search

projectdiscovery / nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
19.91k stars 2.45k forks source link

The Rate Limits doesn't work when nuclei with workflow #3957

Open diffweb opened 1 year ago

diffweb commented 1 year ago

Discussed in https://github.com/projectdiscovery/nuclei/discussions/3956

Originally posted by **diffweb** July 20, 2023 for example the wordpress workflow file ``` cat self-nuclei-templates/workflow/wordpress.yaml id: wordpress-workflow info: name: wordpress-workflow author: test description: wordpress-workflow workflows: - template: self-nuclei-templates/wordpress/ ``` ``` /root/go/bin/nuclei -w self-nuclei-templates/workflow/wordpress.yaml -u https://www.google.com:443 -rl 1000 -c 1000 -retries 1 -stats __ _ ____ __ _______/ /__ (_) / __ \/ / / / ___/ / _ \/ / / / / / /_/ / /__/ / __/ / /_/ /_/\__,_/\___/_/\___/_/ v2.9.9 projectdiscovery.io [INF] Current nuclei version: v2.9.9 (latest) [INF] Current nuclei-templates version: v9.5.8 (latest) [INF] Workflows loaded for current scan: 1 [INF] Targets loaded for current scan: 1 [INF] Using Interactsh Server: oast.live [0:00:05] | Templates: 1 | Hosts: 1 | RPS: 9 | Matched: 0 | Errors: 0 | Requests: 47/64 (73%) [0:00:10] | Templates: 1 | Hosts: 1 | RPS: 9 | Matched: 0 | Errors: 0 | Requests: 95/137 (69%) [0:00:15] | Templates: 1 | Hosts: 1 | RPS: 9 | Matched: 0 | Errors: 0 | Requests: 142/208 (68%) [0:00:20] | Templates: 1 | Hosts: 1 | RPS: 9 | Matched: 0 | Errors: 0 | Requests: 190/266 (71%) ``` you can see the `-rl 1000 -c 1000 ` doesn't work , because nuclei think the wordpress.yaml just ONE template if you direct use -t , it will speed up ``` /root/go/bin/nuclei -t self-nuclei-templates/wordpress/ -u https://www.google.com:443 -rl 1000 -c 1000 -retries 1 -stats __ _ ____ __ _______/ /__ (_) / __ \/ / / / ___/ / _ \/ / / / / / /_/ / /__/ / __/ / /_/ /_/\__,_/\___/_/\___/_/ v2.9.9 projectdiscovery.io [INF] Current nuclei version: v2.9.9 (latest) [INF] Current nuclei-templates version: v9.5.8 (latest) [INF] New templates added in latest release: 113 [INF] Templates loaded for current scan: 4799 [INF] Targets loaded for current scan: 1 [INF] Templates clustered: 2770 (Reduced 2324 Requests) [INF] Using Interactsh Server: oast.fun [0:00:05] | Templates: 4799 | Hosts: 1 | RPS: 563 | Matched: 0 | Errors: 0 | Requests: 2819/2819 (100%) [0:00:08] | Templates: 4799 | Hosts: 1 | RPS: 354 | Matched: 0 | Errors: 0 | Requests: 2819/2819 (100%) ``` ![image](https://github.com/projectdiscovery/nuclei/assets/30118052/b22b62b7-e3ce-4508-9d6f-f6e014d78a46) When use workflow , Nuclei should calculate the number of template of the Workflow , whichi can apply the right rate limit ,
Mzack9999 commented 1 year ago

@diffweb internally nuclei consider the execution of a workflow equal to one template, and such setting is passed to child executors increasing only the allowance of one unit at each nesting recursive level. This was originally a design choice to avoid a running workflow to monopolize the execution bandwidth. Anyway looks like we need to revamp these assumptions as indeed it makes sense to use the whole available parallelism.