Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

redact output #5463

Merged
merged 3 commits into from
Aug 16, 2024
Merged

redact output #5463

merged 3 commits into from
Aug 16, 2024

Conversation

dogancanbakir
Copy link
Member

@dogancanbakir dogancanbakir commented Jul 29, 2024
edited
Loading

Proposed changes

Closes #1586

example output when using -redact

nuclei -tags cve -u honey.scanme.sh -header "X-API-Key: XXX" -redact x-api-key,cookie -j
{
  "template": "http/cves/2015/CVE-2015-6477.yaml",
  "template-url": "https://cloud.projectdiscovery.io/public/CVE-2015-6477",
  "template-id": "CVE-2015-6477",
  "template-path": "/Users/dogancanbakir/nuclei-templates/http/cves/2015/CVE-2015-6477.yaml",
  "template-encoded": "aWQ6IENWRS0yMDE1LTY0NzcKCmluZm86CiAgbmFtZTogTm9yZGV4IE5DMiAgLSBDcm9zcy1TaXRlIFNjcmlwdGluZwogIGF1dGhvcjogZ2Vla25pawogIHNldmVyaXR5OiBtZWRpdW0KICBkZXNjcmlwdGlvbjogTm9yZGV4IE5DMiBjb250YWlucyBhIGNyb3NzLXNpdGUgc2NyaXB0aW5nIHZ1bG5lcmFiaWxpdHkgd2hpY2ggYWxsb3dzIGFuIGF0dGFja2VyIHRvIGV4ZWN1dGUgYXJiaXRyYXJ5IHNjcmlwdCBjb2RlIGluIHRoZSBicm93c2VyIG9mIGFuIHVuc3VzcGVjdGluZyB1c2VyIGluIHRoZSBjb250ZXh0IG9mIHRoZSBhZmZlY3RlZCBzaXRlLiBUaGlzIGNhbiBhbGxvdyB0aGUgYXR0YWNrZXIgdG8gc3RlYWwgY29va2llLWJhc2VkIGF1dGhlbnRpY2F0aW9uIGNyZWRlbnRpYWxzIGFuZCBsYXVuY2ggb3RoZXIgYXR0YWNrcy4KICBpbXBhY3Q6IHwKICAgIFN1Y2Nlc3NmdWwgZXhwbG9pdGF0aW9uIG9mIHRoaXMgdnVsbmVyYWJpbGl0eSBjb3VsZCBhbGxvdyBhbiBhdHRhY2tlciB0byBleGVjdXRlIG1hbGljaW91cyBzY3JpcHRzIGluIHRoZSBjb250ZXh0IG9mIHRoZSB2aWN0aW0ncyBicm93c2VyLCBwb3RlbnRpYWxseSBsZWFkaW5nIHRvIHNlc3Npb24gaGlqYWNraW5nLCBkZWZhY2VtZW50LCBvciB0aGVmdCBvZiBzZW5zaXRpdmUgaW5mb3JtYXRpb24uCiAgcmVtZWRpYXRpb246IHwKICAgIFVwZ3JhZGUgdG8gdGhlIGxhdGVzdCB2ZXJzaW9uIHRvIG1pdGlnYXRlIHRoaXMgdnVsbmVyYWJpbGl0eS4KICByZWZlcmVuY2U6CiAgICAtIGh0dHBzOi8vc2VjbGlzdHMub3JnL2Z1bGxkaXNjbG9zdXJlLzIwMTUvRGVjLzExNwogICAgLSBodHRwczovL2ljcy1jZXJ0LnVzLWNlcnQuZ292L2Fkdmlzb3JpZXMvSUNTQS0xNS0yODYtMDEKICAgIC0gaHR0cHM6Ly9udmQubmlzdC5nb3YvdnVsbi9kZXRhaWwvQ1ZFLTIwMTUtNjQ3NwogICAgLSBodHRwOi8vcGFja2V0c3Rvcm1zZWN1cml0eS5jb20vZmlsZXMvMTM1MDY4L05vcmRleC1Db250cm9sLTItTkMyLVNDQURBLTE2LUNyb3NzLVNpdGUtU2NyaXB0aW5nLmh0bWwKICAgIC0gaHR0cDovL3NlY2xpc3RzLm9yZy9mdWxsZGlzY2xvc3VyZS8yMDE1L0RlYy8xMTcKICBjbGFzc2lmaWNhdGlvbjoKICAgIGN2c3MtbWV0cmljczogQ1ZTUzoyLjAvQVY6Ti9BQzpNL0F1Ok4vQzpOL0k6UC9BOk4KICAgIGN2c3Mtc2NvcmU6IDQuMwogICAgY3ZlLWlkOiBDVkUtMjAxNS02NDc3CiAgICBjd2UtaWQ6IENXRS03OQogICAgZXBzcy1zY29yZTogMC4wMDI3NwogICAgZXBzcy1wZXJjZW50aWxlOiAwLjY0OTU0CiAgICBjcGU6IGNwZToyLjM6bzpub3JkZXg6bm9yZGV4X2NvbnRyb2xfMl9zY2FkYToqOio6KjoqOio6KjoqOioKICBtZXRhZGF0YToKICAgIG1heC1yZXF1ZXN0OiAxCiAgICB2ZW5kb3I6IG5vcmRleAogICAgcHJvZHVjdDogbm9yZGV4X2NvbnRyb2xfMl9zY2FkYQogIHRhZ3M6IGN2ZTIwMTUsY3ZlLHNlY2xpc3RzLHBhY2tldHN0b3JtLHhzcyxpb3Qsbm9yZGV4LG5jMgoKaHR0cDoKICAtIG1ldGhvZDogUE9TVAogICAgcGF0aDoKICAgICAgLSAie3tCYXNlVVJMfX0vbG9naW4iCgogICAgYm9keTogJ2Nvbm5lY3Rpb249YmFzaWMmdXNlck5hbWU9YWRtaW4lMjclMjIlMjklM0IlN0QlM0MlMkZzY3JpcHQlM0UlM0NzY3JpcHQlM0VhbGVydCUyOCUyNzJqdllVSlcyaUE5QWU4R2NVNDVUcXFlRGs4UiUyNyUyOSUzQyUyRnNjcmlwdCUzRSZwdz1ub3JkZXgmbGFuZ3VhZ2U9ZW4nCgogICAgbWF0Y2hlcnMtY29uZGl0aW9uOiBhbmQKICAgIG1hdGNoZXJzOgogICAgICAtIHR5cGU6IHdvcmQKICAgICAgICBwYXJ0OiBoZWFkZXIKICAgICAgICB3b3JkczoKICAgICAgICAgIC0gInRleHQvaHRtbCIKCiAgICAgIC0gdHlwZTogd29yZAogICAgICAgIHBhcnQ6IGJvZHkKICAgICAgICB3b3JkczoKICAgICAgICAgIC0gIjwvc2NyaXB0PjxzY3JpcHQ+YWxlcnQoJzJqdllVSlcyaUE5QWU4R2NVNDVUcXFlRGs4UicpPC9zY3JpcHQ+IgojIGRpZ2VzdDogNGEwYTAwNDczMDQ1MDIyMTAwZjE3MmU2YThiMDQ1NzQ2NzA0OTFlNzllNzlhMmM5MzU0ZWIzM2U3ZWZkY2QxNWUwNGVlNzdkOTVjMGQwNjVlNjAyMjA3ZTM1MWY0Yjg5ODYwMTA1MWU3Y2MzYTM4MWYzYTcxYWU3MWNmZDQ0OTk2OGJjMmQzODA4Y2I5MGZjNDRiNDlmOjkyMmM2NDU5MDIyMjc5OGJiNzYxZDViNmQ4ZTcyOTUw",
  "info": {
    "name": "Nordex NC2  - Cross-Site Scripting",
    "author": ["geeknik"],
    "tags": [
      "cve2015",
      "cve",
      "seclists",
      "packetstorm",
      "xss",
      "iot",
      "nordex",
      "nc2"
    ],
    "description": "Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
    "impact": "Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.\n",
    "reference": [
      "https://seclists.org/fulldisclosure/2015/Dec/117",
      "https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01",
      "https://nvd.nist.gov/vuln/detail/CVE-2015-6477",
      "http://packetstormsecurity.com/files/135068/Nordex-Control-2-NC2-SCADA-16-Cross-Site-Scripting.html",
      "http://seclists.org/fulldisclosure/2015/Dec/117"
    ],
    "severity": "medium",
    "metadata": {
      "vendor": "nordex",
      "product": "nordex_control_2_scada",
      "max-request": 1
    },
    "classification": {
      "cve-id": ["cve-2015-6477"],
      "cwe-id": ["cwe-79"],
      "cvss-metrics": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
      "cvss-score": 4.3,
      "epss-score": 0.00277,
      "epss-percentile": 0.64954,
      "cpe": "cpe:2.3:o:nordex:nordex_control_2_scada:*:*:*:*:*:*:*:*"
    },
    "remediation": "Upgrade to the latest version to mitigate this vulnerability.\n"
  },
  "type": "http",
  "host": "honey.scanme.sh",
  "port": "443",
  "scheme": "https",
  "url": "https://honey.scanme.sh",
  "matched-at": "https://honey.scanme.sh/login",
- "request": "POST /login HTTP/1.1\r\nHost: honey.scanme.sh\r\nUser-Agent: Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36\r\nConnection: close\r\nContent-Length: 154\r\nAccept: */*\r\nAccept-Language: en\r\nX-API-Key: XXX\r\nAccept-Encoding: gzip\r\n\r\nconnection=basic\u0026userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%272jvYUJW2iA9Ae8GcU45TqqeDk8R%27%29%3C%2Fscript%3E\u0026pw=nordex\u0026language=en",
+ "request": "POST /login HTTP/1.1\r\nHost: honey.scanme.sh\r\nUser-Agent: Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36\r\nConnection: close\r\nContent-Length: 154\r\nAccept: */*\r\nAccept-Language: en\r\nX-API-Key: ***\r\nAccept-Encoding: gzip\r\n\r\nconnection=basic\u0026userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%272jvYUJW2iA9Ae8GcU45TqqeDk8R%27%29%3C%2Fscript%3E\u0026pw=nordex\u0026language=en",
- "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Length: 397\r\nContent-Type: text/html\r\nDate: Mon, 29 Jul 2024 16:03:53 GMT\r\n\r\nPOST /login HTTP/1.1\r\nHost: honey.scanme.sh\r\nAccept: */*\r\nAccept-Encoding: gzip\r\nAccept-Language: en\r\nConnection: close\r\nContent-Length: 154\r\nUser-Agent: Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36\r\nX-Api-Key: XXXr\n\r\nconnection=basic\u0026userName=admin'\");}\u003c/script\u003e\u003cscript\u003ealert('2jvYUJW2iA9Ae8GcU45TqqeDk8R')\u003c/script\u003e\u0026pw=nordex\u0026language=en",
+ "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Length: 397\r\nContent-Type: text/html\r\nDate: Mon, 29 Jul 2024 16:03:53 GMT\r\n\r\nPOST /login HTTP/1.1\r\nHost: honey.scanme.sh\r\nAccept: */*\r\nAccept-Encoding: gzip\r\nAccept-Language: en\r\nConnection: close\r\nContent-Length: 154\r\nUser-Agent: Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36\r\nX-Api-Key: ***\r\n\r\nconnection=basic\u0026userName=admin'\");}\u003c/script\u003e\u003cscript\u003ealert('2jvYUJW2iA9Ae8GcU45TqqeDk8R')\u003c/script\u003e\u0026pw=nordex\u0026language=en",
  "ip": "67.205.158.113",
  "timestamp": "2024-07-29T19:03:53.901354+03:00",
- "curl-command": "curl -X 'POST' -d 'connection=basic\u0026userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%272jvYUJW2iA9Ae8GcU45TqqeDk8R%27%29%3C%2Fscript%3E\u0026pw=nordex\u0026language=en' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36' -H 'X-API-Key: XXX' 'https://honey.scanme.sh/login'",
+ "curl-command": "curl -X 'POST' -d 'connection=basic\u0026userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%272jvYUJW2iA9Ae8GcU45TqqeDk8R%27%29%3C%2Fscript%3E\u0026pw=nordex\u0026language=en' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36' -H 'X-API-Key: ***' 'https://honey.scanme.sh/login'",
  "matcher-status": true
}

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@dogancanbakir dogancanbakir self-assigned this Jul 29, 2024
@ehsandeep ehsandeep requested a review from Mzack9999 July 29, 2024 18:21
ehsandeep
ehsandeep requested changes Aug 4, 2024
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment
edited by dogancanbakir
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • handle values with spaces (values after space left as it is, see example below for Auth, UA header)
  • support for redacting the values for matched-at as it can include query parameter (see example below)

As of now, if value contains space, only initial part gets redacted.

$ echo https://example.com | ./nuclei -t test.yaml -ms -j -rd user-agent,authorization,api -silent | jq .
{
  "template-id": "basic-raw-example",
  "template-path": "/Users/geekboy/Github/nuclei/test.yaml",
  "template-encoded": "aWQ6IGJhc2ljLXJhdy1leGFtcGxlCgppbmZvOgogIG5hbWU6IFRlc3QgUkFXIFRlbXBsYXRlCiAgYXV0aG9yOiBwZHRlYW0KICBzZXZlcml0eTogaW5mbwoKaHR0cDoKICAtIHJhdzoKICAgICAgLSB8CiAgICAgICAgR0VUIC8/YXBpPXNlY3JldF9rZXkgSFRUUC8xLjEKICAgICAgICBIb3N0OiB7e0hvc3RuYW1lfX0KICAgICAgICBBdXRob3JpemF0aW9uOiBCYXNpYyBZbTl6WTIzNlltOXpZMjg9CiAgICAgICAgVXNlci1BZ2VudDogTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTVfNCkgQXBwbGVXZWJLaXQvCgogICAgbWF0Y2hlcnM6CiAgICAgIC0gdHlwZTogd29yZAogICAgICAgIHdvcmRzOgogICAgICAgICAgLSAiVGVzdCBpcyB0ZXN0IG1hdGNoZXIgdGV4dCIKICAgICAgICBuZWdhdGl2ZTogdHJ1ZQ==",
  "info": {
    "name": "Test RAW Template",
    "author": [
      "pdteam"
    ],
    "tags": null,
    "severity": "info"
  },
  "type": "http",
  "host": "example.com",
  "port": "443",
  "scheme": "https",
  "url": "https://example.com",
  "matched-at": "https://example.com/?api=secret_key",
  "request": "GET /?api=*** HTTP/1.1\r\nHost: example.com\r\nUser-Agent: *** (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/\r\nConnection: close\r\nAuthorization: *** Ym9zY236Ym9zY28=\r\nAccept-Encoding: gzip\r\n\r\n",
  "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nAge: 392178\r\nCache-Control: max-age=604800\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Sun, 04 Aug 2024 08:44:03 GMT\r\nEtag: \"3147526947+gzip\"\r\nExpires: Sun, 11 Aug 2024 08:44:03 GMT\r\nLast-Modified: Thu, 17 Oct 2019 07:18:26 GMT\r\nServer: ECAcc (lac/55A7)\r\nVary: Accept-Encoding\r\nX-Cache: HIT\r\n\r\n<!doctype html>\n<html>\n<head>\n    <title>Example Domain</title>\n\n    <meta charset=\"utf-8\" />\n    <meta http-equiv=\"Content-type\" content=\"text/html; charset=utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />\n    <style type=\"text/css\">\n    body {\n        background-color: #f0f0f2;\n        margin: 0;\n        padding: 0;\n        font-family: -apple-system, system-ui, BlinkMacSystemFont, \"Segoe UI\", \"Open Sans\", \"Helvetica Neue\", Helvetica, Arial, sans-serif;\n        \n    }\n    div {\n        width: 600px;\n        margin: 5em auto;\n        padding: 2em;\n        background-color: #fdfdff;\n        border-radius: 0.5em;\n        box-shadow: 2px 3px 7px 2px rgba(0,0,0,0.02);\n    }\n    a:link, a:visited {\n        color: #38488f;\n        text-decoration: none;\n    }\n    @media (max-width: 700px) {\n        div {\n            margin: 0 auto;\n            width: auto;\n        }\n    }\n    </style>    \n</head>\n\n<body>\n<div>\n    <h1>Example Domain</h1>\n    <p>This domain is for use in illustrative examples in documents. You may use this\n    domain in literature without prior coordination or asking for permission.</p>\n    <p><a href=\"https://www.iana.org/domains/example\">More information...</a></p>\n</div>\n</body>\n</html>\n",
  "ip": "2606:2800:21f:cb07:6820:80da:af6b:8b2c",
  "timestamp": "2024-08-04T14:14:03.485206+05:30",
  "curl-command": "curl -X 'GET' -d '' -H 'Authorization: *** Ym9zY236Ym9zY28=' -H 'Host: example.com' -H 'User-Agent: *** (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/' 'https://example.com/?api=***'",
  "matcher-status": true
}

Test Template:

id: basic-raw-example

info:
  name: Test RAW Template
  author: pdteam
  severity: info

http:
  - raw:
      - |
        GET /?api=secret_key HTTP/1.1
        Host: {{Hostname}}
        Authorization: Basic Ym9zY236Ym9zY28=
        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/

    matchers:
      - type: word
        words:
          - "Test is test matcher text"
        negative: true

@dogancanbakir
Copy link
Member Author 

$ echo https://example.com | go run . -t test_template.yaml -ms -j -rd user-agent,authorization,api -silent | jq .
{
  "template-id": "basic-raw-example",
  "template-path": "/Users/dogancanbakir/Projects/nuclei/cmd/nuclei/test_template.yaml",
  "template-encoded": "aWQ6IGJhc2ljLXJhdy1leGFtcGxlCgppbmZvOgogIG5hbWU6IFRlc3QgUkFXIFRlbXBsYXRlCiAgYXV0aG9yOiBwZHRlYW0KICBzZXZlcml0eTogaW5mbwoKaHR0cDoKICAtIHJhdzoKICAgICAgLSB8CiAgICAgICAgR0VUIC8/YXBpPXNlY3JldF9rZXkgSFRUUC8xLjEKICAgICAgICBIb3N0OiB7e0hvc3RuYW1lfX0KICAgICAgICBBdXRob3JpemF0aW9uOiBCYXNpYyBZbTl6WTIzNlltOXpZMjg9CiAgICAgICAgVXNlci1BZ2VudDogTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTVfNCkgQXBwbGVXZWJLaXQvCgogICAgbWF0Y2hlcnM6CiAgICAgIC0gdHlwZTogd29yZAogICAgICAgIHdvcmRzOgogICAgICAgICAgLSAiVGVzdCBpcyB0ZXN0IG1hdGNoZXIgdGV4dCIKICAgICAgICBuZWdhdGl2ZTogdHJ1ZQ==",
  "info": {
    "name": "Test RAW Template",
    "author": [
      "pdteam"
    ],
    "tags": null,
    "severity": "info"
  },
  "type": "http",
  "host": "example.com",
  "port": "443",
  "scheme": "https",
  "url": "https://example.com",
  "matched-at": "https://example.com/?api=***",
  "request": "GET /?api=***\r\nHost: example.com\r\nUser-Agent: ***\r\nConnection: close\r\nAuthorization: ***\r\nAccept-Encoding: gzip\r\n\r\n",
  "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nAccept-Ranges: bytes\r\nAge: 434332\r\nCache-Control: max-age=604800\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Mon, 05 Aug 2024 13:29:07 GMT\r\nEtag: \"3147526947+gzip\"\r\nExpires: Mon, 12 Aug 2024 13:29:07 GMT\r\nLast-Modified: Thu, 17 Oct 2019 07:18:26 GMT\r\nServer: ECAcc (dcd/7D1F)\r\nVary: Accept-Encoding\r\nX-Cache: HIT\r\n\r\n<!doctype html>\n<html>\n<head>\n    <title>Example Domain</title>\n\n    <meta charset=\"utf-8\" />\n    <meta http-equiv=\"Content-type\" content=\"text/html; charset=utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />\n    <style type=\"text/css\">\n    body {\n        background-color: #f0f0f2;\n        margin: 0;\n        padding: 0;\n        font-family: -apple-system, system-ui, BlinkMacSystemFont, \"Segoe UI\", \"Open Sans\", \"Helvetica Neue\", Helvetica, Arial, sans-serif;\n        \n    }\n    div {\n        width: 600px;\n        margin: 5em auto;\n        padding: 2em;\n        background-color: #fdfdff;\n        border-radius: 0.5em;\n        box-shadow: 2px 3px 7px 2px rgba(0,0,0,0.02);\n    }\n    a:link, a:visited {\n        color: #38488f;\n        text-decoration: none;\n    }\n    @media (max-width: 700px) {\n        div {\n            margin: 0 auto;\n            width: auto;\n        }\n    }\n    </style>    \n</head>\n\n<body>\n<div>\n    <h1>Example Domain</h1>\n    <p>This domain is for use in illustrative examples in documents. You may use this\n    domain in literature without prior coordination or asking for permission.</p>\n    <p><a href=\"https://www.iana.org/domains/example\">More information...</a></p>\n</div>\n</body>\n</html>\n",
  "ip": "93.184.215.14",
  "timestamp": "2024-08-05T16:29:07.43085+03:00",
  "curl-command": "curl -X 'GET' -d '' -H 'Authorization: ***' -H 'Host: example.com' -H 'User-Agent: ***' 'https://example.com/?api=***'",
  "matcher-status": true
}

ehsandeep
ehsandeep approved these changes Aug 16, 2024
View reviewed changes
Copy link
Member

@ehsandeep ehsandeep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

$ echo https://example.com | ./nuclei -t test.yaml -ms -j -rd user-agent,authorization,api -silent | jq .

{
  "template-id": "basic-raw-example",
  "template-path": "/Users/geekboy/Github/nuclei/test.yaml",
  "template-encoded": "aWQ6IGJhc2ljLXJhdy1leGFtcGxlCgppbmZvOgogIG5hbWU6IFRlc3QgUkFXIFRlbXBsYXRlCiAgYXV0aG9yOiBwZHRlYW0KICBzZXZlcml0eTogaW5mbwoKaHR0cDoKICAtIHJhdzoKICAgICAgLSB8CiAgICAgICAgR0VUIC8/YXBpPXNlY3JldF9rZXkgSFRUUC8xLjEKICAgICAgICBIb3N0OiB7e0hvc3RuYW1lfX0KICAgICAgICBBdXRob3JpemF0aW9uOiBCYXNpYyBZbTl6WTIzNlltOXpZMjg9CiAgICAgICAgVXNlci1BZ2VudDogTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTVfNCkgQXBwbGVXZWJLaXQvCgogICAgbWF0Y2hlcnM6CiAgICAgIC0gdHlwZTogd29yZAogICAgICAgIHdvcmRzOgogICAgICAgICAgLSAiVGVzdCBpcyB0ZXN0IG1hdGNoZXIgdGV4dCIKICAgICAgICBuZWdhdGl2ZTogdHJ1ZQ==",
  "info": {
    "name": "Test RAW Template",
    "author": [
      "pdteam"
    ],
    "tags": null,
    "severity": "info"
  },
  "type": "http",
  "host": "example.com",
  "port": "443",
  "scheme": "https",
  "url": "https://example.com",
  "matched-at": "https://example.com/?api=***",
  "request": "GET /?api=***\r\nHost: example.com\r\nUser-Agent: ***\r\nConnection: close\r\nAuthorization: ***\r\nAccept-Encoding: gzip\r\n\r\n",
  "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nAge: 523650\r\nCache-Control: max-age=604800\r\nContent-Type: text/html; charset=UTF-8\r\nDate: Fri, 16 Aug 2024 06:09:52 GMT\r\nEtag: \"3147526947+gzip\"\r\nExpires: Fri, 23 Aug 2024 06:09:52 GMT\r\nLast-Modified: Thu, 17 Oct 2019 07:18:26 GMT\r\nServer: ECAcc (lac/55CD)\r\nVary: Accept-Encoding\r\nX-Cache: HIT\r\n\r\n<!doctype html>\n<html>\n<head>\n    <title>Example Domain</title>\n\n    <meta charset=\"utf-8\" />\n    <meta http-equiv=\"Content-type\" content=\"text/html; charset=utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />\n    <style type=\"text/css\">\n    body {\n        background-color: #f0f0f2;\n        margin: 0;\n        padding: 0;\n        font-family: -apple-system, system-ui, BlinkMacSystemFont, \"Segoe UI\", \"Open Sans\", \"Helvetica Neue\", Helvetica, Arial, sans-serif;\n        \n    }\n    div {\n        width: 600px;\n        margin: 5em auto;\n        padding: 2em;\n        background-color: #fdfdff;\n        border-radius: 0.5em;\n        box-shadow: 2px 3px 7px 2px rgba(0,0,0,0.02);\n    }\n    a:link, a:visited {\n        color: #38488f;\n        text-decoration: none;\n    }\n    @media (max-width: 700px) {\n        div {\n            margin: 0 auto;\n            width: auto;\n        }\n    }\n    </style>    \n</head>\n\n<body>\n<div>\n    <h1>Example Domain</h1>\n    <p>This domain is for use in illustrative examples in documents. You may use this\n    domain in literature without prior coordination or asking for permission.</p>\n    <p><a href=\"https://www.iana.org/domains/example\">More information...</a></p>\n</div>\n</body>\n</html>\n",
  "ip": "2606:2800:21f:cb07:6820:80da:af6b:8b2c",
  "timestamp": "2024-08-16T11:39:52.659482+05:30",
  "curl-command": "curl -X 'GET' -d '' -H 'Authorization: ***' -H 'Host: example.com' -H 'User-Agent: ***' 'https://example.com/?api=***'",
  "matcher-status": true
}

@ehsandeep ehsandeep merged commit e0466e1 into dev Aug 16, 2024
12 checks passed
@ehsandeep ehsandeep deleted the redact_output branch August 16, 2024 06:12
@ehsandeep ehsandeep mentioned this pull request Aug 16, 2024
Closed
@BrewTestBot BrewTestBot mentioned this pull request Aug 16, 2024
Merged
@github-actions github-actions bot mentioned this pull request Sep 3, 2024
Closed
@blsaccess blsaccess mentioned this pull request Sep 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@Mzack9999 Mzack9999 Mzack9999 approved these changes

Assignees

@dogancanbakir dogancanbakir

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Switch to disable request headers from being printed to stdout
3 participants
@dogancanbakir @ehsandeep @Mzack9999