CoCalc -- operators.go

GitHub Repository: projectdiscovery/nuclei
Path: blob/dev/pkg/protocols/headless/operators.go
²⁰⁷⁰ views
1
package headless
2

3
import (
4
	"strconv"
5
	"time"
6

7
	"github.com/projectdiscovery/nuclei/v3/pkg/model"
8
	"github.com/projectdiscovery/nuclei/v3/pkg/operators"
9
	"github.com/projectdiscovery/nuclei/v3/pkg/operators/extractors"
10
	"github.com/projectdiscovery/nuclei/v3/pkg/operators/matchers"
11
	"github.com/projectdiscovery/nuclei/v3/pkg/output"
12
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols"
13
	protocolUtils "github.com/projectdiscovery/nuclei/v3/pkg/protocols/utils"
14
	"github.com/projectdiscovery/nuclei/v3/pkg/types"
15
)
16

17
// Match matches a generic data response again a given matcher
18
func (request *Request) Match(data map[string]interface{}, matcher *matchers.Matcher) (bool, []string) {
19
	itemStr, ok := request.getMatchPart(matcher.Part, data)
20
	if !ok && matcher.Type.MatcherType != matchers.DSLMatcher {
21
		return false, []string{}
22
	}
23

24
	switch matcher.GetType() {
25
	case matchers.StatusMatcher:
26
		statusCode, ok := getStatusCode(data)
27
		if !ok {
28
			return false, []string{}
29
		}
30
		return matcher.Result(matcher.MatchStatusCode(statusCode)), []string{}
31
	case matchers.SizeMatcher:
32
		return matcher.Result(matcher.MatchSize(len(itemStr))), []string{}
33
	case matchers.WordsMatcher:
34
		return matcher.ResultWithMatchedSnippet(matcher.MatchWords(itemStr, data))
35
	case matchers.RegexMatcher:
36
		return matcher.ResultWithMatchedSnippet(matcher.MatchRegex(itemStr))
37
	case matchers.BinaryMatcher:
38
		return matcher.ResultWithMatchedSnippet(matcher.MatchBinary(itemStr))
39
	case matchers.DSLMatcher:
40
		return matcher.Result(matcher.MatchDSL(data)), []string{}
41
	case matchers.XPathMatcher:
42
		return matcher.Result(matcher.MatchXPath(itemStr)), []string{}
43
	}
44
	return false, []string{}
45
}
46

47
func getStatusCode(data map[string]interface{}) (int, bool) {
48
	statusCodeValue, ok := data["status_code"]
49
	if !ok {
50
		return 0, false
51
	}
52
	statusCodeStr, ok := statusCodeValue.(string)
53
	if !ok {
54
		return 0, false
55
	}
56

57
	statusCode, err := strconv.Atoi(statusCodeStr)
58
	if err != nil {
59
		return 0, false
60
	}
61

62
	return statusCode, true
63
}
64

65
// Extract performs extracting operation for an extractor on model and returns true or false.
66
func (request *Request) Extract(data map[string]interface{}, extractor *extractors.Extractor) map[string]struct{} {
67
	itemStr, ok := request.getMatchPart(extractor.Part, data)
68
	if !ok && !extractors.SupportsMap(extractor) {
69
		return nil
70
	}
71

72
	switch extractor.GetType() {
73
	case extractors.RegexExtractor:
74
		return extractor.ExtractRegex(itemStr)
75
	case extractors.KValExtractor:
76
		return extractor.ExtractKval(data)
77
	case extractors.DSLExtractor:
78
		return extractor.ExtractDSL(data)
79
	}
80
	return nil
81
}
82

83
func (request *Request) getMatchPart(part string, data output.InternalEvent) (string, bool) {
84
	switch part {
85
	case "body", "resp", "":
86
		part = "data"
87
	case "history":
88
		part = "history"
89
	case "header":
90
		part = "header"
91
	}
92

93
	item, ok := data[part]
94
	if !ok {
95
		return "", false
96
	}
97
	itemStr := types.ToString(item)
98

99
	return itemStr, true
100
}
101

102
// responseToDSLMap converts a headless response to a map for use in DSL matching
103
func (request *Request) responseToDSLMap(resp, headers, status_code, req, host, matched string, history string) output.InternalEvent {
104
	return output.InternalEvent{
105
		"host":          host,
106
		"matched":       matched,
107
		"req":           req,
108
		"data":          resp,
109
		"header":        headers,
110
		"status_code":   status_code,
111
		"history":       history,
112
		"type":          request.Type().String(),
113
		"template-id":   request.options.TemplateID,
114
		"template-info": request.options.TemplateInfo,
115
		"template-path": request.options.TemplatePath,
116
	}
117
}
118

119
// MakeResultEvent creates a result event from internal wrapped event
120
func (request *Request) MakeResultEvent(wrapped *output.InternalWrappedEvent) []*output.ResultEvent {
121
	return protocols.MakeDefaultResultEvent(request, wrapped)
122
}
123

124
func (request *Request) GetCompiledOperators() []*operators.Operators {
125
	return []*operators.Operators{request.CompiledOperators}
126
}
127

128
func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent) *output.ResultEvent {
129
	fields := protocolUtils.GetJsonFieldsFromURL(types.ToString(wrapped.InternalEvent["host"]))
130
	if types.ToString(wrapped.InternalEvent["ip"]) != "" {
131
		fields.Ip = types.ToString(wrapped.InternalEvent["ip"])
132
	}
133
	if types.ToString(wrapped.InternalEvent["path"]) != "" {
134
		fields.Path = types.ToString(wrapped.InternalEvent["path"])
135
	}
136
	data := &output.ResultEvent{
137
		TemplateID:       types.ToString(wrapped.InternalEvent["template-id"]),
138
		TemplatePath:     types.ToString(wrapped.InternalEvent["template-path"]),
139
		Info:             wrapped.InternalEvent["template-info"].(model.Info),
140
		TemplateVerifier: request.options.TemplateVerifier,
141
		Type:             types.ToString(wrapped.InternalEvent["type"]),
142
		Host:             fields.Host,
143
		Path:             fields.Path,
144
		Port:             fields.Port,
145
		Scheme:           fields.Scheme,
146
		URL:              fields.URL,
147
		Matched:          types.ToString(wrapped.InternalEvent["matched"]),
148
		ExtractedResults: wrapped.OperatorsResult.OutputExtracts,
149
		Timestamp:        time.Now(),
150
		MatcherStatus:    true,
151
		IP:               fields.Ip,
152
		Request:          types.ToString(wrapped.InternalEvent["request"]),
153
		Response:         types.ToString(wrapped.InternalEvent["data"]),
154
		TemplateEncoded:  request.options.EncodeTemplate(),
155
		Error:            types.ToString(wrapped.InternalEvent["error"]),
156
	}
157
	return data
158
}
159

160
Product

Resources

Company
