diff --git a/pkg/protocols/common/protocolstate/state.go b/pkg/protocols/common/protocolstate/state.go index 09d1a66eb..e6bacb491 100644 --- a/pkg/protocols/common/protocolstate/state.go +++ b/pkg/protocols/common/protocolstate/state.go @@ -132,6 +132,9 @@ func Init(options *types.Options) error { opts.WithDialerHistory = true opts.SNIName = options.SNI + // this instance is used in javascript protocol libraries and + // dial history is required to get dialed ip of a host + opts.WithDialerHistory = true // fastdialer now by default fallbacks to ztls when there are tls related errors dialer, err := fastdialer.NewDialer(opts) diff --git a/pkg/protocols/javascript/js.go b/pkg/protocols/javascript/js.go index fc3248693..dee3ff35e 100644 --- a/pkg/protocols/javascript/js.go +++ b/pkg/protocols/javascript/js.go @@ -27,11 +27,13 @@ import ( "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/generators" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/helpers/eventcreator" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/interactsh" + "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/utils/vardump" protocolutils "github.com/projectdiscovery/nuclei/v3/pkg/protocols/utils" templateTypes "github.com/projectdiscovery/nuclei/v3/pkg/templates/types" "github.com/projectdiscovery/nuclei/v3/pkg/types" errorutil "github.com/projectdiscovery/utils/errors" + iputil "github.com/projectdiscovery/utils/ip" urlutil "github.com/projectdiscovery/utils/url" "github.com/remeh/sizedwaitgroup" ) @@ -520,6 +522,46 @@ func (request *Request) executeRequestWithPayloads(hostPort string, input *conte data["stop-at-first-match"] = true } + // add ip address to data + if input.MetaInput.CustomIP != "" { + data["ip"] = input.MetaInput.CustomIP + } else { + // context: https://github.com/projectdiscovery/nuclei/issues/5021 + hostname := input.MetaInput.Input + if strings.Contains(hostname, ":") { + host, _, err := net.SplitHostPort(hostname) + if err == nil { + hostname = host + } else { + // naive way + if !strings.Contains(hostname, "]") { + hostname = hostname[:strings.LastIndex(hostname, ":")] + } + } + } + data["ip"] = protocolstate.Dialer.GetDialedIP(hostname) + // if input itself was an ip, use it + if iputil.IsIP(hostname) { + data["ip"] = hostname + } + + // if ip is not found,this is because ssh and other protocols do not use fastdialer + // although its not perfect due to its use case dial and get ip + dnsData, err := protocolstate.Dialer.GetDNSData(hostname) + if err == nil { + for _, v := range dnsData.A { + data["ip"] = v + break + } + if data["ip"] == "" { + for _, v := range dnsData.AAAA { + data["ip"] = v + break + } + } + } + } + // add and get values from templatectx request.options.AddTemplateVars(input.MetaInput, request.Type(), request.GetID(), data) data = generators.MergeMaps(data, request.options.GetTemplateCtx(input.MetaInput).GetAll()) diff --git a/pkg/protocols/ssl/ssl.go b/pkg/protocols/ssl/ssl.go index 9b185a4f4..49d612b88 100644 --- a/pkg/protocols/ssl/ssl.go +++ b/pkg/protocols/ssl/ssl.go @@ -282,6 +282,7 @@ func (request *Request) ExecuteWithResults(input *contextargs.Context, dynamicVa } else { data["ip"] = request.dialer.GetDialedIP(hostname) } + data["Port"] = port data["template-path"] = requestOptions.TemplatePath data["template-id"] = requestOptions.TemplateID data["template-info"] = requestOptions.TemplateInfo @@ -405,6 +406,9 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent if fields.Port == "80" { fields.Port = "443" } + if types.ToString(wrapped.InternalEvent["Port"]) != "" { + fields.Port = types.ToString(wrapped.InternalEvent["Port"]) + } data := &output.ResultEvent{ TemplateID: types.ToString(wrapped.InternalEvent["template-id"]), TemplatePath: types.ToString(wrapped.InternalEvent["template-path"]),