search

projectdiscovery / nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
20.89k stars 2.52k forks source link

nuclei version: v3.2.9 can't detect LFI with linux-lfi-fuzz.yaml #5313

Open skalvin opened 5 months ago

skalvin commented 5 months ago

Nuclei version 3.2.9 cannot identify LFI using linux-lfi-fuzz.yaml

The prior version detected correctly; but, with the last update 3.2.9, it no longer does.

ehsandeep commented 5 months ago

@skalvin do you have an example / cmd to share that can be used to reproduce this?

skalvino commented 1 month ago 


                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.4

                projectdiscovery.io

[INF] Current nuclei version: v3.3.4 (latest)
[INF] Current nuclei-templates version: v10.0.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 86
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 86
[INF] No results found. Better luck next time!
user@cloudshell:~/waymore (day-434014)$ cat results/testphp.vulnweb.com/waymore.txt | grep "=" | uro | grep "file"  | nuclei -t /home/user/fuzz/lfi/linux-lfi-fuzz.yaml -fuzz

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.4

                projectdiscovery.io

[INF] Current nuclei version: v3.3.4 (latest)
[INF] Current nuclei-templates version: v10.0.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 86
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 2
[linux-lfi-fuzz] [http] [high] http://testphp.vulnweb.com/showimage.php?file=../../etc/passwd [GET]
user@cloudshell:~/waymore (day-434014)$ cat results/testphp.vulnweb.com/waymore.txt | grep "=" | uro | nuclei -t /home/user/fuzz/lfi/linux-lfi-fuzz.yaml -fuzz -rl 10

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.4

                projectdiscovery.io

[INF] Current nuclei version: v3.3.4 (latest)
[INF] Current nuclei-templates version: v10.0.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 86
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 86
[INF] No results found. Better luck next time!
user@cloudshell:~/waymore (day-434014)$ cat results/testphp.vulnweb.com/waymore.txt | grep "=" | uro | nuclei -t /home/user/fuzz/lfi/linux-lfi-fuzz.yaml -fuzz -rl 1

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.4

                projectdiscovery.io

[INF] Current nuclei version: v3.3.4 (latest)
[INF] Current nuclei-templates version: v10.0.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 86
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 86
[INF] No results found. Better luck next time!
user@cloudshell:~/waymore (day-434014)$ ```
skalvino commented 3 weeks ago

still it can't detect LFI vulnerability on v3.3.5 with the linux-lfi-fuzz.yaml