Dynamic payload option

[mastercho]

Please describe your feature request:

This might be hard to implement but let me try, we found ourselves in most case scenarios to go in templates and edit payloads for LFI,SQLi and File upload like 2-3 times per day to make it sure its vuln. So would be good if there is a way to pass them by param in nuclei scan, that probably would require big chunk of template to change into some global instead of payload but its just an idea...

Describe the use case of this feature:

Save time from editing templates or having few versions of template

[tarunKoyalwar]

• sharing some possible implementation ideas on this

instead of adding new option we can achieve this with -V or -var flag . the only thing that needs to be changed is allowing recursive file read in payloads. we can already specify file in payloads but not array of files

Append mode

 payloads:
      lfi:
        - '{{trending-lfi}}'
        - 'default-lfi.txt'

and we can just pass value of trending-lfi from cli using var

$ nuclei -t lfi-template.yaml -V trending-lfi=mylfi.txt

but we probably need to take care of errors when file/variable does not exist

replace mode

this might be conflicting change when running multiple templates but in nuclei we could also allow updating value payload from cli using -V

something like

$ nuclei -t lfi-template -V lfi=mypayloads/lfi.txt

cc: @ehsandeep @princechaddha

@mastercho it will also be helpful if you share more about details about usecase . ex:
is this limited to fuzzing templates ?
do you update or replace payloads ?
wouldn't referencing helper files in template instead of harcoding in payloads be a good idea ?

[mastercho]

• sharing some possible implementation ideas on this

instead of adding new option we can achieve this with -V or -var flag . the only thing that needs to be changed is allowing recursive file read in payloads. we can already specify file in payloads but not array of files

Append mode

 payloads:
      lfi:
        - '{{trending-lfi}}'
        - 'default-lfi.txt'

and we can just pass value of trending-lfi from cli using var

$ nuclei -t lfi-template.yaml -V trending-lfi=mylfi.txt

but we probably need to take care of errors when file/variable does not exist

replace mode

this might be conflicting change when running multiple templates but in nuclei we could also allow updating value payload from cli using -V

something like

$ nuclei -t lfi-template -V lfi=mypayloads/lfi.txt

cc: @ehsandeep @princechaddha

@mastercho it will also be helpful if you share more about details about usecase . ex: is this limited to fuzzing templates ? do you update or replace payloads ? wouldn't referencing helper files in template instead of harcoding in payloads be a good idea ?

I like your idea with -V thats what exactly im looking for.
Not limited to fuzzing templated at all, mostly CVEs
i do replace payloads currently.

By helper files you mean like:

 payloads:
      lfi:
        - '{{trending-lfi}}'
        - 'default-lfi.txt'

or something else?

[tarunKoyalwar]

yeah exactly that, here's an example

https://github.com/projectdiscovery/nuclei-templates/blob/dd7467687f546e22044edbe58bd22e5f912f7356/http/fuzzing/header-command-injection.yaml#L23-L25

    payloads:
      header: helpers/payloads/request-headers.txt
      payload: helpers/payloads/command-injection.txt

currently in nuclei engine . we only support loading only 1 file in payloads . to implement this feature we need to add multi file payload support and ignore if value of variable is empty (i.e if {{trending-lfi}} is empty don't return error)