Closed sauravpradhan closed 11 hours ago
Couldn't repro this on osx. Here's what I've did to repro the issue:
simple go server:
package main
import (
"fmt"
"net/http"
)
func apiHandler(w http.ResponseWriter, r *http.Request) {
if r.URL.Path != "/api" {
http.NotFound(w, r)
return
}
w.Header().Set("Content-Type", "text/plain")
w.Header().Set("Access-Control-Allow-Origin", "http://localhost:4200")
w.Header().Set("Access-Control-Allow-Methods", "GET, PUT, POST, DELETE")
w.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.WriteHeader(http.StatusOK)
responseContent := "New Node Server is up and running with volumes. Server version: 4.0"
fmt.Fprint(w, responseContent)
}
func main() {
http.HandleFunc("/api", apiHandler)
port := 4000
fmt.Printf("Starting server on port %d\n", port)
if err := http.ListenAndServe(fmt.Sprintf(":%d", port), nil); err != nil {
fmt.Printf("Error starting server: %s\n", err)
}
}
template:
id: eOTA-vulneribility20240529
info:
name: HTTP BASICS Template
author: __saurav
description: Break-in
severity: info
tags: eota
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: word
words:
- "New Node Server is up and running with volumes"
running go server:
$ go run test.go
Starting server on port 4000
curl request:
$ curl -I http://localhost:4000/api
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Access-Control-Allow-Origin: http://localhost:4200
Content-Type: text/plain
Date: Wed, 29 May 2024 11:59:48 GMT
Content-Length: 67
nuclei:
$ go run . -t test_template.yaml -u http://localhost:4000/api
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.2.8
projectdiscovery.io
[INF] Current nuclei version: v3.2.8 (latest)
[INF] Current nuclei-templates version: v9.8.7 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 62
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[eOTA-vulneribility20240529] [http] [info] http://localhost:4000/api
@sauravpradhan, Nuclei resolves IP addresses to domains using the /etc/hosts file in linux/mac, and this includes localhost. On Windows, it uses the ${SystemRoot}/System32/drivers/etc/hosts file. If Nuclei can't resolve localhost, please check if this file has an entry for localhost. If it doesn't, try adding one to see if this resolves the issue.
@tarunKoyalwar I ll try this and get back if this issue is resolved or not.
@tarunKoyalwar Added this change to hosts file: C:\Windows\System32\drivers\etc
New error:(Port Closed) [WRN] [eOTA-vulneribility20240529] Could not execute request for http://localhost:4000/api: [:RUNTIME] got err while executing http://localhost:4000/api <- Get "http://localhost:4000/api": errKind=network-permanent-error [address=localhost:4000] port closed or filtered; No connection could be made because the target machine actively refused it.
@sauravpradhan Are you able to reach the port with curl?
@sauravpradhan Are you able to reach the port with curl?
Yes ,
Closing this; still not reproducible.
$ curl -I http://localhost:4000/api
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE
Access-Control-Allow-Origin: http://localhost:4000
Content-Type: text/plain
Date: Mon, 05 Aug 2024 11:51:24 GMT
Content-Length: 67
$ go run . -t test_template.yaml -u http://localhost:4000/api
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.3.0
projectdiscovery.io
[INF] Current nuclei version: v3.3.0 (latest)
[INF] Current nuclei-templates version: v9.9.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 67
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[eOTA-vulneribility20240529] [http] [info] http://localhost:4000/api
Nuclei version: v3.2.8
Current Behavior:
While executing self made template to access the server nuclei throws error.
Expected Behavior:
Should execute successfully as Windows and Postman is giving response.
Steps To Reproduce:
1) Run nuclei -v -u http://localhost:4000/api -t .\MyFirstTemplate.yaml 2) Response is: [WRN] [eOTA-vulneribility20240529] Could not execute request for http://localhost:4000/api: [:RUNTIME] got err while executing http://localhost:4000/api <- Get "http://localhost:4000/api": errKind=network-permanent-error no address found for host [INF] No results found. Better luck next time!
Anything else:
YAML Template:
Postman Response:
CURL Response:
Also this was discussed in Discord sub-thread: https://discord.com/channels/695645237418131507/1245309592573837394