-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Nuclei not finding the vulnerability without mentioning the exact template. #4604
Comments
@RKiler , can you run below command to verify if template is loaded when $ nuclei -u scanme.sh -vv |& grep aem-default-get
[aem-default-get-servlet] AEM DefaultGetServlet (@dhiyaneshdk) [low] |
@RKiler i am not able to reproduce this issue when directly specifying template$ nuclei -u https://xx.xxx.xxx.xxx:443/ -id aem-default-get-servlet 130 ↵
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.1.4
projectdiscovery.io
[INF] Current nuclei version: v3.1.4 (latest)
[INF] Current nuclei-templates version: v9.7.2 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 61
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[aem-default-get-servlet] [http] [low] https://xx.xxx.xxx.xxx:443/etc.json when running all templates (no filters)
this could be a network issue or server side (502 etc, timeout , WAF etc) but i can confirm template is loaded in both conditions. please try it with other targets and if you are still facing this issue share more info (like target url etc privately on our discord channel) |
This command works, The template is loaded during the scan. The WAF could be the issue, The site is using Cloudflare. is there any way to know when the Waf is interfering with scans? any option in Nuclei? because the issue was found by vidocsecurity but not with Nuclei. |
@RKiler, you need to properly tune nuclei flags based on targets etc to avoid such issues and yeah we have open issue for global passive matchers to detect such conditions and other customs ones like (502 , ip ban , server down etc) #4549 you can react to that issue to let us know you find this feature helpful that way we can appropriately prioritize issues |
When i run the normal nuclei command on domain like
nuclei -u https://test.com
, it only finds info issues. when i run the command with -t flag mentioning the AEM template which i know the website is vulnerable, only then nuclei finds the bug.with all templates:
with specific templates for AEM:
The text was updated successfully, but these errors were encountered: