search

fyoorer / ShadowClone

Unleash the power of cloud
Apache License 2.0
734 stars 101 forks source link

Running Nuclei #24

Open n0sandb0x opened 1 year ago

n0sandb0x commented 1 year ago

anyone who ran nuclei using this tool? I'm getting the following error.

                    __     _
       ____  __  _______/ /__  (_)
      / __ \/ / / / ___/ / _ \/ /
     / / / / /_/ / /__/ /  __/ /
    /_/ /_/\__,_/\___/_/\___/_/   v2.9.2

            projectdiscovery.io

    [INF] nuclei-templates are not installed, installing...
    [INF] nuclei-templates are not installed, installing...
    [FTL] Could not create runner: [:RUNTIME] could not create config file <- open /home/sbx_user1051/.config/nuclei/reporting-config.yaml: no such file or directory
    Error in running the command:/go/bin/nuclei -list /tmp/infile -es info
    ----------------------------------------------------------
    2023-05-02 00:44:27,639 [INFO] jobrunner.py:239 -- Success function execution
    2023-05-02 00:44:27,640 [INFO] jobrunner.py:311 -- Process finished
]

Activation: 'sc-runtime' (**********id**************)
[
    2023-05-02 00:44:26,303 [INFO] handler.py:152 -- Lithops v2.9.0 - Starting AWS Lambda execution
    2023-05-02 00:44:26,303 [INFO] handler.py:153 -- Execution ID: fbb4d8-0-M000/00003
    2023-05-02 00:44:26,322 [INFO] aws_s3.py:67 -- S3 client created - Region: ap-south-1
    2023-05-02 00:44:26,412 [INFO] jobrunner.py:134 -- Getting dataset from aws_s3://my-bucket
    2023-05-02 00:44:26,504 [INFO] jobrunner.py:180 -- Chunk: 1/1 - Size: 3464 - Range: 0-3463
    2023-05-02 00:44:26,505 [INFO] jobrunner.py:233 -- Going to execute 'execute_command()'
    ---------------------- FUNCTION LOG ----------------------
    [ERR] failed to create config directory at /home/sbx_user1051/.config/nuclei got: mkdir /home/sbx_user1051: read-only file system
    [ERR] failed to write config file at /home/sbx_user1051/.config/nuclei/.templates-config.json got: [:RUNTIME] could not create nuclei config directory at /home/sbx_user1051/.config/nuclei <- mkdir /home/sbx_user1051: read-only file system

I am using the following commands

python3 shadowclone.py -i ~/bbdata/alive.txt --split 200 -o nuke.txt -c "/go/bin/nuclei -list {INPUT} -es info
 python3 shadowclone.py -i ~/bbdata/alive.txt --split 200 -o nuke.txt -c "/go/bin/nuclei -list {INPUT} -t $HOME/nuclei-templates/ -es info"

But still getting the same error can anyone tell if there is anything wrong I'm doing here?

fyoorer commented 1 year ago

There is an example for this in wiki

python shadowclone.py -i <WEB DOMAINS FILE> -c "nuclei -duc -l {INPUT} -t /nuclei-templates/technologies/tech-detect.yaml -config-directory /tmp/"

Another pro tip: don't run all templates -t $HOME/nucle,i-templates/. It will never work with tis tool.

n0sandb0x commented 1 year ago

Hey thanks for your reply I tried just like you mentioned and I ran the following command

python3 shadowclone.py -i ~/bbdata/alive.txt -c "/go/bin/nuclei -l {INPUT} -t /nuclei-templates/technologies/tech-detect.yaml -config-directory /tmp/"

Tried with or without / before nuclei-templates but no luck :/ .

When I check the execution logs I'm getting this error

       [INF] nuclei-templates are not installed, installing...
    [INF] nuclei-templates are not installed, installing...
    [ERR] Could not find template '/nuclei-templates/technologies/tech-detect.yaml': could not find file: stat /nuclei-templates/technologies/tech-detect.yaml: no such file or directory
    [INF] Current nuclei version: v2.9.2 (latest)
    [INF] Current nuclei-templates version:  (outdated)
    [INF] Targets loaded for current scan: 705
    [INF] No results found. Better luck next time!
    [FTL] Could not run nuclei: no valid templates were found
    Error in running the command:/go/bin/nuclei -l /tmp/infile -t /nuclei-templates/technologies/tech-detect.yaml -config-directory /tmp/
    ----------------------------------------------------------
    2023-05-02 02:24:33,036 [INFO] jobrunner.py:239 -- Success function execution
    2023-05-02 02:24:33,046 [INFO] jobrunner.py:311 -- Process finished

The error is weired because it's say that nuclei templates are not installed but I believe we did install them because it was there in the docker file.

fyoorer commented 1 year ago

It seems ProjectDiscovery changed the directory structure for nuclei-templates repo recently. Use the correct path and it should work after that

n0sandb0x commented 1 year ago

Yes I saw the repo looks like they changed it on the Github. So I tried it locally and noticed that it's still the same directory structure nothing changed. Any suggestion how can I guess the correct path for the templates?.

Also you mentioned that you can't run all the templates any reason why?

Thanks

fyoorer commented 1 year ago

try this

python3 shadowclone.py -i ~/bbdata/alive.txt -c "/go/bin/nuclei -l {INPUT} -t /nuclei-templates/http/technologies/tech-detect.yaml -config-directory /tmp/"

Also you mentioned that you can't run all the templates any reason why?

Running all templates even on a single host will definitely take more than 15 minutes. Running it on a bunch of hosts will just kill your lambdas and cost you money.

marcelo321 commented 1 year ago

hey @fyoorer,

If I would want to run nuclei templates anyway because I care about the speed I scan, what do you think I should adjust the memory so I don't run into this error?

2023-10-12 23:25:39,256 [INFO] executors.py:612 -- ExecutorID 44b0ed-0 - Cleaning temporary data
2023-10-12 23:25:39,258 [ERROR] Could not execute the runtime.
Function exceeded maximum memory and was killed