Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
projectdiscovery
GitHub Repository: projectdiscovery/nuclei
 Path: blob/dev/pkg/protocols/offlinehttp/request.go
2070 views
1
package offlinehttp

2


3
import (

4
	"fmt"

5
	"io"

6
	"net/http"

7
	"net/http/httputil"

8
	"os"

9


10
	"github.com/pkg/errors"

11


12
	"github.com/projectdiscovery/gologger"

13
	"github.com/projectdiscovery/nuclei/v3/pkg/output"

14
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols"

15
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"

16
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/generators"

17
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/helpers/eventcreator"

18
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/utils"

19
	templateTypes "github.com/projectdiscovery/nuclei/v3/pkg/templates/types"

20
	"github.com/projectdiscovery/utils/conversion"

21
	syncutil "github.com/projectdiscovery/utils/sync"

22
	unitutils "github.com/projectdiscovery/utils/unit"

23
)

24


25
var _ protocols.Request = &Request{}

26


27
const maxSize = 5 * unitutils.Mega

28


29
// Type returns the type of the protocol request

30
func (request *Request) Type() templateTypes.ProtocolType {

31
	return templateTypes.OfflineHTTPProtocol

32
}

33


34
// RawInputMode is a flag to indicate if the input is raw input

35
// rather than a file path

36
var RawInputMode = false

37


38
// ExecuteWithResults executes the protocol requests and returns results instead of writing them.

39
func (request *Request) ExecuteWithResults(input *contextargs.Context, metadata, previous output.InternalEvent, callback protocols.OutputEventCallback) error {

40
	if RawInputMode {

41
		return request.executeRawInput(input.MetaInput.Input, "", input, callback)

42
	}

43


44
	wg, err := syncutil.New(syncutil.WithSize(request.options.Options.BulkSize))

45
	if err != nil {

46
		return err

47
	}

48


49
	err = request.getInputPaths(input.MetaInput.Input, func(data string) {

50
		wg.Add()

51


52
		go func(data string) {

53
			defer wg.Done()

54


55
			file, err := os.Open(data)

56
			if err != nil {

57
				gologger.Error().Msgf("Could not open file path %s: %s\n", data, err)

58
				return

59
			}

60
			defer func() {

61
				_ = file.Close()

62
			}()

63


64
			stat, err := file.Stat()

65
			if err != nil {

66
				gologger.Error().Msgf("Could not stat file path %s: %s\n", data, err)

67
				return

68
			}

69
			if stat.Size() >= int64(maxSize) {

70
				gologger.Verbose().Msgf("Could not process path %s: exceeded max size\n", data)

71
				return

72
			}

73


74
			buffer, err := io.ReadAll(file)

75
			if err != nil {

76
				gologger.Error().Msgf("Could not read file path %s: %s\n", data, err)

77
				return

78
			}

79
			dataStr := conversion.String(buffer)

80


81
			if err := request.executeRawInput(dataStr, data, input, callback); err != nil {

82
				gologger.Error().Msgf("Could not execute raw input %s: %s\n", data, err)

83
				return

84
			}

85
		}(data)

86
	})

87
	wg.Wait()

88
	if err != nil {

89
		request.options.Output.Request(request.options.TemplatePath, input.MetaInput.Input, "file", err)

90
		request.options.Progress.IncrementFailedRequestsBy(1)

91
		return errors.Wrap(err, "could not send file request")

92
	}

93
	request.options.Progress.IncrementRequests()

94
	return nil

95
}

96


97
func (request *Request) executeRawInput(data, inputString string, input *contextargs.Context, callback protocols.OutputEventCallback) error {

98
	resp, err := readResponseFromString(data)

99
	if err != nil {

100
		return errors.Wrap(err, "could not read raw response")

101
	}

102


103
	if request.options.Options.Debug || request.options.Options.DebugRequests {

104
		gologger.Info().Msgf("[%s] Dumped offline-http request for %s", request.options.TemplateID, data)

105
		gologger.Print().Msgf("%s", data)

106
	}

107
	gologger.Verbose().Msgf("[%s] Sent OFFLINE-HTTP request to %s", request.options.TemplateID, data)

108


109
	dumpedResponse, err := httputil.DumpResponse(resp, true)

110
	if err != nil {

111
		return errors.Wrap(err, "could not dump raw http response")

112
	}

113


114
	body, err := io.ReadAll(resp.Body)

115
	if err != nil {

116
		return errors.Wrap(err, "could not read raw http response body")

117
	}

118
	reqURL := inputString

119
	if inputString == "" {

120
		reqURL = getURLFromRequest(resp.Request)

121
	}

122


123
	outputEvent := request.responseToDSLMap(resp, data, reqURL, data, conversion.String(dumpedResponse), conversion.String(body), utils.HeadersToString(resp.Header), 0, nil)

124
	// add response fields to template context and merge templatectx variables to output event

125
	request.options.AddTemplateVars(input.MetaInput, request.Type(), request.GetID(), outputEvent)

126
	if request.options.HasTemplateCtx(input.MetaInput) {

127
		outputEvent = generators.MergeMaps(outputEvent, request.options.GetTemplateCtx(input.MetaInput).GetAll())

128
	}

129
	outputEvent["ip"] = ""

130


131
	event := eventcreator.CreateEvent(request, outputEvent, request.options.Options.Debug || request.options.Options.DebugResponse)

132
	callback(event)

133
	return nil

134
}

135


136
func getURLFromRequest(req *http.Request) string {

137
	if req.URL.Scheme == "" {

138
		req.URL.Scheme = "https"

139
	}

140
	return fmt.Sprintf("%s://%s%s", req.URL.Scheme, req.Host, req.URL.Path)

141
}

142


143
// UpdateOptions replaces this request's options with a new copy

144
func (r *Request) UpdateOptions(opts *protocols.ExecutorOptions) {

145
	r.options = opts

146
}

147


148