Nuclei - Differences between SDK and console utility results | ProjectDiscovery Community | Page 1

gray bloom Oct 25, 2024, 7:04 PM

#

Hi! Has anyone encountered the problem that when scanning via SDK, some of the results are missing? How could this be solved?
Thank you very much in advance!

CLI run:
nuclei -u bountytarget.com --headless

These templates produce results only when run through cli
https://github.com/projectdiscovery/nuclei-templates/blob/main/headless/extract-urls.yaml
https://github.com/projectdiscovery/nuclei-templates/blob/main/headless/webpack-sourcemap.yaml

Go Code

func nucl(ctx context.Context) {
    ne, err := nuclei.NewNucleiEngineCtx(
        ctx,
        nuclei.WithNetworkConfig(nuclei.NetworkConfig{
            DisableMaxHostErr: true,  
            MaxHostError:      10000, 
        }),

        nuclei.EnableHeadlessWithOpts(&nuclei.HeadlessOpts{
            PageTimeout: 20,
            UseChrome:   true,
            ShowBrowser: false,
        }),
        nuclei.WithConcurrency(nuclei.Concurrency{
            TemplateConcurrency:           1,
            HostConcurrency:               1,
            HeadlessHostConcurrency:       1,
            HeadlessTemplateConcurrency:   1,
            JavascriptTemplateConcurrency: 1,
            TemplatePayloadConcurrency:    1,
            ProbeConcurrency:              1,
        }),
        nuclei.EnableStatsWithOpts(nuclei.StatsOptions{JSON: true}),

        nuclei.WithScanStrategy("auto"),
    )
    if err != nil {
        slog.Error("Failed to create nuclei engine", slog.Any("error", err))
        panic(err)
    }
    defer ne.Close()


    err = ne.LoadAllTemplates()
    if err != nil {
        slog.Error("Failed to load templates", slog.Any("error", err))
        panic(err)
    }


    ne.LoadTargets([]string{"BOUNTY_TARGET.ZONE"}, false)

    opts := ne.Options()
    ne.ExecuteWithCallback(callback)

    slog.Info("Nuclei scan finished")
}

velvet jackal Oct 28, 2024, 11:42 AM

#

Hey @gray bloom , welcome to the Discord! I'm not having trouble with this when I try to run the same scan myself - let me tag @ornate crystal to take a look at this.

Thanks for your patience!

zinc falcon Dec 2, 2024, 2:25 PM

#

gray bloom Hi! Has anyone encountered the problem that when scanning via SDK, some of the r...

Hi @gray bloom Were you able to solve this. I am too getting similar issue while running through sdk.

ornate crystal Dec 3, 2024, 4:48 PM

#

how do the results compare for both?

zinc falcon Dec 3, 2024, 4:58 PM

#

In my case i am getting only 2 out of 30 hosts result in global callback. Working corretly in nuclei cli mode. confimed by setting debug and verbode mode .

Other hosts are getting

[WRN] [ssh-auth-methods] Could not execute request for :22: errKind=unknown-error [address=xyz:22] context deadline exceeded

blazing osprey Feb 14, 2025, 5:29 AM

#

@gray bloom @zinc falcon I'm having the same issue with SDK, I'm running version 3.3.9 on -t ssl/ templates (version v10.1.2).

I run this for 2 different domains and sometimes get values for both of them, some for only one but not always the same.

#Nuclei - Differences between SDK and console utility results