Adding support to scan all v4/v6 IPs

v2/cmd/integration-test/code.go

@@ -23,6 +23,7 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/output"
 	"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/hosterrorscache"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/interactsh"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit"
@@ -123,7 +124,7 @@ func executeNucleiAsCode(templatePath, templateURL string) ([]string, error) {
 	}
 	store.Load()
 
-	input := &inputs.SimpleInputProvider{Inputs: []string{templateURL}}
+	input := &inputs.SimpleInputProvider{Inputs: []*contextargs.MetaInput{{Input: templateURL}}}
 	_ = engine.Execute(store.Templates(), input)
 	engine.WorkPool().Wait() // Wait for the scan to finish
 

v2/cmd/nuclei/main.go

@@ -125,6 +125,8 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.StringSliceVarP(&options.Targets, "target", "u", []string{}, "target URLs/hosts to scan", goflags.StringSliceOptions),
 		flagSet.StringVarP(&options.TargetsFilePath, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
 		flagSet.StringVar(&options.Resume, "resume", "", "Resume scan using resume.cfg (clustering will be disabled)"),
+		flagSet.BoolVarP(&options.ScanAllIPs, "scan-all-ips", "sa", false, "Scan all the ip's associated with dns record"),
+		flagSet.StringVarP(&options.IPVersion, "ip-version", "iv", "any", "IP version to scan of hostname (4,6,any) - (default any)"),
 	)
 
 	flagSet.CreateGroup("templates", "Templates",

v2/internal/runner/enumerate.go

@@ -19,6 +19,7 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/core"
 	"github.com/projectdiscovery/nuclei/v2/pkg/output"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
 	"go.uber.org/atomic"
 )
 
@@ -84,8 +85,8 @@ func (r *Runner) runCloudEnumeration(store *loader.Store, nostore bool) (*atomic
 	// TODO: Add payload file and workflow support for private templates
 	catalogChecksums := nucleicloud.ReadCatalogChecksum()
 
-	targets := make([]string, 0, r.hmapInputProvider.Count())
-	r.hmapInputProvider.Scan(func(value string) bool {
+	targets := make([]*contextargs.MetaInput, 0, r.hmapInputProvider.Count())
+	r.hmapInputProvider.Scan(func(value *contextargs.MetaInput) bool {
 		targets = append(targets, value)
 		return true
 	})

v2/internal/runner/inputs.go

@@ -9,6 +9,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/hmap/store/hybrid"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/http/httpclientpool"
 	"github.com/projectdiscovery/retryablehttp-go"
 	"github.com/remeh/sizedwaitgroup"
@@ -37,18 +38,18 @@ func (r *Runner) initializeTemplatesHTTPInput() (*hybrid.HybridMap, error) {
 	// Probe the non-standard URLs and store them in cache
 	swg := sizedwaitgroup.New(bulkSize)
 	count := int32(0)
-	r.hmapInputProvider.Scan(func(value string) bool {
-		if strings.HasPrefix(value, "http://") || strings.HasPrefix(value, "https://") {
+	r.hmapInputProvider.Scan(func(value *contextargs.MetaInput) bool {
+		if strings.HasPrefix(value.Input, "http://") || strings.HasPrefix(value.Input, "https://") {
 			return true
 		}
 
 		swg.Add()
-		go func(input string) {
+		go func(input *contextargs.MetaInput) {
 			defer swg.Done()
 
-			if result := probeURL(input, httpclient); result != "" {
+			if result := probeURL(input.Input, httpclient); result != "" {
 				atomic.AddInt32(&count, 1)
-				_ = hm.Set(input, []byte(result))
+				_ = hm.Set(input.String(), []byte(result))
 			}
 		}(value)
 		return true

v2/internal/runner/nucleicloud/types.go

@@ -1,11 +1,15 @@
 package nucleicloud
 
-import "time"
+import (
+	"time"
+
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
+)
 
 // AddScanRequest is a nuclei scan input item.
 type AddScanRequest struct {
 	// RawTargets is a list of raw target URLs for the scan.
-	RawTargets []string `json:"raw_targets,omitempty"`
+	RawTargets []*contextargs.MetaInput `json:"raw_targets,omitempty"`
 	// PublicTemplates is a list of public templates for the scan
 	PublicTemplates []string `json:"public_templates,omitempty"`
 	// PrivateTemplates is a map of template-name->contents that

v2/internal/runner/runner.go

@@ -37,6 +37,7 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/projectfile"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/automaticscan"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/hosterrorscache"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/interactsh"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit"
@@ -474,8 +475,8 @@ func (r *Runner) RunEnumeration() error {
 
 func (r *Runner) isInputNonHTTP() bool {
 	var nonURLInput bool
-	r.hmapInputProvider.Scan(func(value string) bool {
-		if !strings.Contains(value, "://") {
+	r.hmapInputProvider.Scan(func(value *contextargs.MetaInput) bool {
+		if !strings.Contains(value.Input, "://") {
 			nonURLInput = true
 			return false
 		}

v2/pkg/core/engine.go

@@ -2,6 +2,7 @@ package core
 
 import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
 	"github.com/projectdiscovery/nuclei/v2/pkg/types"
 )
 
@@ -29,7 +30,7 @@ type InputProvider interface {
 	Count() int64
 	// Scan iterates the input and each found item is passed to the
 	// callback consumer.
-	Scan(callback func(value string) bool)
+	Scan(callback func(value *contextargs.MetaInput) bool)
 }
 
 // New returns a new Engine instance

v2/pkg/core/execute.go

@@ -43,6 +43,8 @@ func (e *Engine) ExecuteWithOpts(templatesList []*templates.Template, target Inp
 
 		wg.Add()
 		go func(tpl *templates.Template) {
+			defer wg.Done()
+
 			switch {
 			case tpl.SelfContained:
 				// Self Contained requests are executed here separately
@@ -51,7 +53,6 @@ func (e *Engine) ExecuteWithOpts(templatesList []*templates.Template, target Inp
 				// All other request types are executed here
 				e.executeModelWithInput(templateType, tpl, target, results)
 			}
-			wg.Done()
 		}(template)
 	}
 	e.workPool.Wait()
@@ -98,7 +99,7 @@ func (e *Engine) executeModelWithInput(templateType types.ProtocolType, template
 		currentInfo.Unlock()
 	}
 
-	target.Scan(func(scannedValue string) bool {
+	target.Scan(func(scannedValue *contextargs.MetaInput) bool {
 		// Best effort to track the host progression
 		// skips indexes lower than the minimum in-flight at interruption time
 		var skip bool
@@ -122,12 +123,12 @@ func (e *Engine) executeModelWithInput(templateType types.ProtocolType, template
 		currentInfo.Unlock()
 
 		// Skip if the host has had errors
-		if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(scannedValue) {
+		if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(scannedValue.String()) {
 			return true
 		}
 
 		wg.WaitGroup.Add()
-		go func(index uint32, skip bool, value string) {
+		go func(index uint32, skip bool, value *contextargs.MetaInput) {
 			defer wg.WaitGroup.Done()
 			defer cleanupInFlight(index)
 			if skip {
@@ -141,7 +142,7 @@ func (e *Engine) executeModelWithInput(templateType types.ProtocolType, template
 				match = e.executeWorkflow(value, template.CompiledWorkflow)
 			default:
 				ctxArgs := contextargs.New()
-				ctxArgs.Input = value
+				ctxArgs.MetaInput = value
 				match, err = template.Executer.Execute(ctxArgs)
 			}
 			if err != nil {
@@ -188,14 +189,14 @@ func (e *Engine) ExecuteWithResults(templatesList []*templates.Template, target
 func (e *Engine) executeModelWithInputAndResult(templateType types.ProtocolType, template *templates.Template, target InputProvider, results *atomic.Bool, callback func(*output.ResultEvent)) {
 	wg := e.workPool.InputPool(templateType)
 
-	target.Scan(func(scannedValue string) bool {
+	target.Scan(func(scannedValue *contextargs.MetaInput) bool {
 		// Skip if the host has had errors
-		if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(scannedValue) {
+		if e.executerOpts.HostErrorsCache != nil && e.executerOpts.HostErrorsCache.Check(scannedValue.String()) {
 			return true
 		}
 
 		wg.WaitGroup.Add()
-		go func(value string) {
+		go func(value *contextargs.MetaInput) {
 			defer wg.WaitGroup.Done()
 
 			var match bool
@@ -205,7 +206,7 @@ func (e *Engine) executeModelWithInputAndResult(templateType types.ProtocolType,
 				match = e.executeWorkflow(value, template.CompiledWorkflow)
 			default:
 				ctxArgs := contextargs.New()
-				ctxArgs.Input = value
+				ctxArgs.MetaInput = value
 				err = template.Executer.ExecuteWithResults(ctxArgs, func(event *output.InternalWrappedEvent) {
 					for _, result := range event.Results {
 						callback(result)
@@ -235,7 +236,7 @@ func (e *ChildExecuter) Close() *atomic.Bool {
 }
 
 // Execute executes a template and URLs
-func (e *ChildExecuter) Execute(template *templates.Template, URL string) {
+func (e *ChildExecuter) Execute(template *templates.Template, value *contextargs.MetaInput) {
 	templateType := template.Type()
 
 	var wg *sizedwaitgroup.SizedWaitGroup
@@ -247,14 +248,15 @@ func (e *ChildExecuter) Execute(template *templates.Template, URL string) {
 
 	wg.Add()
 	go func(tpl *templates.Template) {
+		defer wg.Done()
+
 		ctxArgs := contextargs.New()
-		ctxArgs.Input = URL
+		ctxArgs.MetaInput = value
 		match, err := template.Executer.Execute(ctxArgs)
 		if err != nil {
 			gologger.Warning().Msgf("[%s] Could not execute step: %s\n", e.e.executerOpts.Colorizer.BrightBlue(template.ID), err)
 		}
 		e.results.CompareAndSwap(false, match)
-		wg.Done()
 	}(template)
 }