nuclei icon indicating copy to clipboard operation
nuclei copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

Input parameter for specifying the network interface to use

Open rwincey opened this issue 3 years ago • 2 comments

Please describe your feature request:

An input parameter similar to nmap or masscan that specifies the network interface to scan from. e.g. nmap -e eth0, masscan -e eth0

   -interface, -i string  network Interface to use for scan

Describe the use case of this feature:

On systems with multiple network interfaces it could be necessary to specify the proper interface to use to hit the desired targets.

Notes

Can be done with https://pkg.go.dev/net#DialTCP by specifying a specific interface ip

rwincey avatar Jul 13 '22 13:07 rwincey

In general, leaving the source IP selection to the operative system is recommended. The mentioned nmap and masscan are different use cases, as they manipulate raw packets at a lower network level, whereas nuclei rely on system calls that have automatic network routing.

Mzack9999 avatar Aug 03 '22 06:08 Mzack9999

I opened this issue because my use case for needing this option is the same as with nmap and masscan. Nmap, masscan, and nuclei all perform poorly when "automatically" determining the proper interface to route traffic through when the scanning system has multiple interfaces and most often if one of them is a VPN tunnel. Having the option to specify the interface has been very useful.

rwincey avatar Aug 03 '22 13:08 rwincey

@rwincey this is now supported in the latest release - https://github.com/projectdiscovery/nuclei/releases/tag/v2.7.7

ehsandeep avatar Aug 26 '22 10:08 ehsandeep