[BUG] OpenAPI Mode Fails Silently

[kchason]

Is there an existing issue for this?

• I have searched the existing issues.

Current Behavior

I'm running into a problem using the OpenAPI input mode where it reaches about 4k requests (~10%) then silently crashes without results. I have a required_openapi_params.yaml file and walking it through with a debugger, I can't find any reason why. It seems to be parse the schema.yaml file okay as well as the variables and stepping through some of the iterations in multiformat.go:Iterate it builds the requests like I'd expect.

Expected Behavior

It should run through all requests, or error out with an error message to help troubleshoot the problem.

Steps To Reproduce

I've run it on a few different hosts with a few different schemas but it can be reproduced with the following command with the below schema.yaml

nuclei -im openapi -l schema.yaml -stats

openapi: 3.0.0
info:
  title: Sample API

servers:
  - url: http://localhost:8080

paths:
  /users:
    get:
      summary: Returns a list of users.
      responses:
        "200":
          description: A JSON array of user names
          content:
            application/json:
              schema:
                type: array
                items:
                  username: string

Relevant log output

__     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.8

  projectdiscovery.io

[INF] Your current nuclei-templates v10.1.2 are outdated. Latest is v10.1.3
[INF] Successfully updated nuclei-templates (v10.1.3) to /Users/kchason/nuclei-templates. GoodLuck!
[WRN] Found 1 templates loaded with deprecated protocol syntax, update before v3 for continued support.
[INF] Current nuclei version: v3.3.8 (outdated)
[INF] Current nuclei-templates version: v10.1.3 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 52
[INF] Templates loaded for current scan: 39
[INF] Executing 39 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[0:00:01] | Templates: 39 | Hosts: 1 | RPS: 19 | Matched: 0 | Errors: 0 | Requests: 16/137 (11%)

Environment

- OS: Ubuntu & Mac OS
- Nuclei: v3.3.8 (dev)
- Go: 1.23.3

Anything else?

No response

[dwisiswant0]

It should run through all requests, or error out with an error message to help troubleshoot the problem.

Have you already tried running the command with the -v and -debug flags enabled? If so, could you share the output or any relevant details about what you observed?

[kchason]

It should run through all requests, or error out with an error message to help troubleshoot the problem.

Have you already tried running the command with the -v and -debug flags enabled? If so, could you share the output or any relevant details about what you observed?

I did, and the output listed the templates it loaded for the scan (39) and each of the 16 request payloads/responses, then ended with:

Snippets of the output:

[WRN] Found 1 templates loaded with deprecated protocol syntax, update before v3 for continued support.
[WRN] Setting thread count to 0 for 67 templates, dynamic extractors are not supported with payloads yet
[INF] Current nuclei version: v3.3.8 (outdated)
[INF] Current nuclei-templates version: v10.1.3 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 52
[INF] Templates loaded for current scan: 39
[INF] Executing 39 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[CVE-2018-19518] PHP imap - Remote Command Execution (@princechaddha) [high]
[CVE-2021-45046-DAST] Apache Log4j2 - Remote Code Injection (@princechaddha) [critical]
[spring4shell-CVE-2022-22965] Spring Framework RCE via Data Binding on JDK 9+ (@dhiyaneshdk,@ritikchaddha) [critical]

[DBG] [sqli-error-based] Dumped HTTP response http://localhost:8080/users

HTTP/1.1 307 Temporary Redirect
Connection: close
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Feb 2025 20:35:24 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://localhost:8080/site/login
Pragma: no-cache
Server: Apache/2.4.62 (Debian)
X-Powered-By: PHP/8.4.4
Content-Length: 0

[0:00:01] | Templates: 39 | Hosts: 1 | RPS: 23 | Matched: 0 | Errors: 0 | Requests: 16/137 (11%)

[dwisiswant0]

Hey, @kchason! I'm having a bit of trouble reproducing this issue on my end since I don't have the same setup or requirements as you. Would you mind sharing those details with me privately on Discord? That would really help me troubleshoot this better. Even better, if possible, could you record a short video demonstrating the issue? That would make it much easier for me to see exactly what's happening.

Also, I'm a little confused by what you mean when you say it "silently crashes without results". How are you determining that it actually crashed? Did the process just stop unexpectedly, or did it exit normally without showing something like "No results found. Better luck next time" at the end, or was there some other indication that it failed?