Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ignore version parsing error #3984

Merged
merged 6 commits into from
Jul 28, 2023
Merged

ignore version parsing error #3984

merged 6 commits into from
Jul 28, 2023

Conversation

tarunKoyalwar
Copy link
Member

@tarunKoyalwar tarunKoyalwar commented Jul 26, 2023
edited
Loading

Proposed Changes

POC

$ echo https://example.com | ./nuclei -t ~/test-templates/comparewarning.yaml -v

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.9.9

		projectdiscovery.io

[INF] Current nuclei version: v2.9.9 (latest)
[INF] Current nuclei-templates version: v9.5.8 (latest)
[INF] New templates added in latest release: 113
[INF] Templates loaded for current scan: 1
[INF] Targets loaded for current scan: 1
[VER] [basic-example] Sent HTTP request to https://example.com
[INF] No results found. Better luck next time!

template

id: basic-example

info:
  name: Test HTTP Template
  author: pdteam
  severity: info

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: dsl
        dsl:
          - compare_versions("GG", '< 4.8.5')

@tarunKoyalwar tarunKoyalwar self-assigned this Jul 26, 2023
@tarunKoyalwar tarunKoyalwar linked an issue Jul 26, 2023 that may be closed by this pull request
[WRN] [CVE-2019-6799] Malformed version: [6.20.35 188 17] #3950
Closed
@tarunKoyalwar tarunKoyalwar marked this pull request as ready for review July 26, 2023 13:01
@tarunKoyalwar
Copy link
Member Author

SHOW_DSL_ERRORS env

  • since errors may be required in some cases . setting this env variable will show ignored dsl errors
$ SHOW_DSL_ERRORS=true ./nuclei -u https://example.com -t ~/test-templates/comparewarning.yaml -v

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.9.9

		projectdiscovery.io

[INF] Current nuclei version: v2.9.9 (latest)
[INF] Current nuclei-templates version: v9.5.8 (latest)
[INF] New templates added in latest release: 113
[INF] Templates loaded for current scan: 1
[INF] Targets loaded for current scan: 1
[VER] [basic-example] Sent HTTP request to https://example.com
[WRN] [basic-example] error parsing argument value
[INF] No results found. Better luck next time!

Mzack9999
Mzack9999 requested changes Jul 27, 2023
View reviewed changes
Copy link
Member

@Mzack9999 Mzack9999 left a comment
edited by tarunKoyalwar
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implementation: lgtm!
I'd recommend to also add:

  • Integration Tests
  • Update docs if necessary with new ENV variable flag explanation (I'm not sure if we have already a section for this)

@ehsandeep ehsandeep mentioned this pull request Jul 27, 2023
Merged
@tarunKoyalwar
Copy link
Member Author

depends on projectdiscovery/dsl#68

@tarunKoyalwar
Copy link
Member Author

@Mzack9999 @ehsandeep , created new file DEBUG.md to track all debugging options available in nuclei https://github.com/projectdiscovery/nuclei/blob/issue-3950-dsl-warning/DEBUG.md

i think it will also be helpful for other teams

@ehsandeep ehsandeep merged commit 6bdef68 into dev Jul 28, 2023
@ehsandeep ehsandeep deleted the issue-3950-dsl-warning branch July 28, 2023 15:34
@ehsandeep ehsandeep added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Jul 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mzack9999 Mzack9999 Mzack9999 requested changes

@ehsandeep ehsandeep ehsandeep approved these changes

Assignees

@tarunKoyalwar tarunKoyalwar

Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[WRN] [CVE-2019-6799] Malformed version: [6.20.35 188 17]
3 participants
@tarunKoyalwar @ehsandeep @Mzack9999