Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not clobber the "tcp" dialer for MySQL #5681

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

Do not clobber the "tcp" dialer for MySQL #5681

wants to merge 1 commit into from

Conversation

doug-threatmate
Copy link
Contributor

@doug-threatmate doug-threatmate commented Oct 1, 2024
edited
Loading

Proposed changes

This introduces a "nucleitcp" protocol that Nuclei will use when making MySQL connections as part of its templates.

Previously, this would register (and de-register!) a custom "tcp" dialer, and that applied globally, so any piece of software that used a MySQL database and included nuclei in SDK mode would have its database connections ripped out from under it due to the dialer hijacking.

By using "nucleitcp" as the protocol, we are free to do whatever we want with the dialer and not impact any other packages.

Within our BuildDSN function, we quietly replace the protocol to "nucleitcp" if it was "tcp", so nuclei developers don't have to do anything special to use this functionality; it will always do it.

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

@doug-threatmate
Do not clobber the "tcp" dialer for MySQL
126b410 
This introduces a "nucleitcp" protocol that Nuclei will use when
making MySQL connections as part of its templates.

Previously, this would register (and de-register!) a custom "tcp"
dialer, and that applied globally, so any piece of software that
used a MySQL database and included nuclei in SDK mode would have
its database connections ripped out from under it due to the dialer
hijacking.

By using "nucleitcp" as the protocol, we are free to do whatever
we want with the dialer and not impact any other packages.

Within our `BuildDSN` function, we quietly replace the protocol to
"nucleitcp" if it was "tcp", so nuclei developers don't have to do
anything special to use this functionality; it will always do it.
@GeorginaReeder
Copy link

Thanks so much for your contribution @doug-threatmate ! :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dogancanbakir dogancanbakir Awaiting requested review from dogancanbakir

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@doug-threatmate @GeorginaReeder