nuclei
nuclei copied to clipboard
projectdiscovery
Workflow match template use flow has Javascript Error
Nuclei version:
E:\PenetrationT\scan\nuclei>nuclei -version
[INF] Nuclei Engine Version: v3.1.10
[INF] Nuclei Config Directory: C:\Users\zouch\AppData\Roaming\nuclei
[INF] Nuclei Cache Directory: C:\Users\zouch\AppData\Local\nuclei
[INF] PDCP Directory: C:\Users\zouch\.pdcp
Current Behavior:
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x20 pc=0x292135b]
goroutine 16 [running]:
github.com/projectdiscovery/nuclei/v3/pkg/tmplexec.(*TemplateExecuter).ExecuteWithResults(0xc000fd1db8?, 0xcc11a5?)
github.com/projectdiscovery/nuclei/v3/pkg/tmplexec/exec.go:195 +0x1b
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).runWorkflowStep(0xc0003e8fc0, 0xc000ceb1f0, 0xc000f7cc80, 0xc000fae94c, 0xc000fc80e0, 0xc000a50f80)
github.com/projectdiscovery/nuclei/v3/pkg/core/workflow_execute.go:149 +0x3e6
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeWorkflow.func1(0xc000fc80e0?, 0x3a79778?, 0x51746a0?, 0x78?, 0x2ff7ca0?, 0xc000ceb1f0)
github.com/projectdiscovery/nuclei/v3/pkg/core/workflow_execute.go:43 +0x71
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeWorkflow(0x0?, 0xc000f7cc80, 0xc000a50f80)
github.com/projectdiscovery/nuclei/v3/pkg/core/workflow_execute.go:46 +0x1e6
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeTemplateWithTargets.func2.1(0xf349e0?, 0xc0?, 0xc000fab9b0)
github.com/projectdiscovery/nuclei/v3/pkg/core/executors.go:121 +0x1fb
created by github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeTemplateWithTargets.func2 in goroutine 15
github.com/projectdiscovery/nuclei/v3/pkg/core/executors.go:107 +0x4f1
Expected Behavior:
[php-detect] [http] [info] http://127.0.0.1
Steps To Reproduce:
- Run 'nuclei.exe -w custom\workflow-test.yaml -u http://127.0.0.1' Error:
nuclei.exe -w custom\workflow-test.yaml -u http://127.0.0.1
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.1.10
projectdiscovery.io
[WRN] Found 14 template[s] loaded with deprecated paths, update before v3 for continued support.
[INF] Current nuclei version: v3.1.10 (latest)
[INF] Current nuclei-templates version: v9.7.5 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] Workflows loaded for current scan: 1
[INF] Executing 2 signed templates from projectdiscovery/nuclei-templates
[INF] Executing 1 signed templates from test.test
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x20 pc=0x292135b]
goroutine 16 [running]:
github.com/projectdiscovery/nuclei/v3/pkg/tmplexec.(*TemplateExecuter).ExecuteWithResults(0xc000fd1db8?, 0xcc11a5?)
github.com/projectdiscovery/nuclei/v3/pkg/tmplexec/exec.go:195 +0x1b
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).runWorkflowStep(0xc0003e8fc0, 0xc000ceb1f0, 0xc000f7cc80, 0xc000fae94c, 0xc000fc80e0, 0xc000a50f80)
github.com/projectdiscovery/nuclei/v3/pkg/core/workflow_execute.go:149 +0x3e6
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeWorkflow.func1(0xc000fc80e0?, 0x3a79778?, 0x51746a0?, 0x78?, 0x2ff7ca0?, 0xc000ceb1f0)
github.com/projectdiscovery/nuclei/v3/pkg/core/workflow_execute.go:43 +0x71
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeWorkflow(0x0?, 0xc000f7cc80, 0xc000a50f80)
github.com/projectdiscovery/nuclei/v3/pkg/core/workflow_execute.go:46 +0x1e6
github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeTemplateWithTargets.func2.1(0xf349e0?, 0xc0?, 0xc000fab9b0)
github.com/projectdiscovery/nuclei/v3/pkg/core/executors.go:121 +0x1fb
created by github.com/projectdiscovery/nuclei/v3/pkg/core.(*Engine).executeTemplateWithTargets.func2 in goroutine 15
github.com/projectdiscovery/nuclei/v3/pkg/core/executors.go:107 +0x4f1
- Run Nuclei version 3.0.4 'nuclei304.exe -w custom\workflow-test.yaml -u http://127.0.0.1' No Error
nuclei304.exe -w custom\workflow-test.yaml -u http://127.0.0.1
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.0.4
projectdiscovery.io
[WRN] Found 14 template[s] loaded with deprecated paths, update before v3 for continued support.
[INF] Current nuclei version: v3.0.4 (outdated)
[INF] Current nuclei-templates version: v9.7.5 (latest)
[INF] Workflows loaded for current scan: 1
[INF] Executing 2 signed templates from projectdiscovery/nuclei-templates
[INF] Executing 1 signed templates from test.test
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[php-detect] [http] [info] http://127.0.0.1
Anything else:
file: flow-test.yaml
id: myscan-workflow
info:
name: myscan-workflow
author: UbranGames
description: test
reference: https://test.test
workflows:
- template: custom/flow-test.yaml
matchers:
- name: php
subtemplates:
- template: custom/mytemp/custom-php-detect.yaml
- template: http/exposures/configs/phpinfo-files.yaml
- template: http/exposures/configs/php-fpm-config.yaml
file: workflow-test.yaml
id: flow-test
info:
name: flow-test
author: UbranGames
severity: low
description: Flow Test
reference:
- https://test.test
classification:
cwe-id: CWE-200
tags: finger
metadata:
max-request: 6
verified: true
flow: |
http(1);
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: word
name: php
words:
- PHP/
- PHPSESSION
- 'X-Powered-By: PHP'
- 'x-powered-by: php'
condition: or
part: header
- method: GET
path:
- "{{BaseURL}}/test/"
matchers:
- type: word
name: php
words:
- PHP/
- PHPSESSION
- 'X-Powered-By: PHP'
- 'x-powered-by: php'
condition: or
part: header
