CoCalc -- flow_executor

GitHub Repository: projectdiscovery/nuclei
Path: blob/dev/pkg/tmplexec/flow/flow_executor_test.go
²⁰⁷⁰ views
1
package flow_test
2

3
import (
4
	"context"
5
	"log"
6
	"testing"
7
	"time"
8

9
	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
10
	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/disk"
11
	"github.com/projectdiscovery/nuclei/v3/pkg/loader/workflow"
12
	"github.com/projectdiscovery/nuclei/v3/pkg/progress"
13
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols"
14
	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/contextargs"
15
	"github.com/projectdiscovery/nuclei/v3/pkg/scan"
16
	"github.com/projectdiscovery/nuclei/v3/pkg/templates"
17
	"github.com/projectdiscovery/nuclei/v3/pkg/testutils"
18
	"github.com/projectdiscovery/ratelimit"
19
	"github.com/stretchr/testify/require"
20
)
21

22
var executerOpts *protocols.ExecutorOptions
23

24
func setup() {
25
	options := testutils.DefaultOptions
26
	testutils.Init(options)
27
	progressImpl, _ := progress.NewStatsTicker(0, false, false, false, 0)
28

29
	executerOpts = &protocols.ExecutorOptions{
30
		Output:       testutils.NewMockOutputWriter(options.OmitTemplate),
31
		Options:      options,
32
		Progress:     progressImpl,
33
		ProjectFile:  nil,
34
		IssuesClient: nil,
35
		Browser:      nil,
36
		Catalog:      disk.NewCatalog(config.DefaultConfig.TemplatesDirectory),
37
		RateLimiter:  ratelimit.New(context.Background(), uint(options.RateLimit), time.Second),
38
		Parser:       templates.NewParser(),
39
	}
40
	workflowLoader, err := workflow.NewLoader(executerOpts)
41
	if err != nil {
42
		log.Fatalf("Could not create workflow loader: %s\n", err)
43
	}
44
	executerOpts.WorkflowLoader = workflowLoader
45
}
46

47
func TestFlowTemplateWithIndex(t *testing.T) {
48
	// test
49
	setup()
50
	Template, err := templates.Parse("testcases/nuclei-flow-dns.yaml", nil, executerOpts)
51
	require.Nil(t, err, "could not parse template")
52

53
	require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
54

55
	err = Template.Executer.Compile()
56
	require.Nil(t, err, "could not compile template")
57

58
	input := contextargs.NewWithInput(context.Background(), "hackerone.com")
59
	ctx := scan.NewScanContext(context.Background(), input)
60
	gotresults, err := Template.Executer.Execute(ctx)
61
	require.Nil(t, err, "could not execute template")
62
	require.True(t, gotresults)
63
}
64

65
func TestFlowTemplateWithID(t *testing.T) {
66
	setup()
67
	// apart from parse->compile->execution this testcase checks support for use custom id for protocol request and invocation of
68
	// the same in js
69
	Template, err := templates.Parse("testcases/nuclei-flow-dns-id.yaml", nil, executerOpts)
70
	require.Nil(t, err, "could not parse template")
71

72
	require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
73

74
	err = Template.Executer.Compile()
75
	require.Nil(t, err, "could not compile template")
76

77
	target := contextargs.NewWithInput(context.Background(), "hackerone.com")
78
	ctx := scan.NewScanContext(context.Background(), target)
79
	gotresults, err := Template.Executer.Execute(ctx)
80
	require.Nil(t, err, "could not execute template")
81
	require.True(t, gotresults)
82
}
83

84
func TestFlowWithProtoPrefix(t *testing.T) {
85
	// test
86
	setup()
87

88
	// apart from parse->compile->execution this testcase checks
89
	// mix of custom protocol request id and index is supported in js
90
	// and also validates availability of protocol response variables in template context
91
	Template, err := templates.Parse("testcases/nuclei-flow-dns-prefix.yaml", nil, executerOpts)
92
	require.Nil(t, err, "could not parse template")
93

94
	require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
95

96
	err = Template.Executer.Compile()
97
	require.Nil(t, err, "could not compile template")
98

99
	input := contextargs.NewWithInput(context.Background(), "hackerone.com")
100
	ctx := scan.NewScanContext(context.Background(), input)
101
	gotresults, err := Template.Executer.Execute(ctx)
102
	require.Nil(t, err, "could not execute template")
103
	require.True(t, gotresults)
104
}
105

106
func TestFlowWithConditionNegative(t *testing.T) {
107
	setup()
108

109
	// apart from parse->compile->execution this testcase checks
110
	// if bitwise operator (&&) are properly executed and working
111
	Template, err := templates.Parse("testcases/condition-flow.yaml", nil, executerOpts)
112
	require.Nil(t, err, "could not parse template")
113

114
	require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
115

116
	err = Template.Executer.Compile()
117
	require.Nil(t, err, "could not compile template")
118

119
	input := contextargs.NewWithInput(context.Background(), "scanme.sh")
120
	ctx := scan.NewScanContext(context.Background(), input)
121
	// expect no results and verify thant dns request is executed and http is not
122
	gotresults, err := Template.Executer.Execute(ctx)
123
	require.Nil(t, err, "could not execute template")
124
	require.False(t, gotresults)
125
}
126

127
func TestFlowWithConditionPositive(t *testing.T) {
128
	setup()
129

130
	// apart from parse->compile->execution this testcase checks
131
	// if bitwise operator (&&) are properly executed and working
132
	Template, err := templates.Parse("testcases/condition-flow.yaml", nil, executerOpts)
133
	require.Nil(t, err, "could not parse template")
134

135
	require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
136

137
	err = Template.Executer.Compile()
138
	require.Nil(t, err, "could not compile template")
139

140
	input := contextargs.NewWithInput(context.Background(), "cloud.projectdiscovery.io")
141
	ctx := scan.NewScanContext(context.Background(), input)
142
	// positive match . expect results also verify that both dns() and http() were executed
143
	gotresults, err := Template.Executer.Execute(ctx)
144
	require.Nil(t, err, "could not execute template")
145
	require.True(t, gotresults)
146
}
147

148
func TestFlowWithNoMatchers(t *testing.T) {
149
	setup()
150
	// when using conditional flow with no matchers at all
151
	// we implicitly assume that request was successful and internally changed the result to true (for scope of condition only)
152

153
	Template, err := templates.Parse("testcases/condition-flow-no-operators.yaml", nil, executerOpts)
154
	require.Nil(t, err, "could not parse template")
155

156
	require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
157

158
	err = Template.Executer.Compile()
159
	require.Nil(t, err, "could not compile template")
160

161
	anotherInput := contextargs.NewWithInput(context.Background(), "cloud.projectdiscovery.io")
162
	anotherCtx := scan.NewScanContext(context.Background(), anotherInput)
163
	// positive match . expect results also verify that both dns() and http() were executed
164
	gotresults, err := Template.Executer.Execute(anotherCtx)
165
	require.Nil(t, err, "could not execute template")
166
	require.True(t, gotresults)
167

168
	t.Run("Contains Extractor", func(t *testing.T) {
169
		Template, err := templates.Parse("testcases/condition-flow-extractors.yaml", nil, executerOpts)
170
		require.Nil(t, err, "could not parse template")
171

172
		require.True(t, Template.Flow != "", "not a flow template") // this is classifer if template is flow or not
173

174
		err = Template.Executer.Compile()
175
		require.Nil(t, err, "could not compile template")
176

177
		input := contextargs.NewWithInput(context.Background(), "scanme.sh")
178
		ctx := scan.NewScanContext(context.Background(), input)
179
		// positive match . expect results also verify that both dns() and http() were executed
180
		gotresults, err := Template.Executer.Execute(ctx)
181
		require.Nil(t, err, "could not execute template")
182
		require.True(t, gotresults)
183
	})
184
}
185

186
Product

Resources

Company
