Module: Msf::DBManager::Import::Nuclei
- Included in:
- Msf::DBManager::Import
- Defined in:
- lib/msf/core/db_manager/import/nuclei.rb
Instance Method Summary collapse
-
#import_nuclei_json(args = {}, &block) ⇒ Object
Imports Nuclei scan results in JSON format.
-
#import_nuclei_jsonl(args = {}, &block) ⇒ Object
Imports Nuclei scan results in JSON Lines (JSONL) format.
Instance Method Details
#import_nuclei_json(args = {}, &block) ⇒ Object
Imports Nuclei scan results in JSON format.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/msf/core/db_manager/import/nuclei.rb', line 5 def import_nuclei_json(args = {}, &block) wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] JSON.parse(args[:data]).each do |data| next if data.blank? ip = data['ip'] next if ip.blank? next if bl.include?(ip) yield(:address, ip) if block matched_at = data['matched-at'] uri = URI.parse(matched_at.include?('://') ? matched_at : "tcp://#{matched_at}") vhost = uri.host port = uri.port.to_i service = uri.scheme template_id = data['template-id'] matcher_name = data['matcher-name'] info = data['info'] name = info['name'] description = info['description'].to_s.strip severity = info['severity'] desc_text = [template_id, name, matcher_name, description].join("\n").strip note = { workspace: wspace, host: ip, vhost: vhost, port: port, proto: 'tcp', sname: service, type: 'host.nuclei.scan', data: desc_text, update: :unique_data, task: args[:task] } report_note(note) next unless %w[low medium high critical].include?(severity) references = info['reference'] || [] curl_command = data['curl-command'] extracted_results = data['extracted-results'] proof = [curl_command, extracted_results].join("\n\n") vuln = { workspace: wspace, host: ip, vhost: vhost, port: port, proto: 'tcp', sname: service, name: name, info: desc_text, proof: proof, refs: references, task: args[:task] } report_vuln(vuln) end end |
#import_nuclei_jsonl(args = {}, &block) ⇒ Object
Imports Nuclei scan results in JSON Lines (JSONL) format.
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 |
# File 'lib/msf/core/db_manager/import/nuclei.rb', line 78 def import_nuclei_jsonl(args = {}, &block) wspace = Msf::Util::DBManager.process_opts_workspace(args, framework).name bl = validate_ips(args[:blacklist]) ? args[:blacklist].split : [] args[:data].each_line do |line| next if line.strip.blank? data = JSON.parse(line) next if data.blank? ip = data['ip'] next if ip.blank? next if bl.include?(ip) yield(:address, ip) if block matched_at = data['matched-at'] uri = URI.parse(matched_at.include?('://') ? matched_at : "tcp://#{matched_at}") vhost = uri.host port = uri.port.to_i service = uri.scheme template_id = data['template-id'] matcher_name = data['matcher-name'] info = data['info'] name = info['name'] description = info['description'].to_s.strip severity = info['severity'] desc_text = [template_id, name, matcher_name, description].join("\n").strip note = { workspace: wspace, host: ip, vhost: vhost, port: port, proto: 'tcp', sname: service, type: 'host.nuclei.scan', data: desc_text, update: :unique_data, task: args[:task] } report_note(note) next unless %w[low medium high critical].include?(severity) references = info['reference'] || [] curl_command = data['curl-command'] extracted_results = data['extracted-results'] proof = [curl_command, extracted_results].join("\n\n") vuln = { workspace: wspace, host: ip, vhost: vhost, port: port, proto: 'tcp', sname: service, name: name, info: desc_text, proof: proof, refs: references, task: args[:task] } report_vuln(vuln) end end |