From eab24eadd1773dc288eb512f7974d0d658b08da1 Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Wed, 27 Aug 2025 00:31:21 +0200 Subject: [PATCH 1/6] adding connect method with fastdialer wrap --- go.mod | 1 + go.sum | 2 ++ pkg/js/libs/oracle/oracle.go | 49 +++++++++++++++++++++++++++++- pkg/js/libs/oracle/oracledialer.go | 41 +++++++++++++++++++++++++ 4 files changed, 92 insertions(+), 1 deletion(-) create mode 100644 pkg/js/libs/oracle/oracledialer.go diff --git a/go.mod b/go.mod index db7fe22d60..979fb21d7f 100644 --- a/go.mod +++ b/go.mod @@ -110,6 +110,7 @@ require ( github.com/redis/go-redis/v9 v9.11.0 github.com/seh-msft/burpxml v1.0.1 github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 + github.com/sijms/go-ora/v2 v2.9.0 github.com/stretchr/testify v1.10.0 github.com/tarunKoyalwar/goleak v0.0.0-20240429141123-0efa90dbdcf9 github.com/yassinebenaid/godump v0.11.1 diff --git a/go.sum b/go.sum index 0c3beb503b..f91cc7219b 100644 --- a/go.sum +++ b/go.sum @@ -889,6 +889,8 @@ github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU= github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k= github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 h1:17JxqqJY66GmZVHkmAsGEkcIu0oCe3AM420QDgGwZx0= github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466/go.mod h1:9dIRpgIY7hVhoqfe0/FcYp0bpInZaT7dc3BYOprrIUE= +github.com/sijms/go-ora/v2 v2.9.0 h1:+iQbUeTeCOFMb5BsOMgUhV8KWyrv9yjKpcK4x7+MFrg= +github.com/sijms/go-ora/v2 v2.9.0/go.mod h1:QgFInVi3ZWyqAiJwzBQA+nbKYKH77tdp1PYoCqhR2dU= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= diff --git a/pkg/js/libs/oracle/oracle.go b/pkg/js/libs/oracle/oracle.go index 9d4117d853..40d7aa3c6e 100644 --- a/pkg/js/libs/oracle/oracle.go +++ b/pkg/js/libs/oracle/oracle.go @@ -2,6 +2,7 @@ package oracle import ( "context" + "database/sql" "fmt" "net" "strconv" @@ -10,6 +11,8 @@ import ( "github.com/praetorian-inc/fingerprintx/pkg/plugins" "github.com/praetorian-inc/fingerprintx/pkg/plugins/services/oracledb" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate" + go_ora "github.com/sijms/go-ora/v2" + goora "github.com/sijms/go-ora/v2" ) type ( @@ -24,6 +27,14 @@ type ( IsOracle bool Banner string } + // Client is a client for Oracle database. + // Internally client uses oracle/godror driver. + // @example + // ```javascript + // const oracle = require('nuclei/oracle'); + // const client = new oracle.OracleClient; + // ``` + OracleClient struct{} ) // IsOracle checks if a host is running an Oracle server @@ -33,7 +44,7 @@ type ( // const isOracle = oracle.IsOracle('acme.com', 1521); // log(toJSON(isOracle)); // ``` -func IsOracle(ctx context.Context, host string, port int) (IsOracleResponse, error) { +func (c *OracleClient) IsOracle(ctx context.Context, host string, port int) (IsOracleResponse, error) { executionId := ctx.Value("executionId").(string) return memoizedisOracle(executionId, host, port) } @@ -69,3 +80,39 @@ func isOracle(executionId string, host string, port int) (IsOracleResponse, erro resp.IsOracle = true return resp, nil } + +// Connect connects to an Oracle database +// @example +// ```javascript +// const oracle = require('nuclei/oracle'); +// const client = new oracle.OracleClient; +// client.Connect('acme.com', 1521, 'XE', 'user', 'password'); +// ``` +func (c *OracleClient) Connect(ctx context.Context, host string, port int, serviceName string, username string, password string) (bool, error) { + executionId := ctx.Value("executionId").(string) + + connStr := goora.BuildUrl(host, port, serviceName, username, password, nil) + + connector := goora.NewConnector(connStr) + oraConnector, ok := connector.(*go_ora.OracleConnector) + if !ok { + return false, fmt.Errorf("failed to cast connector to OracleConnector") + } + + // Create custom dialer wrapper + customDialer := &oracleCustomDialer{ + executionId: executionId, + } + + oraConnector.Dialer(customDialer) + db := sql.OpenDB(connector) + defer db.Close() + + // Test the connection + err := db.Ping() + if err != nil { + return false, err + } + + return true, nil +} diff --git a/pkg/js/libs/oracle/oracledialer.go b/pkg/js/libs/oracle/oracledialer.go new file mode 100644 index 0000000000..4d119aed04 --- /dev/null +++ b/pkg/js/libs/oracle/oracledialer.go @@ -0,0 +1,41 @@ +package oracle + +import ( + "context" + "fmt" + "net" + "time" + + "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate" +) + +// oracleCustomDialer implements the dialer interface expected by go-ora +type oracleCustomDialer struct { + executionId string +} + +func (o *oracleCustomDialer) Dial(network, address string) (net.Conn, error) { + dialers := protocolstate.GetDialersWithId(o.executionId) + if dialers == nil { + return nil, fmt.Errorf("dialers not initialized for %s", o.executionId) + } + return dialers.Fastdialer.Dial(context.TODO(), network, address) +} + +func (o *oracleCustomDialer) DialTimeout(network, address string, timeout time.Duration) (net.Conn, error) { + dialers := protocolstate.GetDialersWithId(o.executionId) + if dialers == nil { + return nil, fmt.Errorf("dialers not initialized for %s", o.executionId) + } + ctx, cancel := context.WithTimeout(context.Background(), timeout) + defer cancel() + return dialers.Fastdialer.Dial(ctx, network, address) +} + +func (o *oracleCustomDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) { + dialers := protocolstate.GetDialersWithId(o.executionId) + if dialers == nil { + return nil, fmt.Errorf("dialers not initialized for %s", o.executionId) + } + return dialers.Fastdialer.Dial(ctx, network, address) +} From 95ce17ab46fd60698edbab7e8ec5b91d2f4b3925 Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Wed, 27 Aug 2025 09:56:27 +0200 Subject: [PATCH 2/6] adding query exec --- pkg/js/generated/go/liboracle/oracle.go | 2 +- pkg/js/libs/oracle/oracle.go | 94 +++++++++++++++++++++---- pkg/js/libs/oracle/oracledialer.go | 25 +++---- 3 files changed, 95 insertions(+), 26 deletions(-) diff --git a/pkg/js/generated/go/liboracle/oracle.go b/pkg/js/generated/go/liboracle/oracle.go index 67110b4c8b..d579c34740 100644 --- a/pkg/js/generated/go/liboracle/oracle.go +++ b/pkg/js/generated/go/liboracle/oracle.go @@ -15,12 +15,12 @@ func init() { module.Set( gojs.Objects{ // Functions - "IsOracle": lib_oracle.IsOracle, // Var and consts // Objects / Classes "IsOracleResponse": gojs.GetClassConstructor[lib_oracle.IsOracleResponse](&lib_oracle.IsOracleResponse{}), + "OracleClient": gojs.GetClassConstructor[lib_oracle.OracleClient](&lib_oracle.OracleClient{}), }, ).Register() } diff --git a/pkg/js/libs/oracle/oracle.go b/pkg/js/libs/oracle/oracle.go index 40d7aa3c6e..05143ce761 100644 --- a/pkg/js/libs/oracle/oracle.go +++ b/pkg/js/libs/oracle/oracle.go @@ -10,8 +10,8 @@ import ( "github.com/praetorian-inc/fingerprintx/pkg/plugins" "github.com/praetorian-inc/fingerprintx/pkg/plugins/services/oracledb" + "github.com/projectdiscovery/nuclei/v3/pkg/js/utils" "github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate" - go_ora "github.com/sijms/go-ora/v2" goora "github.com/sijms/go-ora/v2" ) @@ -81,6 +81,23 @@ func isOracle(executionId string, host string, port int) (IsOracleResponse, erro return resp, nil } +func oracleDbInstance(connStr string, executionId string) (*goora.OracleConnector, error) { + connector := goora.NewConnector(connStr) + oraConnector, ok := connector.(*goora.OracleConnector) + if !ok { + return nil, fmt.Errorf("failed to cast connector to OracleConnector") + } + + // Create custom dialer wrapper + customDialer := &oracleCustomDialer{ + executionId: executionId, + } + + oraConnector.Dialer(customDialer) + + return oraConnector, nil +} + // Connect connects to an Oracle database // @example // ```javascript @@ -93,26 +110,77 @@ func (c *OracleClient) Connect(ctx context.Context, host string, port int, servi connStr := goora.BuildUrl(host, port, serviceName, username, password, nil) - connector := goora.NewConnector(connStr) - oraConnector, ok := connector.(*go_ora.OracleConnector) - if !ok { - return false, fmt.Errorf("failed to cast connector to OracleConnector") - } - - // Create custom dialer wrapper - customDialer := &oracleCustomDialer{ - executionId: executionId, + connector, err := oracleDbInstance(connStr, executionId) + if err != nil { + return false, err } - oraConnector.Dialer(customDialer) db := sql.OpenDB(connector) - defer db.Close() + defer func() { + _ = db.Close() + }() + + db.SetMaxOpenConns(1) + db.SetMaxIdleConns(0) // Test the connection - err := db.Ping() + err = db.Ping() if err != nil { return false, err } return true, nil } + +// ExecuteQuery connects to MS SQL database using given credentials and executes a query. +// It returns the results of the query or an error if something goes wrong. +// @example +// ```javascript +// const oracle = require('nuclei/oracle'); +// const client = new oracle.OracleClient; +// const result = client.ExecuteQuery('acme.com', 1521, 'username', 'password', 'XE', 'SELECT @@version'); +// log(to_json(result)); +// ``` +func (c *OracleClient) ExecuteQuery(ctx context.Context, host string, port int, username, password, dbName, query string) (*utils.SQLResult, error) { + executionId := ctx.Value("executionId").(string) + + if host == "" || port <= 0 { + return nil, fmt.Errorf("invalid host or port") + } + + isOracleResp, err := c.IsOracle(ctx, host, port) + if err != nil { + return nil, err + } + if !isOracleResp.IsOracle { + return nil, fmt.Errorf("not a oracle service") + } + + connStr := goora.BuildUrl(host, port, dbName, username, password, nil) + + connector, err := oracleDbInstance(connStr, executionId) + if err != nil { + return nil, err + } + db := sql.OpenDB(connector) + defer func() { + _ = db.Close() + }() + + db.SetMaxOpenConns(1) + db.SetMaxIdleConns(0) + + rows, err := db.Query(query) + if err != nil { + return nil, err + } + + data, err := utils.UnmarshalSQLRows(rows) + if err != nil { + if data != nil && len(data.Rows) > 0 { + return data, nil + } + return nil, err + } + return data, nil +} diff --git a/pkg/js/libs/oracle/oracledialer.go b/pkg/js/libs/oracle/oracledialer.go index 4d119aed04..47c62dc138 100644 --- a/pkg/js/libs/oracle/oracledialer.go +++ b/pkg/js/libs/oracle/oracledialer.go @@ -14,28 +14,29 @@ type oracleCustomDialer struct { executionId string } -func (o *oracleCustomDialer) Dial(network, address string) (net.Conn, error) { +func (o *oracleCustomDialer) dialWithCtx(ctx context.Context, network, address string) (net.Conn, error) { dialers := protocolstate.GetDialersWithId(o.executionId) if dialers == nil { return nil, fmt.Errorf("dialers not initialized for %s", o.executionId) } - return dialers.Fastdialer.Dial(context.TODO(), network, address) + if !protocolstate.IsHostAllowed(o.executionId, address) { + // host is not valid according to network policy + return nil, protocolstate.ErrHostDenied.Msgf(address) + } + return dialers.Fastdialer.Dial(ctx, network, address) +} + +func (o *oracleCustomDialer) Dial(network, address string) (net.Conn, error) { + return o.dialWithCtx(context.TODO(), network, address) } func (o *oracleCustomDialer) DialTimeout(network, address string, timeout time.Duration) (net.Conn, error) { - dialers := protocolstate.GetDialersWithId(o.executionId) - if dialers == nil { - return nil, fmt.Errorf("dialers not initialized for %s", o.executionId) - } ctx, cancel := context.WithTimeout(context.Background(), timeout) defer cancel() - return dialers.Fastdialer.Dial(ctx, network, address) + + return o.dialWithCtx(ctx, network, address) } func (o *oracleCustomDialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) { - dialers := protocolstate.GetDialersWithId(o.executionId) - if dialers == nil { - return nil, fmt.Errorf("dialers not initialized for %s", o.executionId) - } - return dialers.Fastdialer.Dial(ctx, network, address) + return o.dialWithCtx(ctx, network, address) } From 76a4aa15e708de979fbc52b52a00317f0f0c1eed Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Wed, 27 Aug 2025 12:10:25 +0200 Subject: [PATCH 3/6] execute query --- pkg/js/generated/ts/oracle.ts | 104 +++++++++++++++++++++++++++++----- pkg/js/libs/oracle/oracle.go | 42 +++++++++++--- 2 files changed, 122 insertions(+), 24 deletions(-) diff --git a/pkg/js/generated/ts/oracle.ts b/pkg/js/generated/ts/oracle.ts index 852e919e7b..35aef3476a 100755 --- a/pkg/js/generated/ts/oracle.ts +++ b/pkg/js/generated/ts/oracle.ts @@ -1,33 +1,107 @@ /** - * IsOracle checks if a host is running an Oracle server + * IsOracleResponse is the response from the IsOracle function. + * this is returned by IsOracle function. * @example * ```javascript * const oracle = require('nuclei/oracle'); - * const isOracle = oracle.IsOracle('acme.com', 1521); - * log(toJSON(isOracle)); + * const client = new oracle.OracleClient(); + * const isOracle = client.IsOracle('acme.com', 1521); * ``` */ -export function IsOracle(host: string, port: number): IsOracleResponse | null { - return null; +export interface IsOracleResponse { + IsOracle?: boolean, + Banner?: string, } - - /** - * IsOracleResponse is the response from the IsOracle function. - * this is returned by IsOracle function. + * Client is a client for Oracle database. + * Internally client uses go-ora driver. * @example * ```javascript * const oracle = require('nuclei/oracle'); - * const isOracle = oracle.IsOracle('acme.com', 1521); + * const client = new oracle.OracleClient(); * ``` */ -export interface IsOracleResponse { - - IsOracle?: boolean, - - Banner?: string, +export class OracleClient { + // Constructor of OracleClient + constructor() {} + + /** + * Connect connects to an Oracle database + * @example + * ```javascript + * const oracle = require('nuclei/oracle'); + * const client = new oracle.OracleClient(); + * client.Connect('acme.com', 1521, 'XE', 'user', 'password'); + * ``` + */ + public Connect(host: string, port: number, serviceName: string, username: string, password: string): boolean | null { + return null; + } + + /** + * ConnectWithDSN connects to an Oracle database using a DSN string + * @example + * ```javascript + * const oracle = require('nuclei/oracle'); + * const client = new oracle.OracleClient(); + * client.ConnectWithDSN('oracle://user:password@host:port/service', 'SELECT @@version'); + * ``` + */ + public ConnectWithDSN(dsn: string): boolean | null { + return null; + } + + /** + * IsOracle checks if a host is running an Oracle server + * @example + * ```javascript + * const oracle = require('nuclei/oracle'); + * const isOracle = oracle.IsOracle('acme.com', 1521); + * ``` + */ + public IsOracle(host: string, port: number): IsOracleResponse | null { + return null; + } + + /** + * ExecuteQuery connects to Oracle database using given credentials and executes a query. + * It returns the results of the query or an error if something goes wrong. + * @example + * ```javascript + * const oracle = require('nuclei/oracle'); + * const client = new oracle.OracleClient(); + * const result = client.ExecuteQuery('acme.com', 1521, 'username', 'password', 'XE', 'SELECT * FROM dual'); + * log(to_json(result)); + * ``` + */ + public ExecuteQuery(host: string, port: number, username: string, password: string, dbName: string, query: string): SQLResult | null { + return null; + } + + /** + * ExecuteQueryWithDSN executes a query on an Oracle database using a DSN + * @example + * ```javascript + * const oracle = require('nuclei/oracle'); + * const client = new oracle.OracleClient(); + * const result = client.ExecuteQueryWithDSN('oracle://user:password@host:port/service', 'SELECT * FROM dual'); + * log(to_json(result)); + * ``` + */ + public ExecuteQueryWithDSN(dsn: string, query: string): SQLResult | null { + return null; + } +} + +/** + * SQLResult Interface + */ +export interface SQLResult { + Count?: number, + Columns?: string[], + Rows?: any[], } diff --git a/pkg/js/libs/oracle/oracle.go b/pkg/js/libs/oracle/oracle.go index 05143ce761..5a0a3ad05a 100644 --- a/pkg/js/libs/oracle/oracle.go +++ b/pkg/js/libs/oracle/oracle.go @@ -32,9 +32,11 @@ type ( // @example // ```javascript // const oracle = require('nuclei/oracle'); - // const client = new oracle.OracleClient; + // const client = new oracle.OracleClient(); // ``` - OracleClient struct{} + OracleClient struct { + connector *goora.OracleConnector + } ) // IsOracle checks if a host is running an Oracle server @@ -81,7 +83,11 @@ func isOracle(executionId string, host string, port int) (IsOracleResponse, erro return resp, nil } -func oracleDbInstance(connStr string, executionId string) (*goora.OracleConnector, error) { +func (c *OracleClient) oracleDbInstance(connStr string, executionId string) (*goora.OracleConnector, error) { + if c.connector != nil { + return c.connector, nil + } + connector := goora.NewConnector(connStr) oraConnector, ok := connector.(*goora.OracleConnector) if !ok { @@ -95,6 +101,8 @@ func oracleDbInstance(connStr string, executionId string) (*goora.OracleConnecto oraConnector.Dialer(customDialer) + c.connector = oraConnector + return oraConnector, nil } @@ -106,11 +114,15 @@ func oracleDbInstance(connStr string, executionId string) (*goora.OracleConnecto // client.Connect('acme.com', 1521, 'XE', 'user', 'password'); // ``` func (c *OracleClient) Connect(ctx context.Context, host string, port int, serviceName string, username string, password string) (bool, error) { - executionId := ctx.Value("executionId").(string) - connStr := goora.BuildUrl(host, port, serviceName, username, password, nil) - connector, err := oracleDbInstance(connStr, executionId) + return c.ConnectWithDSN(ctx, connStr) +} + +func (c *OracleClient) ConnectWithDSN(ctx context.Context, dsn string) (bool, error) { + executionId := ctx.Value("executionId").(string) + + connector, err := c.oracleDbInstance(dsn, executionId) if err != nil { return false, err } @@ -142,8 +154,6 @@ func (c *OracleClient) Connect(ctx context.Context, host string, port int, servi // log(to_json(result)); // ``` func (c *OracleClient) ExecuteQuery(ctx context.Context, host string, port int, username, password, dbName, query string) (*utils.SQLResult, error) { - executionId := ctx.Value("executionId").(string) - if host == "" || port <= 0 { return nil, fmt.Errorf("invalid host or port") } @@ -158,7 +168,21 @@ func (c *OracleClient) ExecuteQuery(ctx context.Context, host string, port int, connStr := goora.BuildUrl(host, port, dbName, username, password, nil) - connector, err := oracleDbInstance(connStr, executionId) + return c.ExecuteQueryWithDSN(ctx, connStr, query) +} + +// ExecuteQueryWithDSN executes a query on an Oracle database using a DSN +// @example +// ```javascript +// const oracle = require('nuclei/oracle'); +// const client = new oracle.OracleClient; +// const result = client.ExecuteQueryWithDSN('oracle://user:password@host:port/service', 'SELECT @@version'); +// log(to_json(result)); +// ``` +func (c *OracleClient) ExecuteQueryWithDSN(ctx context.Context, dsn string, query string) (*utils.SQLResult, error) { + executionId := ctx.Value("executionId").(string) + + connector, err := c.oracleDbInstance(dsn, executionId) if err != nil { return nil, err } From 0dbffa9395d0ef916088f791f3c2c3738f513fb8 Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Wed, 27 Aug 2025 12:56:21 +0200 Subject: [PATCH 4/6] adding integration test --- cmd/integration-test/javascript.go | 61 +++++++++++++++++-- .../testcases/oracle-auth-test.yaml | 31 ++++++++++ 2 files changed, 88 insertions(+), 4 deletions(-) create mode 100644 pkg/protocols/javascript/testcases/oracle-auth-test.yaml diff --git a/cmd/integration-test/javascript.go b/cmd/integration-test/javascript.go index e45f122c30..61516abd26 100644 --- a/cmd/integration-test/javascript.go +++ b/cmd/integration-test/javascript.go @@ -15,13 +15,15 @@ var jsTestcases = []TestCaseInfo{ {Path: "protocols/javascript/ssh-server-fingerprint.yaml", TestCase: &javascriptSSHServerFingerprint{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }}, {Path: "protocols/javascript/net-multi-step.yaml", TestCase: &networkMultiStep{}}, {Path: "protocols/javascript/net-https.yaml", TestCase: &javascriptNetHttps{}}, + {Path: "protocols/javascript/oracle-auth-test.yaml", TestCase: &javascriptOracleAuthTest{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }}, } var ( - redisResource *dockertest.Resource - sshResource *dockertest.Resource - pool *dockertest.Pool - defaultRetry = 3 + redisResource *dockertest.Resource + sshResource *dockertest.Resource + oracleResource *dockertest.Resource + pool *dockertest.Pool + defaultRetry = 3 ) type javascriptNetHttps struct{} @@ -98,6 +100,38 @@ func (j *javascriptSSHServerFingerprint) Execute(filePath string) error { return multierr.Combine(errs...) } +type javascriptOracleAuthTest struct{} + +func (j *javascriptOracleAuthTest) Execute(filePath string) error { + if oracleResource == nil || pool == nil { + // skip test as oracle is not running + return nil + } + tempPort := oracleResource.GetPort("1521/tcp") + finalURL := "localhost:" + tempPort + defer purge(oracleResource) + errs := []error{} + for i := 0; i < defaultRetry; i++ { + results := []string{} + var err error + _ = pool.Retry(func() error { + //let ssh server start + time.Sleep(3 * time.Second) + results, err = testutils.RunNucleiTemplateAndGetResults(filePath, finalURL, debug) + return nil + }) + if err != nil { + return err + } + if err := expectResultsCount(results, 1); err == nil { + return nil + } else { + errs = append(errs, err) + } + } + return multierr.Combine(errs...) +} + // purge any given resource if it is not nil func purge(resource *dockertest.Resource) { if resource != nil && pool != nil { @@ -163,4 +197,23 @@ func init() { if err := sshResource.Expire(30); err != nil { log.Printf("Could not expire resource: %s", err) } + + // setup a temporary oracle instance + oracleResource, err = pool.RunWithOptions(&dockertest.RunOptions{ + Repository: "gvenzl/oracle-xe", + Tag: "latest", + Env: []string{ + "ORACLE_PASSWORD=mysecret", + }, + Platform: "linux/amd64", + }) + if err != nil { + log.Printf("Could not start Oracle resource: %s", err) + return + } + + // by default expire after 30 sec + if err := oracleResource.Expire(30); err != nil { + log.Printf("Could not expire Oracle resource: %s", err) + } } diff --git a/pkg/protocols/javascript/testcases/oracle-auth-test.yaml b/pkg/protocols/javascript/testcases/oracle-auth-test.yaml new file mode 100644 index 0000000000..3ff49ea5fc --- /dev/null +++ b/pkg/protocols/javascript/testcases/oracle-auth-test.yaml @@ -0,0 +1,31 @@ +id: oracle-auth-test + +info: + name: Oracle - Authentication Test + author: pdteam + severity: info + tags: js,oracle,network,auth + +javascript: + - pre-condition: | + isPortOpen(Host,Port); + code: | + let o = require('nuclei/oracle'); + let c = o.OracleClient(); + c.Connect(Host, Port, ServiceName, User, Pass); + + args: + ServiceName: "XE" + Host: "{{Host}}" + Port: "1521" + User: "system" + Pass: "{{passwords}}" + + payloads: + passwords: + - mysecret + + matchers: + - type: dsl + dsl: + - "response == true" \ No newline at end of file From 845e9e7dfbda0d21f20903ccf6632d1eb2d36112 Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Fri, 12 Sep 2025 10:09:49 +0200 Subject: [PATCH 5/6] fixing rebase auto-mess --- .github/DISCUSSION_TEMPLATE.md | 76 ++++++++++++++++++ .github/ISSUE_TEMPLATE/config.yml | 24 ++++-- .../reference-templates/README.md | 45 +++++++++++ .../bug-report-reference.yml | 79 +++++++++++++++++++ .../feature-request-reference.yml | 37 +++++++++ .github/workflows/auto-merge.yaml | 2 +- .github/workflows/compat-checks.yaml | 2 +- .github/workflows/generate-docs.yaml | 2 +- .github/workflows/generate-pgo.yaml | 2 +- .github/workflows/govulncheck.yaml | 2 +- .github/workflows/perf-regression.yaml | 2 +- .github/workflows/perf-test.yaml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/stale.yaml | 2 +- .github/workflows/tests.yaml | 18 ++--- 15 files changed, 271 insertions(+), 26 deletions(-) create mode 100644 .github/DISCUSSION_TEMPLATE.md create mode 100644 .github/ISSUE_TEMPLATE/reference-templates/README.md create mode 100644 .github/ISSUE_TEMPLATE/reference-templates/bug-report-reference.yml create mode 100644 .github/ISSUE_TEMPLATE/reference-templates/feature-request-reference.yml diff --git a/.github/DISCUSSION_TEMPLATE.md b/.github/DISCUSSION_TEMPLATE.md new file mode 100644 index 0000000000..4c1367265e --- /dev/null +++ b/.github/DISCUSSION_TEMPLATE.md @@ -0,0 +1,76 @@ +# Nuclei Discussion Guidelines + +## Before Creating a Discussion + +1. **Search existing discussions and issues** to avoid duplicates +2. **Check the documentation** and README first +3. **Browse the FAQ** and common questions + +## Bug Reports in Discussions + +When reporting a bug in [Q&A Discussions](https://github.com/projectdiscovery/nuclei/discussions/categories/q-a), please include: + +### Required Information: +- **Clear title** with `[BUG]` prefix (e.g., "[BUG] Nuclei crashes when...") +- **Current behavior** - What's happening now? +- **Expected behavior** - What should happen instead? +- **Steps to reproduce** - Commands or actions that trigger the issue +- **Environment details**: + - OS and version + - Nuclei version (`nuclei -version`) + - Go version (if installed via `go install`) +- **Log output** - Run with `-verbose` or `-debug` for detailed logs +- **Redact sensitive information** - Remove target URLs, credentials, etc. + +### After Discussion: +- Maintainers will review and validate the bug report +- Valid bugs will be converted to issues with proper labels and tracking +- Questions and misconfigurations will be resolved in the discussion + +## Feature Requests in Discussions + +When requesting a feature in [Ideas Discussions](https://github.com/projectdiscovery/nuclei/discussions/categories/ideas), please include: + +### Required Information: +- **Clear title** with `[FEATURE]` prefix (e.g., "[FEATURE] Add support for...") +- **Feature description** - What do you want to be added? +- **Use case** - Why is this feature needed? What problem does it solve? +- **Implementation ideas** - If you have suggestions on how it could work +- **Alternatives considered** - What other solutions have you thought about? + +### After Discussion: +- Community and maintainers will discuss the feasibility +- Popular and viable features will be converted to issues +- Similar features may be grouped together +- Rejected features will be explained in the discussion + +## Getting Help + +For general questions, troubleshooting, and "how-to" topics: +- Use [Q&A Discussions](https://github.com/projectdiscovery/nuclei/discussions/categories/q-a) +- Join the [Discord server](https://discord.gg/projectdiscovery) #nuclei channel +- Check existing discussions for similar questions + +## Discussion to Issue Conversion Process + +Only maintainers can convert discussions to issues. The process: + +1. **Validation** - Maintainers review the discussion for completeness and validity +2. **Classification** - Determine if it's a bug, feature, enhancement, etc. +3. **Issue creation** - Create a properly formatted issue with appropriate labels +4. **Linking** - Link the issue back to the original discussion +5. **Resolution** - Mark the discussion as resolved or close it + +This process ensures: +- High-quality issues that are actionable +- Proper triage and labeling +- Reduced noise in the issue tracker +- Community involvement in the validation process + +## Why This Process? + +- **Better organization** - Issues contain only validated, actionable items +- **Community input** - Discussions allow for community feedback before escalation +- **Quality control** - Maintainers ensure proper formatting and information +- **Reduced maintenance** - Fewer invalid or duplicate issues to manage +- **Clear separation** - Questions vs. actual bugs/features are clearly distinguished diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index d849b10322..4a0c58e23b 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -2,14 +2,22 @@ blank_issues_enabled: false contact_links: - - name: Ask an question / advise on using nuclei - url: https://github.com/projectdiscovery/nuclei/discussions/categories/q-a - about: Ask a question or request support for using nuclei + - name: 🐛 Report a Bug (Start with Discussion) + url: https://github.com/orgs/projectdiscovery/discussions/new?category=q-a + about: Start by reporting your issue in discussions for proper triage. Issues will be created after review to avoid duplicate/invalid reports. - - name: Share idea / feature to discuss for nuclei - url: https://github.com/projectdiscovery/nuclei/discussions/categories/ideas - about: Share idea / feature to discuss for nuclei + - name: 💡 Request a Feature (Start with Discussion) + url: https://github.com/orgs/projectdiscovery/discussions/new?category=ideas + about: Share your feature idea in discussions first. This helps validate and refine the request before creating an issue. - - name: Connect with PD Team (Discord) + - name: ❓ Ask Questions / Get Help + url: https://github.com/orgs/projectdiscovery/discussions + about: Get help and ask questions about using Nuclei. Many questions don't require issues. + + - name: 🔍 Browse Existing Issues + url: https://github.com/projectdiscovery/nuclei/issues + about: Check existing issues to see if your problem has already been reported or is being worked on. + + - name: 💬 Connect with PD Team (Discord) url: https://discord.gg/projectdiscovery - about: Connect with PD Team for direct communication \ No newline at end of file + about: Join our Discord for real-time discussions and community support on the #nuclei channel. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/reference-templates/README.md b/.github/ISSUE_TEMPLATE/reference-templates/README.md new file mode 100644 index 0000000000..c170ea1c71 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/reference-templates/README.md @@ -0,0 +1,45 @@ +# Issue Template References + +## Overview + +This folder contains the preserved issue templates that are **not** directly accessible to users. These templates serve as references for maintainers when converting discussions to issues. + +## New Workflow + +### For Users: +1. **All reports start in Discussions** - Users cannot create issues directly +2. Bug reports go to [Q&A Discussions](https://github.com/projectdiscovery/nuclei/discussions/categories/q-a) +3. Feature requests go to [Ideas Discussions](https://github.com/projectdiscovery/nuclei/discussions/categories/ideas) +4. This helps filter out duplicate questions, invalid reports, and ensures proper triage + +### For Maintainers: +1. **Review discussions** in both Q&A and Ideas categories +2. **Validate the reports** - ensure they're actual bugs/valid feature requests +3. **Use reference templates** when converting discussions to issues: + - Copy content from `bug-report-reference.yml` or `feature-request-reference.yml` + - Create a new issue manually with the appropriate template structure + - Link back to the original discussion + - Close the discussion or mark it as resolved + +## Benefits + +- **Better triage**: Avoid cluttering issues with questions and invalid reports +- **Community involvement**: Discussions allow for community input before creating issues +- **Quality control**: Maintainers can ensure issues follow proper format and contain necessary information +- **Reduced noise**: Only validated, actionable items become issues + +## Reference Templates + +- `bug-report-reference.yml` - Use when converting bug reports from discussions to issues +- `feature-request-reference.yml` - Use when converting feature requests from discussions to issues + +## Converting a Discussion to Issue + +1. Identify a valid discussion that needs to become an issue +2. Go to the main repository's Issues tab +3. Click "New Issue" +4. Manually create the issue using the reference template structure +5. Include all relevant information from the discussion +6. Add a comment linking back to the original discussion +7. Apply appropriate labels +8. Close or mark the discussion as resolved with a link to the created issue diff --git a/.github/ISSUE_TEMPLATE/reference-templates/bug-report-reference.yml b/.github/ISSUE_TEMPLATE/reference-templates/bug-report-reference.yml new file mode 100644 index 0000000000..d6cabc4251 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/reference-templates/bug-report-reference.yml @@ -0,0 +1,79 @@ +name: Bug Report +description: Create a report to help us to improve the Nuclei. +title: "[BUG] ..." +labels: ["Type: Bug"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + + For support requests, FAQs or "How to" questions, please use the [GitHub Discussions](https://github.com/projectdiscovery/nuclei/discussions) section instead or join our [Discord server](https://discord.gg/projectdiscovery) to discuss the idea on the **#nuclei** channel. + + :warning: **Issues missing important information may be closed without further investigation.** + - type: checkboxes + attributes: + label: Is there an existing issue for this? + description: Please search to see if an issue already exists for the bug you encountered. + options: + - label: I have searched the existing issues. + required: true + - type: textarea + attributes: + label: Current Behavior + description: A concise description of what you're experiencing. + validations: + required: true + - type: textarea + attributes: + label: Expected Behavior + description: A concise description of what you expected to happen. + validations: + required: true + - type: textarea + attributes: + label: Steps To Reproduce + description: | + Steps to reproduce the behavior, for example, commands to run Nuclei. + + 📝 For a more detailed output that could help in troubleshooting, you may want to run Nuclei with the **`-verbose`** or **`-debug`** flags. This will provide additional insights into what's happening under the hood. + + :warning: **Please redact any literal target hosts/URLs or other sensitive information.** + placeholder: | + 1. Run `nuclei -t ...` + validations: + required: true + - type: textarea + attributes: + label: Relevant log output + description: | + Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + + 📝 For a more detailed output that could help in troubleshooting, you may want to run Nuclei with the **`-verbose`** or **`-debug`** flags. This will provide additional insights into what's happening under the hood. + + :warning: **Please redact any literal target hosts/URLs or other sensitive information.** + render: shell + - type: textarea + attributes: + label: Environment + description: | + Examples: + - **OS**: Ubuntu 20.04 + - **Nuclei** (`nuclei -version`): v3.3.1 + - **Go** (`go version`): go1.22.0 _(only if you've installed it via the `go install` command)_ + value: | + - OS: + - Nuclei: + - Go: + render: markdown + validations: + required: true + - type: textarea + attributes: + label: Anything else? + description: | + Links? References? Templates? Anything that will give us more context about the issue you are encountering! + + Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in. + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/reference-templates/feature-request-reference.yml b/.github/ISSUE_TEMPLATE/reference-templates/feature-request-reference.yml new file mode 100644 index 0000000000..ccc1b86298 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/reference-templates/feature-request-reference.yml @@ -0,0 +1,37 @@ +name: Feature Request +description: Request feature to implement in the Nuclei. +title: "[FEATURE] ..." +labels: ["Type: Enhancement"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this feature request! + + Please make sure to provide a detailed description with all the relevant information that might be required to start working on this feature. In case you are not sure about your request or whether the particular feature is already supported or not, please [start a discussion](https://github.com/projectdiscovery/nuclei/discussions/categories/ideas) instead. + + Join our [Discord server](https://discord.gg/projectdiscovery) to discuss the idea on the **#nuclei** channel. + - type: textarea + attributes: + label: Describe your feature request + description: A clear and concise description of feature to implement. + validations: + required: true + - type: textarea + attributes: + label: Describe the use case of the feature + description: A clear and concise description of the feature request's motivation and the use-cases in which it could be useful. + validations: + required: true + - type: textarea + attributes: + label: Describe alternatives you've considered + description: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + - type: textarea + attributes: + label: Additional context + description: Add any other context about the feature request here. + validations: + required: false diff --git a/.github/workflows/auto-merge.yaml b/.github/workflows/auto-merge.yaml index 0ff3098e6b..ad2890ddaf 100644 --- a/.github/workflows/auto-merge.yaml +++ b/.github/workflows/auto-merge.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest if: github.actor == 'dependabot[bot]' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.DEPENDABOT_PAT }} diff --git a/.github/workflows/compat-checks.yaml b/.github/workflows/compat-checks.yaml index 589b9a2f14..8a9080b904 100644 --- a/.github/workflows/compat-checks.yaml +++ b/.github/workflows/compat-checks.yaml @@ -13,7 +13,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go/compat-checks@v1 with: release-test: true diff --git a/.github/workflows/generate-docs.yaml b/.github/workflows/generate-docs.yaml index 939b9bc693..a68ff7d972 100644 --- a/.github/workflows/generate-docs.yaml +++ b/.github/workflows/generate-docs.yaml @@ -11,7 +11,7 @@ jobs: if: "${{ !endsWith(github.actor, '[bot]') }}" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - uses: projectdiscovery/actions/setup/git@v1 - run: make syntax-docs diff --git a/.github/workflows/generate-pgo.yaml b/.github/workflows/generate-pgo.yaml index 463e7d686e..c10743b984 100644 --- a/.github/workflows/generate-pgo.yaml +++ b/.github/workflows/generate-pgo.yaml @@ -28,7 +28,7 @@ jobs: LIST_FILE: "/tmp/targets-${{ matrix.targets }}.txt" PROFILE_MEM: "/tmp/nuclei-profile-${{ matrix.targets }}-targets" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/git@v1 - uses: projectdiscovery/actions/setup/go@v1 - name: Generate list diff --git a/.github/workflows/govulncheck.yaml b/.github/workflows/govulncheck.yaml index 1a116fa8f9..9796b709e6 100644 --- a/.github/workflows/govulncheck.yaml +++ b/.github/workflows/govulncheck.yaml @@ -16,7 +16,7 @@ jobs: env: OUTPUT: "/tmp/results.sarif" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - run: go install golang.org/x/vuln/cmd/govulncheck@latest - run: govulncheck -scan package -format sarif ./... > $OUTPUT diff --git a/.github/workflows/perf-regression.yaml b/.github/workflows/perf-regression.yaml index 090f722ebb..8e7e7eed5f 100644 --- a/.github/workflows/perf-regression.yaml +++ b/.github/workflows/perf-regression.yaml @@ -11,7 +11,7 @@ jobs: env: BENCH_OUT: "/tmp/bench.out" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - run: make build-test - run: ./bin/nuclei.test -test.run - -test.bench=. -test.benchmem ./cmd/nuclei/ | tee $BENCH_OUT diff --git a/.github/workflows/perf-test.yaml b/.github/workflows/perf-test.yaml index 94dec5cbdc..4ee8408c9d 100644 --- a/.github/workflows/perf-test.yaml +++ b/.github/workflows/perf-test.yaml @@ -16,7 +16,7 @@ jobs: LIST_FILE: "/tmp/targets-${{ matrix.count }}.txt" PROFILE_MEM: "/tmp/nuclei-perf-test-${{ matrix.count }}" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - run: make verify - name: Generate list diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3eb36e7e22..4d9d412dda 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,7 +10,7 @@ jobs: release: runs-on: ubuntu-latest-16-cores steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 - uses: projectdiscovery/actions/setup/go@v1 diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 2b336b6711..efa88506da 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -13,7 +13,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@v9 + - uses: actions/stale@v10 with: days-before-stale: 90 days-before-close: 7 diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index f8297c107c..cc7f7b989f 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -22,7 +22,7 @@ jobs: if: "${{ !endsWith(github.actor, '[bot]') }}" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - uses: projectdiscovery/actions/golangci-lint/v2@v1 @@ -35,7 +35,7 @@ jobs: os: [ubuntu-latest, windows-latest, macOS-latest] runs-on: "${{ matrix.os }}" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - run: make vet - run: make build @@ -52,7 +52,7 @@ jobs: needs: ["tests"] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - name: "Simple" run: go run . @@ -74,7 +74,7 @@ jobs: os: [ubuntu-latest, windows-latest, macOS-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - uses: projectdiscovery/actions/setup/python@v1 - run: bash run.sh "${{ matrix.os }}" @@ -93,7 +93,7 @@ jobs: os: [ubuntu-latest, windows-latest, macOS-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - uses: projectdiscovery/actions/setup/python@v1 - run: bash run.sh @@ -106,7 +106,7 @@ jobs: needs: ["tests"] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - run: make template-validate @@ -119,7 +119,7 @@ jobs: contents: read security-events: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: github/codeql-action/init@v3 with: languages: 'go' @@ -131,7 +131,7 @@ jobs: needs: ["tests"] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: projectdiscovery/actions/setup/go@v1 - uses: projectdiscovery/actions/goreleaser@v1 @@ -143,7 +143,7 @@ jobs: TARGET_URL: "http://scanme.sh/a/?b=c" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: make build - name: "Setup environment (push)" if: ${{ github.event_name == 'push' }} From ea056197a849775d3fb3451ebdf8c2fa1dfbe6cc Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Fri, 12 Sep 2025 10:11:44 +0200 Subject: [PATCH 6/6] outdated templates --- .github/ISSUE_TEMPLATE/bug-report.yml | 79 ---------------------- .github/ISSUE_TEMPLATE/feature-request.yml | 37 ---------- 2 files changed, 116 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/bug-report.yml delete mode 100644 .github/ISSUE_TEMPLATE/feature-request.yml diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml deleted file mode 100644 index d6cabc4251..0000000000 --- a/.github/ISSUE_TEMPLATE/bug-report.yml +++ /dev/null @@ -1,79 +0,0 @@ -name: Bug Report -description: Create a report to help us to improve the Nuclei. -title: "[BUG] ..." -labels: ["Type: Bug"] -body: - - type: markdown - attributes: - value: | - Thanks for taking the time to fill out this bug report! - - For support requests, FAQs or "How to" questions, please use the [GitHub Discussions](https://github.com/projectdiscovery/nuclei/discussions) section instead or join our [Discord server](https://discord.gg/projectdiscovery) to discuss the idea on the **#nuclei** channel. - - :warning: **Issues missing important information may be closed without further investigation.** - - type: checkboxes - attributes: - label: Is there an existing issue for this? - description: Please search to see if an issue already exists for the bug you encountered. - options: - - label: I have searched the existing issues. - required: true - - type: textarea - attributes: - label: Current Behavior - description: A concise description of what you're experiencing. - validations: - required: true - - type: textarea - attributes: - label: Expected Behavior - description: A concise description of what you expected to happen. - validations: - required: true - - type: textarea - attributes: - label: Steps To Reproduce - description: | - Steps to reproduce the behavior, for example, commands to run Nuclei. - - 📝 For a more detailed output that could help in troubleshooting, you may want to run Nuclei with the **`-verbose`** or **`-debug`** flags. This will provide additional insights into what's happening under the hood. - - :warning: **Please redact any literal target hosts/URLs or other sensitive information.** - placeholder: | - 1. Run `nuclei -t ...` - validations: - required: true - - type: textarea - attributes: - label: Relevant log output - description: | - Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. - - 📝 For a more detailed output that could help in troubleshooting, you may want to run Nuclei with the **`-verbose`** or **`-debug`** flags. This will provide additional insights into what's happening under the hood. - - :warning: **Please redact any literal target hosts/URLs or other sensitive information.** - render: shell - - type: textarea - attributes: - label: Environment - description: | - Examples: - - **OS**: Ubuntu 20.04 - - **Nuclei** (`nuclei -version`): v3.3.1 - - **Go** (`go version`): go1.22.0 _(only if you've installed it via the `go install` command)_ - value: | - - OS: - - Nuclei: - - Go: - render: markdown - validations: - required: true - - type: textarea - attributes: - label: Anything else? - description: | - Links? References? Templates? Anything that will give us more context about the issue you are encountering! - - Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in. - validations: - required: false diff --git a/.github/ISSUE_TEMPLATE/feature-request.yml b/.github/ISSUE_TEMPLATE/feature-request.yml deleted file mode 100644 index ccc1b86298..0000000000 --- a/.github/ISSUE_TEMPLATE/feature-request.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Feature Request -description: Request feature to implement in the Nuclei. -title: "[FEATURE] ..." -labels: ["Type: Enhancement"] -body: - - type: markdown - attributes: - value: | - Thanks for taking the time to fill out this feature request! - - Please make sure to provide a detailed description with all the relevant information that might be required to start working on this feature. In case you are not sure about your request or whether the particular feature is already supported or not, please [start a discussion](https://github.com/projectdiscovery/nuclei/discussions/categories/ideas) instead. - - Join our [Discord server](https://discord.gg/projectdiscovery) to discuss the idea on the **#nuclei** channel. - - type: textarea - attributes: - label: Describe your feature request - description: A clear and concise description of feature to implement. - validations: - required: true - - type: textarea - attributes: - label: Describe the use case of the feature - description: A clear and concise description of the feature request's motivation and the use-cases in which it could be useful. - validations: - required: true - - type: textarea - attributes: - label: Describe alternatives you've considered - description: A clear and concise description of any alternative solutions or features you've considered. - validations: - required: false - - type: textarea - attributes: - label: Additional context - description: Add any other context about the feature request here. - validations: - required: false