[BUG] Static string as DSL extractor

[JaneX8]

Is there an existing issue for this?

• I have searched the existing issues.

Current Behavior

I found that I can only "extract" a static string using DSL and it's either undocumented or unclear and not logical how to use it. When I use:

    matchers:
      - type: dsl
        dsl:
          - "md5(body) == 'somemd5sum'"
    extractors:
      - type: dsl
        dsl:
          - '"v1.0.0"' # < This only works when the string is '"here"' (between double quotes inside single quotes) and not when it is 'here' (between single quotes).

Expected Behavior

A clearer documentation for such use cases or perhaps a different type of extractor. I propose:

    extractors:
      - type: static
        name: detected_version
        value: "v1.0.0"

Steps To Reproduce

See above example.

Environment

- OS: Alpine
- Nuclei: 3.3.7
- Go: 1.22.9

[dwisiswant0]

i'm not quite sure i fully understand the use case for this yet. from my POV, when you're creating a template, you typically already have a clear purpose in mind for what it's meant to achieve.

also, since DSL values are expressions designed to be evaluated, it makes sense that extracting a string literal would require wrapping it in quotes to ensure proper handling.

    matchers:
      - type: dsl
        name: "v1_0_0"
        dsl:
          - "md5(body) == 'v1.0.0sum'"
        internal: true
      - type: dsl
        name: "v1_1_0"
        dsl:
          - "md5(body) == 'v1.1.0sum'"
        internal: true
      - type: dsl
        name: "v1_1_1"
        dsl:
          - "md5(body) == 'v1.1.1sum'"
        internal: true

    extractors:
      - type: dsl
        dsl:
          - 'v1_0_0 && "v1.0.0"' # ternary op
          - 'v1_1_0 && "v1.1.0"'
          - 'v1_1_1 && "v1.1.1"'

or i might be missing some important context about the actual scenario. could you kindly provide more details or explain the real-world use case a bit further? that would help us understand better. thanks!

[JaneX8]

I forgot about naming matchers. In this case I can achieve it that way too, thanks.

However, I noticed before when writing templates that sometimes I only want to return a static string of something. Is the only way to do this naming matchers? Or can I somehow tell an extractor to always return something static (if the matcher worked)?

[ehsandeep]

I forgot about naming matchers. In this case I can achieve it that way too, thanks.

However, I noticed before when writing templates that sometimes I only want to return a static string of something. Is the only way to do this naming matchers? Or can I somehow tell an extractor to always return something static (if the matcher worked)?

For the 2nd case, this should work as you mentioned initially:

    extractors:
      - type: dsl
        dsl:
          - '"THIS IS RANDOM TEXT"'

[JaneX8]

Yes, it works but using dsl this way is not logical and natural. I propose a static type for this behaviour.

[dwisiswant0]

[...] I propose a static type for this behaviour.

But could you share a real-world use case where this behavior would be needed?