Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
projectdiscovery
GitHub Repository: projectdiscovery/nuclei
 Path: blob/dev/pkg/input/formats/yaml/multidoc.go
2852 views
1
package yaml

2


3
import (

4
	"bytes"

5
	"io"

6


7
	"github.com/pkg/errors"

8
	"github.com/projectdiscovery/gologger"

9
	"github.com/projectdiscovery/nuclei/v3/pkg/input/formats"

10
	"github.com/projectdiscovery/nuclei/v3/pkg/input/types"

11
	YamlUtil "gopkg.in/yaml.v3"

12
)

13


14
// YamlMultiDocFormat is a Yaml format parser for nuclei

15
// input HTTP requests with multiple documents separated by ---

16
type YamlMultiDocFormat struct {

17
	opts formats.InputFormatOptions

18
}

19


20
// New creates a new JSON format parser

21
func New() *YamlMultiDocFormat {

22
	return &YamlMultiDocFormat{}

23
}

24


25
var _ formats.Format = &YamlMultiDocFormat{}

26


27
// proxifyRequest is a request for proxify

28
type proxifyRequest struct {

29
	URL     string `json:"url"`

30
	Request struct {

31
		Header map[string]string `json:"header"`

32
		Body   string            `json:"body"`

33
		Raw    string            `json:"raw"`

34
	} `json:"request"`

35
}

36


37
// Name returns the name of the format

38
func (j *YamlMultiDocFormat) Name() string {

39
	return "yaml"

40
}

41


42
func (j *YamlMultiDocFormat) SetOptions(options formats.InputFormatOptions) {

43
	j.opts = options

44
}

45


46
// Parse parses the input and calls the provided callback

47
// function for each RawRequest it discovers.

48
func (j *YamlMultiDocFormat) Parse(input io.Reader, resultsCb formats.ParseReqRespCallback, filePath string) error {

49
	finalInput := input

50


51
	// Apply text templating if enabled

52
	if j.opts.VarsTextTemplating {

53
		data, err := io.ReadAll(input)

54
		if err != nil {

55
			return errors.Wrap(err, "could not read input")

56
		}

57
		tpl := []string{string(data)}

58
		dvs := mapToKeyValueSlice(j.opts.Variables)

59
		finalData, err := ytt(tpl, dvs, j.opts.VarsFilePaths)

60
		if err != nil {

61
			return errors.Wrap(err, "could not apply ytt templating")

62
		}

63
		finalInput = bytes.NewReader(finalData)

64
	}

65


66
	decoder := YamlUtil.NewDecoder(finalInput)

67
	for {

68
		var request proxifyRequest

69
		if err := decoder.Decode(&request); err != nil {

70
			if err == io.EOF {

71
				break

72
			}

73
			return errors.Wrap(err, "could not decode yaml file")

74
		}

75


76
		raw := request.Request.Raw

77
		if raw == "" {

78
			continue

79
		}

80


81
		rawRequest, err := types.ParseRawRequestWithURL(raw, request.URL)

82
		if err != nil {

83
			gologger.Warning().Msgf("multidoc-yaml: Could not parse raw request %s: %s", request.URL, err)

84
			continue

85
		}

86
		resultsCb(rawRequest)

87
	}

88
	return nil

89
}

90


91