search

projectdiscovery / nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
20.72k stars 2.51k forks source link

pre-condition does not create matcher-status event #5449

Closed tarunKoyalwar closed 3 months ago

tarunKoyalwar commented 3 months ago

Nuclei version:

main | latest

Current Behavior:

when using pre-condition if its value is false then the matcher-status event is not generated for javascript protocol

Expected Behavior:

a matcher-status event regardless when it exits

Steps To Reproduce:

id: ssh-server-enumeration

info:
  name: Detect SSH on port 22.
  author: Justin Bacco
  severity: info
  metadata:
    max-request: 2
    shodan-query: port:22
  tags: enum,js,ssh,network

javascript:
  - pre-condition: |
      isPortOpen(Host,Port)
    code: |
      var m = require("nuclei/ssh");
      var c = m.SSHClient();
      var response = c.ConnectSSHInfoMode(Host, Port);
      Export(response);

    args:
      Host: "{{Host}}"
      Port: 22

    matchers:
      - type: dsl
        dsl:
          - "success == true"
$ nuclei -u scanme.sh:1234 -t a.yaml -ms -v

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0

        projectdiscovery.io

[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.3.0 (latest)
[INF] Current nuclei-templates version: v9.9.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 67
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[WRN] [ssh-server-enumeration] Could not execute request for scanme.sh:1234: [ssh-server-enumeration:RUNTIME] could not execute pre-condition: dial tcp [2400:6180:0:d0::91:1001]:1234: connect: connection refused
[INF] No results found. Better luck next time!

Anything else:

tarunKoyalwar commented 3 months ago

dast pre-condition seems to work and this issue only seems to affect javascript protocol

 $ nuclei -u https://scanme.sh/\?q\=123 -t b.yaml -ms -dast          

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0

        projectdiscovery.io

[INF] Current nuclei version: v3.3.0 (latest)
[INF] Current nuclei-templates version: v9.9.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 67
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[fuzz-query-num] [failed] [http] [info] scanme.sh