nuclei icon indicating copy to clipboard operation
nuclei copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

resolve / resolve_all helper functions

Open ehsandeep opened this issue 2 years ago • 1 comments

New helpers for DNS resolution enable writing more complex nuclei templates.

  • [ ] resolve
  • [ ] resolve_all

Helper example:

{{resolve ("hackerone.com")}} # Resolve hackerone.com, returns single IPv4 A record (IPv4 is being default option here)
{{resolve ("hackerone.com", 6)}} # Resolve hackerone.com, returns single IPv6 A record
{{resolve ("hackerone.com", 4,6)}} # Resolve hackerone.com and returns array of signle IP v4/v6 A record for each
{{resolve_all ("hackerone.com")}} # Resolve hackerone.com and returns array of all associated IPv4 A record
{{resolve_all ("hackerone.com", 6)}} # Resolve hackerone.com and returns array of all associated IPv6 A record
{{resolve_all ("hackerone.com", 4,6)}} # Resolve hackerone.com and returns array of all associated IP v4/v6 A record

Example template using resolve helper:

id: test

info:
  name: test template
  author: 0xAwali
  severity: info

requests:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}
        X-Forwards-For: {{resolve(Host)}}

id: test

info:
  name: test template
  author: 0xAwali
  severity: info

requests:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{resolve(Host), 6}}

ehsandeep avatar Jul 25 '22 10:07 ehsandeep

Questions:

  • resolve_all will return a slice of results. What is the expected behavior of its use within a single HTTP request? I don't think it's possible to iterate over the results and send a single request for each value

Mzack9999 avatar Jul 29 '22 11:07 Mzack9999

I think that DNS helper functions are entirely undocumented right?

JaneX8 avatar Dec 05 '22 14:12 JaneX8