Closed sgxgsx closed 3 years ago
I've used nuclei with Mullvad, PIA and ProtonVPN with no issues on Debian, Ubuntu and Fedora (OpenVPN and Wireguard). You could try a different node (Google might be blocking or ignoring requests from some VPN providers because of abuse), try limiting the amount of requests, and lastly try using your own DNS resolver (I have a cluster of 6 Unbound servers behind a load balancer). Some VPN servers can't (or won't) handle thousands of DNS and HTTP requests per second. Good luck out there!
@vladosstrawberry could you share the exact setup to replicate this behaviour?
@geeknik I just said that google is not blocking me. (google is just an example). I limited requests to 1 request per second and it's not working. If I don't use Mullvad then everything is okay.
@bauthard How do I do that? Ubuntu 2020.4 Mullvad 2020.7 (latest) nuclei (latest stable version 2.2.0)
Just when I am under the VPN connection then nuclei doesn't want to pass the traffic through that connection. It's possible to scan only those hosts that are inside VPN, not those to which you get through the tunnel
@vladosstrawberry this should be fixed here, thanks for reporting this.
@ehsandeep I check this fix under my corporate VPN (GlobalProtect) using nuclei 2.3.0. When trying to run some templates against internal host, I'm still getting error
Could not execute request for http://<internal_hostname>/: no response got for request
I found workaround, when using -proxy-url
this issue doesn't exist - host is being properly resolved and template runs without any errors.
@kpoow you can also use -system-resolvers
flag that we added in 2.3.0
I ran into a similar issue and my fix was to specify the resolver used when connected to the VPN:
nuclei -u https://target.com -t ~/nuclei-templates -r resolvers.txt
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ 2.4.3
projectdiscovery.io
[INF] Using Nuclei Engine 2.4.3 (latest)
[INF] Using Nuclei Templates 8.4.5 (latest)
[INF] Using Interactsh Server https://interact.sh
[INF] Templates loaded: 1772 (New: 82)
[INF] Templates clustered: 283 (Reduced 265 HTTP Requests)
[2021-08-16 14:30:09] [server-status-localhost] [http] [low] https://target.com/server-status
You can find the resolver by doing a dig on your target and checking the SERVER part of the response:
;; SERVER: 192.168.211.2#53(192.168.211.2)
Describe the bug It seems that nuclei doesn't resolve the hosts when it's used under a VPN. While trying to scan https://google.com with a verbose flag enabled - nuclei output:
If it's scanned using -debug option, then we see that it sends HTTP request but never gets a response.
I have verified that this issue persists even if I limit nuclei to 1 request per second and used a normal User-Agent. I am using a Mullvad VPN with openvpn option (used different options, while testing). If I use curl or a browser - everything is okay. If I scan without a vpn - then everything is okay. But truth to say I need to use a vpn for some targets
Nuclei version 2.2.0
Screenshot of the error or bug