Skip to content

Commit 0edda86

Browse files
x51pwnx51pwn
committed
fix AutomaticScan默认开启后导致nuclei模版不会扫描的bug 2022-07-12 10:00:1657591231
1 parent 65bb51d commit 0edda86

File tree

2 files changed

+18
-10
lines changed

2 files changed

+18
-10
lines changed

brute/filefuzz.go

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -159,9 +159,14 @@ func FileFuzz(u string, indexStatusCode int, indexContentLength int, indexbody s
159159
}
160160
ch <- struct{}{}
161161
//log.Println(u, " ", payload)
162+
endP := u[len(u)-1:] == "/"
162163
go func(payload string) {
163-
log.Println("fuzz: ", u+payload)
164-
if url, req, err := reqPage(u + payload); err == nil {
164+
szUrl := u + payload
165+
if strings.HasPrefix(payload, "/") && endP {
166+
szUrl = u + payload[1:]
167+
}
168+
log.Println("fuzz: ", szUrl)
169+
if url, req, err := reqPage(szUrl); err == nil {
165170
// 403 by pass
166171
if url.is403 {
167172
a11 := ByPass403(&u, &payload)

nuclei_Yaml/nuclei_yaml.go

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,19 +2,19 @@ package nuclei_Yaml
22

33
import (
44
"bytes"
5-
"github.com/hktalent/scan4all/pkg"
6-
"log"
7-
"os"
8-
"strings"
9-
"time"
10-
115
"github.com/hktalent/scan4all/nuclei_Yaml/internal/runner"
6+
"github.com/hktalent/scan4all/pkg"
127
"github.com/projectdiscovery/fileutil"
138
"github.com/projectdiscovery/goflags"
149
"github.com/projectdiscovery/gologger"
1510
"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
1611
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/http"
12+
templateTypes "github.com/projectdiscovery/nuclei/v2/pkg/templates/types"
1713
"github.com/projectdiscovery/nuclei/v2/pkg/types"
14+
"log"
15+
"os"
16+
"strings"
17+
"time"
1818
)
1919

2020
var (
@@ -77,7 +77,8 @@ func readConfig() {
7777
options.Resume = ""
7878

7979
options.NewTemplates = false
80-
options.AutomaticScan = true
80+
// 关闭 AutomaticScan,否则不对模版进行扫描
81+
options.AutomaticScan = false
8182
options.Templates = []string{}
8283
options.TemplateURLs = []string{}
8384
options.Workflows = []string{}
@@ -171,7 +172,9 @@ func readConfig() {
171172
//flagSet.VarP(&options.Protocols, "type", "pt", fmt.Sprintf("templates to run based on protocol type. Possible values: %s", templateTypes.GetSupportedProtocolTypes())),
172173
//flagSet.VarP(&options.ExcludeProtocols, "exclude-type", "ept", fmt.Sprintf("templates to exclude based on protocol type. Possible values: %s", templateTypes.GetSupportedProtocolTypes())),
173174
//)
174-
//
175+
options.Protocols = templateTypes.GetSupportedProtocolTypes()
176+
//options.ExcludeProtocols = templateTypes.GetSupportedProtocolTypes()
177+
175178
//createGroup(flagSet, "output", "Output",
176179
// flagSet.StringVarP(&options.Output, "output", "o", "", "output file to write found issues/vulnerabilities"),
177180
// flagSet.BoolVarP(&options.StoreResponse, "store-resp", "sresp", false, "store all request/response passed through nuclei to output directory"),

0 commit comments

Comments
 (0)