Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unknown crash #821

Closed
0xAwali opened this issue Jul 9, 2021 · 5 comments
Closed

Unknown crash #821

0xAwali opened this issue Jul 9, 2021 · 5 comments
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.

Comments

@0xAwali
Copy link

0xAwali commented Jul 9, 2021
edited by sync-by-unito bot
Loading

Describe the bug

While Trying Rebuild CVS's e.g. CVE-2005-2428 From

requests:
  - method: GET
    path:
      - "{{BaseURL}}/names.nsf/People?OpenView"
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: regex
        name: domino-username
        regex:
          - '(<a href\=\"/names\.nsf/[0-9a-z\/]+\?OpenDocument)'
        part: body

To Do Something Like That

requests:
  - payloads:
      Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
    attack: sniper
    threads: 100

    raw:
      - |
        GET /names.nsf/People?OpenView HTTP/1.1
        Host: {{Subdomains}}
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: regex
        name: domino-username
        regex:
          - '(<a href\=\"/names\.nsf/[0-9a-z\/]+\?OpenDocument)'
        part: body

Some Tips To Understand My Template , I'm Trying To FUZZ Host Header e.g. If My Wordlist Contains :-
internal.company.com
dev.company.com

Nuclei Will Sent Two Requests

GET /names.nsf/People?OpenView HTTP/1.1
Host: internal.company.com

GET /names.nsf/People?OpenView HTTP/1.1
Host: dev.company.com

So Nuclei Will Work Fine If My Wordlist Is Small e.g. 10 Lines And URL's File Also Small But When My
Wordlist Contains e.g. 200 Lines And URL's File 200 URL's , I Got This Error

Screenshot!UNITO-UNDERSCORE!2021-07-09!UNITO-UNDERSCORE!10!UNITO-UNDERSCORE!19!UNITO-UNDERSCORE!39

Here Is My Command

nuclei -c 400 -list urls.txt -t "/cvs/*.yaml" -o CVE.out

Number OF Lines Into urls.txt 145 Lines
Number OF Lines Into My Wordlist That Will Use 150 Lines
Number OF CVS's 70 Yaml Files

So I Test It Multiple Times And Got The Same Error After e.g. 10-15 Minutes

Nuclei version
Current Version: 2.3.8

And Also There Is Another Error While Nuclei Facing HTTP Response Contains HTTP/1.0

Screenshot!UNITO-UNDERSCORE!2021-07-08!UNITO-UNDERSCORE!18!UNITO-UNDERSCORE!25!UNITO-UNDERSCORE!08
@0xAwali 0xAwali changed the title Actuall I Don Not Know What Kind Of Issue I'm Facing Now To Write Title ! Actually I Don Not Know What Kind Of Issue I'm Facing Now To Write Title ! Jul 9, 2021
@ehsandeep
Copy link
Member

@0xAwali can you please paste the complete crash log from the beginning?

@ehsandeep ehsandeep changed the title Actually I Don Not Know What Kind Of Issue I'm Facing Now To Write Title ! Unknown crash Jul 9, 2021
@ehsandeep ehsandeep added the Type: Question A query or seeking clarification on parts of the spec. Probably doesn't need the attention of all. label Jul 9, 2021
@0xAwali
Copy link
Author

0xAwali commented Jul 9, 2021

Start With This

01

Then A Lot Of

02

03

And Then Empty

04

Finally

05

@ehsandeep
Copy link
Member

@0xAwali it's a panic error for out of memory, can you confirm your machine config?

@0xAwali
Copy link
Author

0xAwali commented Jul 9, 2021

I'm Sorry But I Can't Get What You Mean So Can You Talk In Details Please , Are You Mean Size Of My Memory ?

@ehsandeep ehsandeep added Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. and removed Type: Question A query or seeking clarification on parts of the spec. Probably doesn't need the attention of all. labels Jul 9, 2021
@Ice3man543 Ice3man543 mentioned this issue Jul 10, 2021
Merged
@ehsandeep ehsandeep added the Status: Completed Nothing further to be done with this issue. Awaiting to be closed. label Jul 10, 2021
@ehsandeep
Copy link
Member

Fixed in the latest release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ehsandeep @0xAwali