bug fixes in js , network protocol and flow (#4313)

* fix net read * only return N bytes if extra available * use ConnReadN from readerutil * add integration test * print unsigned warning in stderr * fix js protocol in flow #4318 * fix integration test: url encoding issue * fix network protocol issue + integration tests * multiple improvements to integration test * replace all conn.Read() from tests * disable network-basic.yaml in windows * disable code protocol in win CI * fix bitwise login ps1-snippet.yaml * hide previous matcher events in flow * remove dead code+ update integration tests --------- Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2026-02-09 03:53:08 +08:00 · 2023-11-02 13:33:40 +05:30
parent c79d2f05c4
commit 595ba8e3a5
25 changed files with 296 additions and 233 deletions
--- a/integration_tests/protocols/network/net-https-timeout.yaml
+++ b/integration_tests/protocols/network/net-https-timeout.yaml
@@ -0,0 +1,25 @@
+id: net-https-timeout
+
+info:
+  name: Example Network template which times out
+  author: pdteam
+  severity: high
+  description: Example Network template to send HTTPS request which times out
+
+
+tcp:
+  - host: 
+      - "tls://{{Hostname}}"
+    port: 443
+    inputs:
+      # noticable difference between this and net-https.yaml is that here we don't send the Connection: close header
+      # and hence connection will remain open until server closes it. This can be a DOS vector in nuclei
+      # as it waits for server to close the connection. now we have set a default timeout of 5 seconds and if server responds but doesn't close the connection
+      # then nuclei will close connection but doesn't fail the request since we already have response data from server
+      # this feature is only required for `read-all: true` to work properly
+      - data: "GET / HTTP/1.1\r\nHost: {{Hostname}}\r\n\r\n"
+    read-all: true
+    extractors:
+    - type: dsl
+      dsl:
+        - "len(data)"