nuclei其具备这强大功能与良好的生态,其包含的3622poc更是让笔者心动,故对其进行了一些研究,让nuclei可以集成到自己的扫描器中,以下抽离与nuclei相关的核心代码方便大家参考,如有问题可留言或私信我。不多哔哔,上代码。
- package main
-
- import (
- "fmt"
- "github.com/logrusorgru/aurora"
- "github.com/projectdiscovery/nuclei/v2/pkg/output"
- "github.com/projectdiscovery/nuclei/v2/pkg/protocols"
- "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit"
- "github.com/projectdiscovery/nuclei/v2/pkg/templates"
- "github.com/projectdiscovery/nuclei/v2/pkg/types"
- "go.uber.org/ratelimit"
- )
-
- //-------------------此中内容只是为了完成ExecuterOptions初始化 Start
-
- type Writer struct{}
-
- func (r *Writer) WriteStoreDebugData(host, templateID, eventType string, data string) {}
-
- func (r *Writer) Close() {}
- func (r *Writer) Colorizer() aurora.Aurora {
- return nil
- }
- func (r *Writer) WriteFailure(event output.InternalEvent) error { return nil }
- func (r *Writer) Write(w *output.ResultEvent) error { return nil }
- func (r *Writer) Request(templateID, url, requestType string, err error) {}
-
- type Progress struct{}
-
- func (p *Progress) Stop() {}
- func (p *Progress) Init(hostCount int64, rulesCount int, requestCount int64) {}
- func (p *Progress) AddToTotal(delta int64) {}
- func (p *Progress) IncrementRequests() {}
- func (p *Progress) IncrementMatched() {}
- func (p *Progress) IncrementErrorsBy(count int64) {}
- func (p *Progress) IncrementFailedRequestsBy(count int64) {}
-
- //-------------------此中内容只是为了完成ExecuterOptions初始化 End
- func main() {
-
- w := &Writer{}
- p := &Progress{}
- o := &types.Options{
- //nuclei扫描器包含配置项,根据自己需要配置,因无必填内容故省略
- }
- //初始化nuclei的客户端协议池;
- err := protocolinit.Init(o)
- if err != nil {
- fmt.Println("初始化Nuclei客户端协议池失败")
- return
- }
- //设置运行时,配置信息,以下均为必填内容
- eo := protocols.ExecuterOptions{
- Output: w, //输出
- Options: o, //扫描器基本配置
- Progress: p, //记录扫描进度
- RateLimiter: ratelimit.New(2), //是一个速度限制器限制发送的请求数量。
- }
- //单个poc的存放位置
- f := "yourFile\\http-missing-security-headers.yaml"
- poc, err := templates.Parse(f, nil, eo)
- if err != nil || poc == nil {
- fmt.Println("未成功获取poc")
-
- }
- //生成poc对应的运行时模板
- e := poc.Executer
- //设置目标地址
- target := "http://172.18.72.19/DVWA-master/login.php"
- //以包含放回的形式对目标执行poc
- err = e.ExecuteWithResults(target, func(result *output.InternalWrappedEvent) {
- //无关代码,单纯为了打印看效果
- for _, r := range result.Results {
- fmt.Println(r.TemplateID)
- }
-
- })
-
- }
-