nuclei icon indicating copy to clipboard operation
nuclei copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

-u When scanning some sites, there may be a problem with output without line breaks.

Open c0mpl1ng opened this issue 9 months ago • 8 comments

When I use the -u parameter to scan a single site, I will find that the output of some sites does not wrap.

n1 n2

c0mpl1ng avatar Apr 30 '24 05:04 c0mpl1ng

I'm not sure if it has something to do with the odd-even character length. When I executed a scan task and the output was abnormal, I ended the task and re-executed it, and added an extra space to the command. Miraculously, the output was normal this time. n3 n4

c0mpl1ng avatar Apr 30 '24 09:04 c0mpl1ng

Same issue

Platform:

image

Nuclei version:

[INF] Nuclei Engine Version: v3.2.1

Output:

image

reewardius avatar Apr 30 '24 11:04 reewardius

Same issue

Platform:

image

Nuclei version:

[INF] Nuclei Engine Version: v3.2.1

Output:

image

My system version is 10.0.22631.3447. I am not sure whether this is a problem with the Windows system or with Nuclei. I tried running nuclei on other windows computers and there was no such problem.

c0mpl1ng avatar Apr 30 '24 11:04 c0mpl1ng

In https://github.com/microsoft/terminal/issues/17159 @King-Mr helped confirm that this isn't exclusive to the Windows Terminal, but also repros in conhost.exe too.

This looks to me like either a newline mode not being set right, or someone only emitting \n and not \r\n, or something like that. Note how each line starts directly below the end of the previous one. That's a telltale sign of doing a \n (newline, to move the cursor down a line), without the \r (carriage-return, to move the cursor to the start of the row). That's usually something that should be handled by a lower-level console handling / logging lib, rather than any code you'd write yourself. Admittedly, I don't know enough about how this project works to be able to be more help - just trying to share some console expertise ☺️

zadjii-msft avatar Apr 30 '24 12:04 zadjii-msft

In microsoft/terminal#17159 @King-Mr helped confirm that this isn't exclusive to the Windows Terminal, but also repros in conhost.exe too.

This looks to me like either a newline mode not being set right, or someone only emitting \n and not \r\n, or something like that. Note how each line starts directly below the end of the previous one. That's a telltale sign of doing a \n (newline, to move the cursor down a line), without the \r (carriage-return, to move the cursor to the start of the row). That's usually something that should be handled by a lower-level console handling / logging lib, rather than any code you'd write yourself. Admittedly, I don't know enough about how this project works to be able to be more help - just trying to share some console expertise ☺️

Thank you for sharing, but I don't understand why everyone would have this problem if it's the situation you described. But it seems that only a very small number of people have this problem. And in my test, it seems to be related to the number of characters in the command line. It seems that when the output is abnormal at a certain time, the same command with a space will output normally.

c0mpl1ng avatar Apr 30 '24 12:04 c0mpl1ng

I may be completely wrong, but my guess would be that this has something to do with pipes (assuming you're using something like that).

The first program in the pipeline sets some console modes, outputs some content, and then resets the modes back to what they were initially. But part way through that process, the second program starts reading the first one's output, and does its own thing with the content before writing it out again. If the first program ends while the second is still busy, the second one may find itself using console modes that it wasn't expecting.

The exact behavior may depend on things like buffer size, and the load on the system, so that might explain why you don't always see the problem, and it doesn't affect everyone. But note the one screenshot above where the logo is fine, and the first two warnings are fine, and it's only from the third warning onwards that the linefeeds are wrong. The break at that point could be explained by the first program in the pipeline having just closed.

Again this is just a theory, and I'm not positive I've got my facts right regarding Windows console modes in a pipeline, but it's at least a possible explanation for what you're seeing here.

j4james avatar Apr 30 '24 16:04 j4james

I wanted to chip in and say I am not using pipes, but am experiencing the same issue, on Windows 11.

iknek avatar May 14 '24 18:05 iknek

This issue still persists for Nuclei version 3.3.1 on Win 11 Pro, and the output is the same for any domain scan, are there any fixes for this?

rinzlermk avatar Aug 23 '24 16:08 rinzlermk