Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] -maxtime maximum testing time per host (soft kill) and -jsonl writes directly to disk #5823

Open
JaneX8 opened this issue Nov 14, 2024 · 2 comments
Open

[FEATURE] -maxtime maximum testing time per host (soft kill) and -jsonl writes directly to disk #5823

JaneX8 opened this issue Nov 14, 2024 · 2 comments
Assignees
@dogancanbakir
Labels
Type: Enhancement Most issues will probably ask for additions or changes.

Comments

@JaneX8
Copy link
Contributor

JaneX8 commented Nov 14, 2024
edited by ehsandeep
Loading

Describe your feature request

On rare occasions nuclei hangs and doesn't stop the process. This is very inconvenient for unattended runs. I supply a hardkill switch simply by running nuclei with prefixed timeout 600 for example. However, this is not a neat way of doing things, as it hard kills the process and all previous findings and output is lost this way.

-mt,   -max-time int  sets maximum runtime before nuclei auto-stops (example -mt 1d)

The security scanner Nikto.pl had an -maxtime option for 'Maximum testing time per host' effectively a soft-kill, which stopped the scan after the maximum time was hit and saving the output to disk. For example mid-scan the following would happen and the process would gracefully close after writing the output:

+ ERROR: Host maximum execution time of 600 seconds reached
+ Scan terminated: 0 error(s) and 6 item(s) reported on remote host
+ End Time:           2024-11-14 19:10:32 (GMT0) (4 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

I would like a -maxtime option for nuclei too to achieve this.

In addition I think the behaviour of -jsonl should be changed too. Because the JSONLines format is perfect for directly writing each finding to disk when it's known instead of keeping it in memory. This way even if a process is hard killed the findings, up to that moment are still saved in the jsonl file.

Describe the use case of the feature

See previous description. In essence long running scans with hanging processes.

Describe alternatives you've considered

See description above. Hard-kill and different behaviour of -jsonl.

Additional context

No response
@JaneX8 JaneX8 added the Type: Enhancement Most issues will probably ask for additions or changes. label Nov 14, 2024
@ehsandeep
Copy link
Member

@JaneX8 welcome back!

Regarding -jsonl, it appears to be handled in this PR; it needs to be reviewed and merged.

As for -max-time, it’s a good idea, but since Nuclei operates on a list of templates * hosts, execution is based on template spray. Tracking time per host isn’t convenient or feasible at this time. For the same reason, we don't have host-based rate limiting. Do you think a max-time setting for the entire Nuclei execution would be useful?

@JaneX8
Copy link
Contributor Author

JaneX8 commented Nov 14, 2024
edited
Loading

Thank you. Even if not per host, a 'soft-kill' for the entire execution is also very helpful as one could simply run one instance of nuclei for one host and limit it that way. The main purpose would be to have a soft kill timeout where the results up to that moment are not lost.

@dogancanbakir dogancanbakir self-assigned this Nov 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dogancanbakir dogancanbakir

Labels
Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@JaneX8 @ehsandeep @dogancanbakir