string{"-t", filePath, "-u", ts.URL, "-headless", "-lna"}

73


74
	results, err := testutils.RunNucleiWithArgsAndGetResults(debug, args...)

75
	if err != nil {

76
		return err

77
	}

78
	return expectResultsCount(results, 0)

79
}

80


81
type headlessHeaderActions struct{}

82


83
// Execute executes a test case and returns an error if occurred

84
func (h *headlessHeaderActions) Execute(filePath string) error {

85
	router := httprouter.New()

86
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

87
		testValue := r.Header.Get("test")

88
		if r.Header.Get("test") != "" {

89
			_, _ = w.Write([]byte("<html><body>" + testValue + "</body></html>"))

90
		}

91
	})

92
	ts := httptest.NewServer(router)

93
	defer ts.Close()

94


95
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-headless")

96
	if err != nil {

97
		return err

98
	}

99


100
	return expectResultsCount(results, 1)

101
}

102


103
type headlessExtractValues struct{}

104


105
// Execute executes a test case and returns an error if occurred

106
func (h *headlessExtractValues) Execute(filePath string) error {

107
	router := httprouter.New()

108
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

109
		_, _ = w.Write([]byte("<html><body><a href='/test.html'>test</a></body></html>"))

110
	})

111
	ts := httptest.NewServer(router)

112
	defer ts.Close()

113
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-headless")

114
	if err != nil {

115
		return err

116
	}

117


118
	return expectResultsCount(results, 1)

119
}

120


121
type headlessPayloads struct{}

122


123
// Execute executes a test case and returns an error if occurred

124
func (h *headlessPayloads) Execute(filePath string) error {

125
	router := httprouter.New()

126
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

127
		_, _ = w.Write([]byte("<html><body>test</body></html>"))

128
	})

129
	ts := httptest.NewServer(router)

130
	defer ts.Close()

131
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-headless")

132
	if err != nil {

133
		return err

134
	}

135


136
	return expectResultsCount(results, 4)

137
}

138


139
type headlessVariables struct{}

140


141
// Execute executes a test case and returns an error if occurred

142
func (h *headlessVariables) Execute(filePath string) error {

143
	router := httprouter.New()

144
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

145
		_, _ = w.Write([]byte("<html><body>aGVsbG8=</body></html>"))

146
	})

147
	ts := httptest.NewServer(router)

148
	defer ts.Close()

149
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-headless")

150
	if err != nil {

151
		return err

152
	}

153


154
	return expectResultsCount(results, 1)

155
}

156


157
type headlessFileUpload struct{}

158


159
// Execute executes a test case and returns an error if occurred

160
func (h *headlessFileUpload) Execute(filePath string) error {

161
	router := httprouter.New()

162
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

163
		_, _ = w.Write([]byte(`

164
		<!doctype html>

165
			<body>

166
				<form method=post enctype=multipart/form-data>

167
				<input type=file name=file>

168
				<input type=submit value=Upload>

169
				</form>

170
			</body>

171
		</html>

172
		`))

173
	})

174
	router.POST("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

175
		file, _, err := r.FormFile("file")

176
		if err != nil {

177
			http.Error(w, err.Error(), http.StatusBadRequest)

178
			return

179
		}

180


181
		defer func() {

182
			_ = file.Close()

183
		}()

184


185
		content, err := io.ReadAll(file)

186
		if err != nil {

187
			http.Error(w, err.Error(), http.StatusBadRequest)

188
			return

189
		}

190


191
		_, _ = w.Write(content)

192
	})

193
	ts := httptest.NewServer(router)

194
	defer ts.Close()

195


196
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-headless")

197
	if err != nil {

198
		return err

199
	}

200


201
	return expectResultsCount(results, 1)

202
}

203


204
type headlessHeaderStatus struct{}

205


206
// Execute executes a test case and returns an error if occurred

207
func (h *headlessHeaderStatus) Execute(filePath string) error {

208
	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "https://scanme.sh", debug, "-headless")

209
	if err != nil {

210
		return err

211
	}

212


213
	return expectResultsCount(results, 1)

214
}

215


216
type headlessFileUploadNegative struct{}

217


218
// Execute executes a test case and returns an error if occurred

219
func (h *headlessFileUploadNegative) Execute(filePath string) error {

220
	router := httprouter.New()

221
	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

222
		_, _ = w.Write([]byte(`

223
		<!doctype html>

224
			<body>

225
				<form method=post enctype=multipart/form-data>

226
				<input type=file name=file>

227
				<input type=submit value=Upload>

228
				</form>

229
			</body>

230
		</html>

231
		`))

232
	})

233
	router.POST("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {

234
		file, _, err := r.FormFile("file")

235
		if err != nil {

236
			http.Error(w, err.Error(), http.StatusBadRequest)

237
			return

238
		}

239


240
		defer func() {

241
			_ = file.Close()

242
		}()

243


244
		content, err := io.ReadAll(file)

245
		if err != nil {

246
			http.Error(w, err.Error(), http.StatusBadRequest)

247
			return

248
		}

249


250
		_, _ = w.Write(content)

251
	})

252
	ts := httptest.NewServer(router)

253
	defer ts.Close()

254
	args := []string{"-t", filePath, "-u", ts.URL, "-headless"}

255


256
	results, err := testutils.RunNucleiWithArgsAndGetResults(debug, args...)

257
	if err != nil {

258
		return err

259
	}

260
	return expectResultsCount(results, 0)

261
}

262


263