release nuclei v3.7.0 #6783
Merged
release nuclei v3.7.0 #6783
+3,174
−195
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…readSafeNucleiEngineCtx
Signed-off-by: Dwi Siswanto <[email protected]>
Signed-off-by: Dwi Siswanto <[email protected]>
Previously, when using `unsafe: true` with full URLs (e.g., `GET http://example.com/path HTTP/1.1`), the `Parse` func would treat the full URL as a relative path, resulting in malformed requests like `GET /http://example.com/path HTTP/1.1`. This occurred because the full URL handling logic was only executed for non-unsafe requests, causing unsafe requests with full URLs to fall through to the unsafe case which wasn't designed to handle them. Changes: * Extract full URL handling before mode-specific logic runs. * Convert full URLs to relative paths for both safe and unsafe modes. * Update `UnsafeRawBytes` with the correct relative path when unsafe is true. * Ensure path merging works correctly with `disable-path-automerge`. This fix maintains backward compatibility while properly supporting the previously broken combination of unsafe mode with full URLs. Fixes #6558. Signed-off-by: Dwi Siswanto <[email protected]>
The "Skipped X from target list as found unresponsive permanently" message was logged on every `(*Cache).Check()` call for hosts with permanent errors, resulting in thousands of duplicate log entries in verbose mode. Wrap the log statement in `sync.Once` to match the behavior already used for non-permanent error logging. Signed-off-by: Dwi Siswanto <[email protected]>
Signed-off-by: Dwi Siswanto <[email protected]>
* adding min auth support * adding unauth list modules + auth list files in module * example * adding rsync test * bump go.mod --------- Co-authored-by: Dwi Siswanto <[email protected]>
* adding telnet login + crypto
* smbauth lib porting + ntlm parsing over telnet
* gen lib
* adding telnet test
* adding breakout after max iterations
* fix(utils): broken pkt creation & impl `Create{LN,NT}Response`
Signed-off-by: Dwi Siswanto <[email protected]>
* chore(utils): satisfy lints
Signed-off-by: Dwi Siswanto <[email protected]>
---------
Signed-off-by: Dwi Siswanto <[email protected]>
Co-authored-by: Dwi Siswanto <[email protected]>
The `race` condition directive was broken due to a strict dependency on `threads > 0` for parallel execution, causing templates with `race` directive enabled but no explicit threads to fall back to seq execution. This regression was introduced in v3.2.0 (#4868), which restricted parallel execution to only when `payloads` were present. Fixes #5713 to allow race conditions even w/o explicit `payloads`, and add a default thread count when race is enabled but threads is 0. Signed-off-by: Dwi Siswanto <[email protected]>
Signed-off-by: Dwi Siswanto <[email protected]>
Bumps the modules group with 7 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.5.1` | `0.5.2` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.3.1` | `1.3.2` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.8.10` | `0.8.11` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.66` | `1.1.67` | | [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) | `0.0.82` | `0.0.83` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.61` | `0.2.62` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.16` | `1.2.17` | Updates `github.com/projectdiscovery/fastdialer` from 0.5.1 to 0.5.2 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](projectdiscovery/fastdialer@v0.5.1...v0.5.2) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.3.1 to 1.3.2 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.3.1...v1.3.2) Updates `github.com/projectdiscovery/dsl` from 0.8.10 to 0.8.11 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](projectdiscovery/dsl@v0.8.10...v0.8.11) Updates `github.com/projectdiscovery/gologger` from 1.1.66 to 1.1.67 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.66...v1.1.67) Updates `github.com/projectdiscovery/ratelimit` from 0.0.82 to 0.0.83 - [Release notes](https://github.com/projectdiscovery/ratelimit/releases) - [Commits](projectdiscovery/ratelimit@v0.0.82...v0.0.83) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.61 to 0.2.62 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.61...v0.2.62) Updates `github.com/projectdiscovery/cdncheck` from 1.2.16 to 1.2.17 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Commits](projectdiscovery/cdncheck@v1.2.16...v1.2.17) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-version: 0.5.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.3.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-version: 0.8.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-version: 1.1.67 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/ratelimit dependency-version: 0.0.83 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.62 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.17 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ace-condition-regression fix(http): race condition regression
Use `jq` to deduplicate tags in the SARIF file generated by `govulncheck` before uploading, preventing validation failures in GitHub Actions. Signed-off-by: Dwi Siswanto <[email protected]>
…rorscache/dup-log-spam-for-permanent-errs fix(hosterrorscache): dup log spam for permanent errs
Signed-off-by: promalert <[email protected]>
chore: fix some function names in comment
init `ExecutionId` in `DefaultOptions` func
…ndle-full-URLs-in-unsafe-raw-requests fix(raw): handle full URLs in unsafe raw requests
…ess/cdp-endpoint-option feat(headless): add `cdp-endpoint` option
allow WithNetworkConfig and WithInteractshOptions to be used by NewThreadSafeNucleiEngineCtx
Bumps the modules group with 3 updates: [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go), [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) and [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck). Updates `github.com/projectdiscovery/retryablehttp-go` from 1.3.3 to 1.3.4 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.3.3...v1.3.4) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.63 to 0.2.64 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.63...v0.2.64) Updates `github.com/projectdiscovery/cdncheck` from 1.2.18 to 1.2.19 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Commits](projectdiscovery/cdncheck@v1.2.18...v1.2.19) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.3.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.64 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.19 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Dwi Siswanto <[email protected]>
…plates Add nil guard in `parseWorkflowTemplate` to handle global-matchers templates returning nil, preventing panic on dereference. Fixes #6751 Signed-off-by: Dwi Siswanto <[email protected]>
…ith-utils refactor(burp): replace seh-msft/burpxml with utils package
* fix(http): interactsh matching with `payloads` in parallel execution. Templates using `payloads` with Interactsh matchers failed to detect OAST interactions because the parallel HTTP execution path (used when `payloads` are present) did not register Interactsh request events, unlike the seq path. This caused incoming interactions to lack associated request context, preventing matchers from running and resulting in missed detections. Fix #5485 by wiring `(*interactsh.Client).RequestEvent` registration into the parallel worker goroutine, make sure both execution paths handle Interactsh correlation equally. Signed-off-by: Dwi Siswanto <[email protected]> * test: add interactsh with `payloads` integration Signed-off-by: Dwi Siswanto <[email protected]> * test: disable interactsh-with-payloads Signed-off-by: Dwi Siswanto <[email protected]> --------- Signed-off-by: Dwi Siswanto <[email protected]>
to avoid redundant ECDSA checks.
Add `protocols.TemplateVerification` & callback
mechanism to `protocols.ExecutorOptions` to enable
reusing cached verification data from the metadata
index. Also updating internal
`templates.parseTemplate` func to skip ECDSA
verification when cached data is any, and wire the
callback in `loader.New` for metadata-backed
lookups.
Proof:
```
$ go tool pprof -list "signer\..*" -base 3.6.2.cpu patch.cpu
Total: 34.78s
ROUTINE ======================== github.com/projectdiscovery/nuclei/v3/pkg/templates/signer.(*TemplateSigner).Verify in /home/dw1/Development/PD/nuclei/pkg/templates/signer/tmpl_signer.go
0 -1.75s (flat, cum) 5.03% of Total
. . 131:func (t *TemplateSigner) Verify(data []byte, tmpl SignableTemplate) (bool, error) {
. -70ms 132: signature, content := ExtractSignatureAndContent(data)
. . 133: if len(signature) == 0 {
. . 134: return false, errors.New("no signature found")
. . 135: }
. . 136:
. . 137: if !bytes.HasPrefix(signature, []byte(SignaturePattern)) {
. . 138: return false, errors.New("signature must be at the end of the template")
. . 139: }
. . 140:
. . 141: digestData := bytes.TrimSpace(bytes.TrimPrefix(signature, []byte(SignaturePattern)))
. . 142: // remove fragment from digest as it is used for re-signing purposes only
. . 143: digestString := strings.TrimSuffix(string(digestData), ":"+t.GetUserFragment())
. -20ms 144: digest, err := hex.DecodeString(digestString)
. . 145: if err != nil {
. . 146: return false, err
. . 147: }
. . 148:
. . 149: // normalize content by removing \r\n everywhere since this only done for verification
. . 150: // it does not affect the actual template
. -40ms 151: content = bytes.ReplaceAll(content, []byte("\r\n"), []byte("\n"))
. . 152:
. . 153: buff := bytes.NewBuffer(content)
. . 154: // if file has any imports process them
. . 155: for _, file := range tmpl.GetFileImports() {
. . 156: bin, err := os.ReadFile(file)
. . 157: if err != nil {
. . 158: return false, err
. . 159: }
. . 160: buff.WriteRune('\n')
. . 161: buff.Write(bin)
. . 162: }
. . 163:
. -1.62s 164: return t.verify(buff.Bytes(), digest)
. . 165:}
. . 166:
. . 167:// Verify verifies the given data with the template signer
. . 168:// Note: this should not be used for verifying templates as file references
. . 169:// in templates are not processed
ROUTINE ======================== github.com/projectdiscovery/nuclei/v3/pkg/templates/signer.(*TemplateSigner).verify in /home/dw1/Development/PD/nuclei/pkg/templates/signer/tmpl_signer.go
0 -1.62s (flat, cum) 4.66% of Total
. . 170:func (t *TemplateSigner) verify(data, signatureData []byte) (bool, error) {
. -50ms 171: dataHash := sha256.Sum256(data)
. . 172:
. . 173: var signature []byte
. -70ms 174: if err := gob.NewDecoder(bytes.NewReader(signatureData)).Decode(&signature); err != nil {
. . 175: return false, err
. . 176: }
. -1.50s 177: return ecdsa.VerifyASN1(t.handler.ecdsaPubKey, dataHash[:], signature), nil
. . 178:}
. . 179:
. . 180:// NewTemplateSigner creates a new signer for signing templates
. . 181:func NewTemplateSigner(cert, privateKey []byte) (*TemplateSigner, error) {
. . 182: handler := &KeyHandler{}
ROUTINE ======================== github.com/projectdiscovery/nuclei/v3/pkg/templates/signer.ExtractSignatureAndContent in /home/dw1/Development/PD/nuclei/pkg/templates/signer/tmpl_signer.go
0 -70ms (flat, cum) 0.2% of Total
. . 29:func ExtractSignatureAndContent(data []byte) (signature, content []byte) {
. -50ms 30: dataStr := string(data)
. -20ms 31: if idx := strings.LastIndex(dataStr, SignaturePattern); idx != -1 {
. . 32: signature = []byte(strings.TrimSpace(dataStr[idx:]))
. . 33: content = bytes.TrimSpace(data[:idx])
. . 34: } else {
. . 35: content = data
. . 36: }
$ go tool pprof -list "crypto/ecdsa\.VerifyASN1" 3.6.2.cpu patch.cpu
Total: 34.80s
ROUTINE ======================== crypto/ecdsa.VerifyASN1 in /usr/local/go/src/crypto/ecdsa/ecdsa.go
0 1.50s (flat, cum) 4.31% of Total
. . 500:func VerifyASN1(pub *PublicKey, hash, sig []byte) bool {
. . 501: if boring.Enabled {
. . 502: key, err := boringPublicKey(pub)
. . 503: if err != nil {
. . 504: return false
. . 505: }
. . 506: return boring.VerifyECDSA(key, hash, sig)
. . 507: }
. . 508: boring.UnreachableExceptTests()
. . 509:
. . 510: switch pub.Curve.Params() {
. . 511: case elliptic.P224().Params():
. . 512: return verifyFIPS(ecdsa.P224(), pub, hash, sig)
. . 513: case elliptic.P256().Params():
. 1.50s 514: return verifyFIPS(ecdsa.P256(), pub, hash, sig)
. . 515: case elliptic.P384().Params():
. . 516: return verifyFIPS(ecdsa.P384(), pub, hash, sig)
. . 517: case elliptic.P521().Params():
. . 518: return verifyFIPS(ecdsa.P521(), pub, hash, sig)
. . 519: default:
```
This eliminates `TemplateSigner.Verify` (~1.75s)
and `crypto/ecdsa.VerifyASN1` (~1.50s) from the
hot path (read: reduces startup time).
Signed-off-by: Dwi Siswanto <[email protected]>
…e-resolution fix(network): pass template variables to tcp inputs pre-compilation
…-template-signature-verification perf: cache template signature verification
…tes/segfault-in-workflow-parsing-with-global-matchers-templates fix(templates): segfault in workflow parsing with global-matchers templates
Contributor
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Comment |
fix resume file path condition
Mzack9999
approved these changes
Jan 23, 2026
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Bumps the modules group with 8 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.112` | `1.0.113` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.3.4` | `1.3.5` | | [github.com/projectdiscovery/httpx](https://github.com/projectdiscovery/httpx) | `1.7.4` | `1.8.1` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.33` | `0.1.34` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.106` | `0.0.107` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.8.1-0.20260112120846-c41994e3635c` | `0.9.0` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.64` | `0.2.65` | | [github.com/projectdiscovery/cdncheck](https://github.com/projectdiscovery/cdncheck) | `1.2.19` | `1.2.20` | Updates `github.com/projectdiscovery/retryabledns` from 1.0.112 to 1.0.113 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](projectdiscovery/retryabledns@v1.0.112...v1.0.113) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.3.4 to 1.3.5 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.3.4...v1.3.5) Updates `github.com/projectdiscovery/httpx` from 1.7.4 to 1.8.1 - [Release notes](https://github.com/projectdiscovery/httpx/releases) - [Commits](projectdiscovery/httpx@v1.7.4...v1.8.1) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.33 to 0.1.34 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](projectdiscovery/networkpolicy@v0.1.33...v0.1.34) Updates `github.com/projectdiscovery/useragent` from 0.0.106 to 0.0.107 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.106...v0.0.107) Updates `github.com/projectdiscovery/utils` from 0.8.1-0.20260112120846-c41994e3635c to 0.9.0 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](https://github.com/projectdiscovery/utils/commits/v0.9.0) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.64 to 0.2.65 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.64...v0.2.65) Updates `github.com/projectdiscovery/cdncheck` from 1.2.19 to 1.2.20 - [Release notes](https://github.com/projectdiscovery/cdncheck/releases) - [Commits](projectdiscovery/cdncheck@v1.2.19...v1.2.20) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/retryabledns dependency-version: 1.0.113 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-version: 1.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/httpx dependency-version: 1.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-version: 0.1.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-version: 0.0.107 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-version: 0.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-version: 0.2.65 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/cdncheck dependency-version: 1.2.20 dependency-type: indirect update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Member
Author
|
@coderabbitai create an issue for this with the same title |
Closed
Contributor
|
Tip For best results, initiate chat on the files or code changes. 🧩 Analysis chain
🏁 Script executed: Length of output: 54
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes
Proof
Checklist