Remove singletons from Nuclei engine (continuation of #6210) (#6296)

* introducing execution id * wip * . * adding separate execution context id * lint * vet * fixing pg dialers * test ignore * fixing loader FD limit * test * fd fix * wip: remove CloseProcesses() from dev merge * wip: fix merge issue * protocolstate: stop memguarding on last dialer delete * avoid data race in dialers.RawHTTPClient * use shared logger and avoid race conditions * use shared logger and avoid race conditions * go mod * patch executionId into compiled template cache * clean up comment in Parse * go mod update * bump echarts * address merge issues * fix use of gologger * switch cmd/nuclei to options.Logger * address merge issues with go.mod * go vet: address copy of lock with new Copy function * fixing tests * disable speed control * fix nil ExecuterOptions * removing deprecated code * fixing result print * default logger * cli default logger * filter warning from results * fix performance test * hardcoding path * disable upload * refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg` Signed-off-by: Dwi Siswanto <git@dw1.io> * Revert "disable upload" This reverts commit 114fbe6663. * Revert "hardcoding path" This reverts commit cf12ca800e. --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> Co-authored-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com>
2026-02-07 02:53:10 +08:00 · 2025-07-09 14:47:26 -05:00
parent 285c5e1442
commit f26996cb89
180 changed files with 2274 additions and 1034 deletions
--- a/pkg/protocols/javascript/js.go
+++ b/pkg/protocols/javascript/js.go
@@ -9,9 +9,9 @@ import (
 	"sync/atomic"
 	"time"

+	"github.com/Mzack9999/goja"
 	"github.com/alecthomas/chroma/quick"
 	"github.com/ditashi/jsbeautifier-go/jsbeautifier"
-	"github.com/dop251/goja"
 	"github.com/pkg/errors"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/nuclei/v3/pkg/js/compiler"
@@ -151,6 +151,7 @@ func (request *Request) Compile(options *protocols.ExecutorOptions) error {
 		}

 		opts := &compiler.ExecuteOptions{
+			ExecutionId:     request.options.Options.ExecutionId,
 			TimeoutVariants: request.options.Options.GetTimeouts(),
 			Source:          &request.Init,
 			Context:         context.Background(),
@@ -357,6 +358,7 @@ func (request *Request) ExecuteWithResults(target *contextargs.Context, dynamicV

 		result, err := request.options.JsCompiler.ExecuteWithOptions(request.preConditionCompiled, argsCopy,
 			&compiler.ExecuteOptions{
+				ExecutionId:     requestOptions.Options.ExecutionId,
 				TimeoutVariants: requestOptions.Options.GetTimeouts(),
 				Source:          &request.PreCondition, Context: target.Context(),
 			})
@@ -530,6 +532,7 @@ func (request *Request) executeRequestWithPayloads(hostPort string, input *conte

 	results, err := request.options.JsCompiler.ExecuteWithOptions(request.scriptCompiled, argsCopy,
 		&compiler.ExecuteOptions{
+			ExecutionId:     requestOptions.Options.ExecutionId,
 			TimeoutVariants: requestOptions.Options.GetTimeouts(),
 			Source:          &request.Code,
 			Context:         input.Context(),
@@ -611,6 +614,11 @@ func (request *Request) executeRequestWithPayloads(hostPort string, input *conte

 // generateEventData generates event data for the request
 func (request *Request) generateEventData(input *contextargs.Context, values map[string]interface{}, matched string) map[string]interface{} {
+	dialers := protocolstate.GetDialersWithId(request.options.Options.ExecutionId)
+	if dialers == nil {
+		panic(fmt.Sprintf("dialers not initialized for %s", request.options.Options.ExecutionId))
+	}
+
 	data := make(map[string]interface{})
 	for k, v := range values {
 		data[k] = v
@@ -643,7 +651,7 @@ func (request *Request) generateEventData(input *contextargs.Context, values map
 				}
 			}
 		}
-		data["ip"] = protocolstate.Dialer.GetDialedIP(hostname)
+		data["ip"] = dialers.Fastdialer.GetDialedIP(hostname)
 		// if input itself was an ip, use it
 		if iputil.IsIP(hostname) {
 			data["ip"] = hostname
@@ -651,7 +659,7 @@ func (request *Request) generateEventData(input *contextargs.Context, values map

 		// if ip is not found,this is because ssh and other protocols do not use fastdialer
 		// although its not perfect due to its use case dial and get ip
-		dnsData, err := protocolstate.Dialer.GetDNSData(hostname)
+		dnsData, err := dialers.Fastdialer.GetDNSData(hostname)
 		if err == nil {
 			for _, v := range dnsData.A {
 				data["ip"] = v
@@ -816,3 +824,8 @@ func prettyPrint(templateId string, buff string) {
 	}
 	gologger.Debug().Msgf(" [%v] Javascript Code:\n\n%v\n\n", templateId, strings.Join(final, "\n"))
 }
+
+// UpdateOptions replaces this request's options with a new copy
+func (r *Request) UpdateOptions(opts *protocols.ExecutorOptions) {
+	r.options.ApplyNewEngineOptions(opts)
+}
--- a/pkg/protocols/javascript/js_test.go
+++ b/pkg/protocols/javascript/js_test.go
@@ -23,7 +23,7 @@ var (
 		"testcases/redis-pass-brute.yaml",
 		"testcases/ssh-server-fingerprint.yaml",
 	}
-	executerOpts protocols.ExecutorOptions
+	executerOpts *protocols.ExecutorOptions
 )

 func setup() {
@@ -31,7 +31,7 @@ func setup() {
 	testutils.Init(options)
 	progressImpl, _ := progress.NewStatsTicker(0, false, false, false, 0)

-	executerOpts = protocols.ExecutorOptions{
+	executerOpts = &protocols.ExecutorOptions{
 		Output:       testutils.NewMockOutputWriter(options.OmitTemplate),
 		Options:      options,
 		Progress:     progressImpl,
@@ -42,7 +42,7 @@ func setup() {
 		RateLimiter:  ratelimit.New(context.Background(), uint(options.RateLimit), time.Second),
 		Parser:       templates.NewParser(),
 	}
-	workflowLoader, err := workflow.NewLoader(&executerOpts)
+	workflowLoader, err := workflow.NewLoader(executerOpts)
 	if err != nil {
 		log.Fatalf("Could not create workflow loader: %s\n", err)
 	}