nuclei icon indicating copy to clipboard operation
nuclei copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

nuclei should not fail silently

Open Techbrunch opened this issue 3 years ago • 1 comments
trafficstars

I ran into an issue where my template was clearly not executed for no apparent reasons (https://github.com/projectdiscovery/nuclei/discussions/2062)

It turns out the template was not run after reaching too many errors.

I found this out using the -stats flag and my workaround was to use the -max-host-error flag with a high value.

I believe when the max-host-error limit is reached (default 30) there should be a clear error message.

Techbrunch avatar May 25 '22 13:05 Techbrunch

Related #1166, #2012

forgedhallpass avatar May 26 '22 07:05 forgedhallpass

@xm1k3 we can include skipped host information as part of -elog option.

{
  "host": "http://asdsadsadagoogle.coms",
  "error": "no address found for host",
  "skipped": true
}

ehsandeep avatar Dec 03 '22 03:12 ehsandeep

Depends on https://github.com/projectdiscovery/nuclei/issues/3046

@ehsandeep if the host is skipped due to reaching the maximum number of failed attempts, we wouldn't even try to connect to it. The error message is already in place at https://github.com/projectdiscovery/nuclei/blob/e033b53115f279b1a41c77a7894e0f9dd5025612/v2/pkg/protocols/common/hosterrorscache/hosterrorscache.go#L104 not sure what would be the best way to make it more visible, since it requires the verbose flag to be shown.

Mzack9999 avatar Dec 15 '22 11:12 Mzack9999

@Techbrunch if you are interested to learn about hosts that are skipped or errored out, you can always use -elog option to write the errored host to file and looks for them with cat nuclei_errors | jq .input, skipped hosts are also printed when running with verbose mode, but that info can't be printed on default run as there are multiple hosts goes though nuclei and will make default output nonreadable.

ehsandeep avatar Jan 02 '23 08:01 ehsandeep

I disagree. Why would it be nonreadable ? I mean this should not happen usually right ? So I expect that this error would come up only for a low percentage of hosts unless you send garbage hosts data to nuclei no ?

If nothing changed since I opened this issue it means that nuclei fails silently which should not happen in my opinion.

Techbrunch avatar Jan 02 '23 08:01 Techbrunch

@Techbrunch fixed with https://github.com/projectdiscovery/nuclei/pull/3123

ehsandeep avatar Jan 02 '23 13:01 ehsandeep

@Techbrunch follow up issue to disable this feature - https://github.com/projectdiscovery/nuclei/issues/3138

ehsandeep avatar Jan 03 '23 10:01 ehsandeep