Authenticated scan does not work with input files (-list, -input-mode)

[nth347]

It's pefectly fine to run this as an authenticated scan:

nuclei -debug -prefetch-secrets -secret-file my-secret-file.yaml -proxy http://burp-proxy:8080 -target https://target.com

But when I specifying target as a Burp file, it does not work:

nth347@ubuntu:~$ nuclei -debug -prefetch-secrets -secret-file my-secret-file.yaml -proxy http://burp-proxy:8080 -list burp.xml -input-mode burp

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.0

		projectdiscovery.io

[WRN] Setting thread count to 0 for 45 templates, dynamic extractors are not supported with payloads yet
[INF] Current nuclei version: v3.3.0 (latest)
[INF] Current nuclei-templates version: v9.9.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 67
[INF] Templates loaded for current scan: 24
[INF] Executing 24 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[INF] Pre-fetching secrets from authprovider[s]
[FTL] Could not run nuclei: could not pre-fetch secrets: no templates found for path: ***path to***/my-login.yaml

I tried with proxify logs and got the same error, no request was sent to Burp proxy.

[nth347]

hi @ehsandeep , have a look to this issue please

[nth347]

The issue seems to be duplicated with #5493

[RamanaReddy0M]

@nth347 Applied fix here:

• fix loading dynamic auth templates on fuzzing #5646

Can you try this pr?

[nth347]

hi @RamanaReddy0M ,

It works! Thanks so much for the fix!

[nth347]

hi everyone,

I find out that after merging the fix to the dev branch, it does not work.

I mean:

# cd nuclei/
git checkout issue-5493-fix-dynamic-auth-with-fuzzing
go build cmd/nuclei/main.go && mv main nuclei

The resulting nuclei binary works with dynamic auth templates on fuzzing as expected.

# cd nuclei/
git checkout dev
go build cmd/nuclei/main.go && mv main nuclei

The resulting nuclei binary work does not work as expected. Here is the error:

./nuclei -list request-get.xml -input-mode burp -prefetch-secrets -secret-file secret-file.yaml -proxy http://192.168.52.110:8080

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.2

		projectdiscovery.io

[WRN] Found 1 templates with runtime error (use -validate flag for further examination)
[INF] Current nuclei version: v3.3.2 (latest)
[INF] Current nuclei-templates version: v10.0.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 255
[INF] Templates loaded for current scan: 25
[INF] Executing 25 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[INF] Pre-fetching secrets from authprovider[s]
[FTL] Could not run nuclei: could not pre-fetch secrets: no templates found for path: login.yaml

can you look into this, @RamanaReddy0M ?

[RamanaReddy0M]

➜  nuclei git:(dev) ✗ cat secrets.yaml
dynamic:
  - template: login.yaml
    variables:
      - key: username 
        value: name1 
      - key: password
        value: pass1
    type: bearertoken
    domains:
      - 127.0.0.1:5002
    input: http://127.0.0.1:5002 
    token: "{{auth_token}}"
➜  nuclei git:(dev) ✗ go run . -im openapi -list openapi-5493.json -p http://127.0.0.1:8080 -ps -sf secrets.yaml -t sqli.yaml -v

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.2

                projectdiscovery.io

[VER] Using http://127.0.0.1:8080 as proxy server
[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.3.2 (latest)
[INF] Current nuclei-templates version: v10.0.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 14
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] Pre-fetching secrets from authprovider[s]
[VER] [login] Sent HTTP request to http://127.0.0.1:5002/users/v1/login
[VER] [sqli-test] Sent HTTP request to http://127.0.0.1:5002/api/v1/test
[VER] [sqli-test] Sent HTTP request to http://127.0.0.1:5002/api/test
[sqli-test:sql_error] [http] [critical] http://127.0.0.1:5002/api/test [path:/api] [GET]

It works for me!

[nth347]

I pulled the repo again and it works for me now, thanks @RamanaReddy0M