Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
projectdiscovery
GitHub Repository: projectdiscovery/nuclei
 Path: blob/dev/pkg/fuzz/analyzers/analyzers.go
2070 views
1
package analyzers

2


3
import (

4
	"math/rand"

5
	"strconv"

6
	"strings"

7
	"time"

8


9
	"github.com/projectdiscovery/nuclei/v3/pkg/fuzz"

10
	"github.com/projectdiscovery/retryablehttp-go"

11
)

12


13
// Analyzer is an interface for all the analyzers

14
// that can be used for the fuzzer

15
type Analyzer interface {

16
	// Name returns the name of the analyzer

17
	Name() string

18
	// ApplyTransformation applies the transformation to the initial payload.

19
	ApplyInitialTransformation(data string, params map[string]interface{}) string

20
	// Analyze is the main function for the analyzer

21
	Analyze(options *Options) (bool, string, error)

22
}

23


24
// AnalyzerTemplate is the template for the analyzer

25
type AnalyzerTemplate struct {

26
	// description: |

27
	//   Name is the name of the analyzer to use

28
	// values:

29
	//   - time_delay

30
	Name string `json:"name" yaml:"name"`

31
	// description: |

32
	//   Parameters is the parameters for the analyzer

33
	//

34
	//   Parameters are different for each analyzer. For example, you can customize

35
	//   time_delay analyzer with sleep_duration, time_slope_error_range, etc. Refer

36
	//   to the docs for each analyzer to get an idea about parameters.

37
	Parameters map[string]interface{} `json:"parameters" yaml:"parameters"`

38
}

39


40
var (

41
	analyzers map[string]Analyzer

42
)

43


44
// RegisterAnalyzer registers a new analyzer

45
func RegisterAnalyzer(name string, analyzer Analyzer) {

46
	analyzers[name] = analyzer

47
}

48


49
// GetAnalyzer returns the analyzer for a given name

50
func GetAnalyzer(name string) Analyzer {

51
	return analyzers[name]

52
}

53


54
func init() {

55
	analyzers = make(map[string]Analyzer)

56
}

57


58
// Options contains the options for the analyzer

59
type Options struct {

60
	FuzzGenerated      fuzz.GeneratedRequest

61
	HttpClient         *retryablehttp.Client

62
	ResponseTimeDelay  time.Duration

63
	AnalyzerParameters map[string]interface{}

64
}

65


66
var (

67
	random = rand.New(rand.NewSource(time.Now().UnixNano()))

68
)

69


70
// ApplyPayloadTransformations applies the payload transformations to the payload

71
// It supports the below payloads -

72
//   - [RANDNUM] => random number between 1000 and 9999

73
//   - [RANDSTR] => random string of 4 characters

74
func ApplyPayloadTransformations(value string) string {

75
	randomInt := GetRandomInteger()

76
	randomStr := randStringBytesMask(4)

77


78
	value = strings.ReplaceAll(value, "[RANDNUM]", strconv.Itoa(randomInt))

79
	value = strings.ReplaceAll(value, "[RANDSTR]", randomStr)

80
	return value

81
}

82


83
const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"

84


85
func randStringBytesMask(n int) string {

86
	b := make([]byte, n)

87
	for i := range b {

88
		b[i] = letterBytes[random.Intn(len(letterBytes))]

89
	}

90
	return string(b)

91
}

92


93
// GetRandomInteger returns a random integer between 1000 and 9999

94
func GetRandomInteger() int {

95
	return random.Intn(9000) + 1000

96
}

97


98