Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Empty body in HTTP responses dumped with options -svd -vdl #5780

Open
1 task done
KGorbakon opened this issue Oct 28, 2024 · 0 comments
Open
1 task done

[BUG] Empty body in HTTP responses dumped with options -svd -vdl #5780

KGorbakon opened this issue Oct 28, 2024 · 0 comments
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.

Comments

@KGorbakon
Copy link

KGorbakon commented Oct 28, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues.

Current Behavior

HTTP resposnse body is not visible after using -svd and -vdl options, There are only response headers and tabulation space after them.
Image

Expected Behavior

Responses' body should be visible in variable dump.
Image

Steps To Reproduce

  1. Create template:
javascript:
  - code: |
      let m = require('nuclei/net');
      let address=Host+':'+Port;
      let conn;
      conn = m.OpenTLS('tcp', address)
      conn.Send('GET / HTTP/1.1\r\nHost:'+Host+'\r\n\r\n');
      conn.RecvString();

    args:
      Host: "{{Host}}"
      Port: "443"

    matchers:
      - type: dsl
        dsl:
          - 'contains(response, "Example Domain")'
  1. Run nuclei:
    nuclei -t .\template.yaml -debug -svd -vdl 10000 -u https://example.com

Relevant log output

PS C:\path\to\template> nuclei -t .\test.yaml -debug -svd -vdl 10000 -u https://example.com

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.5

                projectdiscovery.io

[WRN] Found 32 template[s] loaded with deprecated paths, update before v3 for continued support.
[INF] Current nuclei version: v3.3.5 (latest)
[INF] Current nuclei-templates version: v10.0.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 68
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[DBG] JavaScript Protocol request variables: map[string]interface {}:8 {
  "Port": "443",
  "RDN": "example.com",
  "SD": "",
  "TLD": "com",
  "DN": "example",
  "FQDN": "example.com",
  "Host": "example.com",
  "Hostname": "example.com:443",
}
[DBG] [test] Dumped Javascript request for example.com:443:
Variables:
 map[string]interface {}:2 {
  "Host": "example.com",
  "Port": "443",
} address=example.com:443
[DBG]  [test] Javascript Code:

        let m = require('nuclei/net');
        let address = Host + ':' + Port;
        let conn;
        conn = m.OpenTLS('tcp', address)
        conn.Send('GET / HTTP/1.1\r\nHost:' + Host + '\r\n\r\n');
        conn.RecvString();

[DBG] [test] Dumped Javascript response for example.com:443:
map[string]interface {}:2 {
  "response": "HTTP/1.1 200 OK  Age: 406123  Cache-Control: max-age=604800  Content-Type: text/html; charset=UTF-8  Date: Mon, 28 Oct 2024 13:20:11 GMT  Etag: "3147526947+gzip+ident"  Expires: Mon, 04 Nov 2024 13:20:11 GMT  Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT  Server: ECAcc (nyd/D162)  Vary: Accept-Encoding  X-Cache: HIT  Content-Length: 1256    ",
  "success": "true",
} address=example.com:443
[DBG] Javascript Protocol response variables: map[string]interface {}:20 {
  "TLD": "com",
  "interactsh-server": "",
  "ip": "93.184.215.14",
  "matched": "example.com:443",
  "request": "let m = require('nuclei/net'); let address = Host + ':' + Port; let conn; conn = m.OpenTLS('tcp', address) conn.Send('GET / HTTP/1.1\r\nHost:' + Host + '\r\n\r\n'); conn.RecvString();",
  "FQDN": "example.com",
  "Host": "example.com",
  "Hostname": "example.com:443",
  "template-id": "test",
  "response": "HTTP/1.1 200 OK  Age: 406123  Cache-Control: max-age=604800  Content-Type: text/html; charset=UTF-8  Date: Mon, 28 Oct 2024 13:20:11 GMT  Etag: "3147526947+gzip+ident"  Expires: Mon, 04 Nov 2024 13:20:11 GMT  Last-Modified: Thu, 17 Oct 2019 07:18:26 GMT  Server: ECAcc (nyd/D162)  Vary: Accept-Encoding  X-Cache: HIT  Content-Length: 1256    ",
  "type": "javascript",
  "DN": "example",
  "Port": "443",
  "RDN": "example.com",
  "success": "true",
  "template-path": "C:\path\to\template\test.yaml",
  "SD": "",
  "host": "example.com:443",
  "request-pre-condition": "",
  "template-info": "{Test -vdl template me    <nil> {low} map[] <nil> }",
}
[INF] No results found. Better luck next time!

Environment

  • OS: Windows 10 22H2
  • Nuclei: v3.3.5
  • Go: go1.23.1 windows/amd64

Anything else?

Refers to:
@KGorbakon KGorbakon added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Oct 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@KGorbakon