Skip to content

Commit

Permalink
Do not clobber the "tcp" dialer for MySQL (#5681)
Browse files Browse the repository at this point in the history
This introduces a "nucleitcp" protocol that Nuclei will use when
making MySQL connections as part of its templates.

Previously, this would register (and de-register!) a custom "tcp"
dialer, and that applied globally, so any piece of software that
used a MySQL database and included nuclei in SDK mode would have
its database connections ripped out from under it due to the dialer
hijacking.

By using "nucleitcp" as the protocol, we are free to do whatever
we want with the dialer and not impact any other packages.

Within our `BuildDSN` function, we quietly replace the protocol to
"nucleitcp" if it was "tcp", so nuclei developers don't have to do
anything special to use this functionality; it will always do it.
  • Loading branch information
doug-threatmate authored Jan 14, 2025
1 parent 08c46ff commit e4a0b8e
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 2 deletions.
6 changes: 6 additions & 0 deletions pkg/js/libs/mysql/mysql_private.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,12 @@ func BuildDSN(opts MySQLOptions) (string, error) {
if opts.Protocol == "" {
opts.Protocol = "tcp"
}
// We're going to use a custom dialer when creating MySQL connections, so if we've been
// given "tcp" as the protocol, then quietly switch it to "nucleitcp", which we have
// already registered.
if opts.Protocol == "tcp" {
opts.Protocol = "nucleitcp"
}
if opts.DbName == "" {
opts.DbName = "/"
} else {
Expand Down
12 changes: 10 additions & 2 deletions pkg/protocols/common/protocolstate/state.go
Original file line number Diff line number Diff line change
Expand Up @@ -154,8 +154,16 @@ func Init(options *types.Options) error {
}
Dialer = dialer

// override dialer in mysql
mysql.RegisterDialContext("tcp", func(ctx context.Context, addr string) (net.Conn, error) {
// Set a custom dialer for the "nucleitcp" protocol. This is just plain TCP, but it's registered
// with a different name so that we do not clobber the "tcp" dialer in the event that nuclei is
// being included as a package in another application.
mysql.RegisterDialContext("nucleitcp", func(ctx context.Context, addr string) (net.Conn, error) {
// Because we're not using the default TCP workflow, quietly add the default port
// number if no port number was specified.
if _, _, err := net.SplitHostPort(addr); err != nil {
addr += ":3306"
}

return Dialer.Dial(ctx, "tcp", addr)
})

Expand Down

0 comments on commit e4a0b8e

Please sign in to comment.