Merge pull request #6735 from projectdiscovery/dwisiswant0/fix/js/mysql-panic-due-to-missing-executionId-in-ctx

fix(js): mysql panic due to missing `executionId` in ctx

Author: Mzack9999

cmd/integration-test/javascript.go

@@ -18,6 +18,7 @@ var jsTestcases = []TestCaseInfo{
 	{Path: "protocols/javascript/oracle-auth-test.yaml", TestCase: &javascriptOracleAuthTest{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
 	{Path: "protocols/javascript/vnc-pass-brute.yaml", TestCase: &javascriptVncPassBrute{}},
 	{Path: "protocols/javascript/postgres-pass-brute.yaml", TestCase: &javascriptPostgresPassBrute{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
+	{Path: "protocols/javascript/mysql-connect.yaml", TestCase: &javascriptMySQLConnect{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
 	{Path: "protocols/javascript/multi-ports.yaml", TestCase: &javascriptMultiPortsSSH{}},
 	{Path: "protocols/javascript/no-port-args.yaml", TestCase: &javascriptNoPortArgs{}},
 }
@@ -28,6 +29,7 @@ var (
 	oracleResource   *dockertest.Resource
 	vncResource      *dockertest.Resource
 	postgresResource *dockertest.Resource
+	mysqlResource    *dockertest.Resource
 	pool             *dockertest.Pool
 	defaultRetry     = 3
 )
@@ -203,6 +205,38 @@ func (j *javascriptPostgresPassBrute) Execute(filePath string) error {
 	return multierr.Combine(errs...)
 }
 
+type javascriptMySQLConnect struct{}
+
+func (j *javascriptMySQLConnect) Execute(filePath string) error {
+	if mysqlResource == nil || pool == nil {
+		// skip test as mysql is not running
+		return nil
+	}
+	tempPort := mysqlResource.GetPort("3306/tcp")
+	finalURL := "localhost:" + tempPort
+	defer purge(mysqlResource)
+	errs := []error{}
+	for i := 0; i < defaultRetry; i++ {
+		results := []string{}
+		var err error
+		_ = pool.Retry(func() error {
+			//let mysql server start
+			time.Sleep(5 * time.Second)
+			results, err = testutils.RunNucleiTemplateAndGetResults(filePath, finalURL, debug)
+			return nil
+		})
+		if err != nil {
+			return err
+		}
+		if err := expectResultsCount(results, 1); err == nil {
+			return nil
+		} else {
+			errs = append(errs, err)
+		}
+	}
+	return multierr.Combine(errs...)
+}
+
 type javascriptMultiPortsSSH struct{}
 
 func (j *javascriptMultiPortsSSH) Execute(filePath string) error {
@@ -345,4 +379,22 @@ func init() {
 	if err := postgresResource.Expire(30); err != nil {
 		log.Printf("Could not expire postgres resource: %s", err)
 	}
+
+	// setup a temporary mysql instance
+	mysqlResource, err = pool.RunWithOptions(&dockertest.RunOptions{
+		Repository: "mysql",
+		Tag:        "latest",
+		Env: []string{
+			"MYSQL_ROOT_PASSWORD=secret",
+		},
+		Platform: "linux/amd64",
+	})
+	if err != nil {
+		log.Printf("Could not start mysql resource: %s", err)
+		return
+	}
+	// by default expire after 30 sec
+	if err := mysqlResource.Expire(30); err != nil {
+		log.Printf("Could not expire mysql resource: %s", err)
+	}
 }

integration_tests/protocols/javascript/mysql-connect.yaml

@@ -0,0 +1,23 @@
+id: mysql-connect
+
+info:
+  name: MySQL Connect Test
+  author: pdteam
+  severity: high
+
+javascript:
+  - pre-condition: |
+      isPortOpen(Host, Port)
+    code: |
+      const mysql = require('nuclei/mysql');
+      const client = new mysql.MySQLClient;
+      success = client.Connect(Host, Port, User, Pass);
+    args:
+      Host: "{{Host}}"
+      Port: "3306"
+      User: "root"
+      Pass: "secret"
+    matchers:
+      - type: dsl
+        dsl:
+          - "success == true"

pkg/js/libs/mssql/memo.mssql.go

@@ -11,7 +11,7 @@ import (
 )
 
 func memoizedconnect(executionId string, host string, port int, username string, password string, dbName string) (bool, error) {
-	hash := "connect" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port) + ":" + fmt.Sprint(username) + ":" + fmt.Sprint(password) + ":" + fmt.Sprint(dbName)
+	hash := "connect" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port) + ":" + fmt.Sprint(username) + ":" + fmt.Sprint(password) + ":" + fmt.Sprint(dbName)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return connect(executionId, host, port, username, password, dbName)
@@ -27,7 +27,7 @@ func memoizedconnect(executionId string, host string, port int, username string,
 }
 
 func memoizedisMssql(executionId string, host string, port int) (bool, error) {
-	hash := "isMssql" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
+	hash := "isMssql" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return isMssql(executionId, host, port)

pkg/js/libs/mysql/memo.mysql.go

@@ -9,7 +9,7 @@ import (
 )
 
 func memoizedisMySQL(executionId string, host string, port int) (bool, error) {
-	hash := "isMySQL" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
+	hash := "isMySQL" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return isMySQL(executionId, host, port)
@@ -25,7 +25,7 @@ func memoizedisMySQL(executionId string, host string, port int) (bool, error) {
 }
 
 func memoizedfingerprintMySQL(executionId string, host string, port int) (MySQLInfo, error) {
-	hash := "fingerprintMySQL" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
+	hash := "fingerprintMySQL" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return fingerprintMySQL(executionId, host, port)

pkg/js/libs/mysql/memo.mysql_private.go

@@ -8,11 +8,11 @@ import (
 	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
 )
 
-func memoizedconnectWithDSN(dsn string) (bool, error) {
-	hash := "connectWithDSN" + ":" + fmt.Sprint(dsn)
+func memoizedconnectWithDSN(executionId string, dsn string) (bool, error) {
+	hash := "connectWithDSN" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(dsn)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
-		return connectWithDSN(dsn)
+		return connectWithDSN(executionId, dsn)
 	})
 	if err != nil {
 		return false, err

pkg/js/libs/mysql/mysql.go

@@ -108,7 +108,7 @@ func (c *MySQLClient) Connect(ctx context.Context, host string, port int, userna
 	if err != nil {
 		return false, err
 	}
-	return connectWithDSN(dsn)
+	return connectWithDSN(executionId, dsn)
 }
 
 type (
@@ -190,8 +190,9 @@ func fingerprintMySQL(executionId string, host string, port int) (MySQLInfo, err
 // const client = new mysql.MySQLClient;
 // const connected = client.ConnectWithDSN('username:password@tcp(acme.com:3306)/');
 // ```
-func (c *MySQLClient) ConnectWithDSN(dsn string) (bool, error) {
-	return memoizedconnectWithDSN(dsn)
+func (c *MySQLClient) ConnectWithDSN(ctx context.Context, dsn string) (bool, error) {
+	executionId := ctx.Value("executionId").(string)
+	return memoizedconnectWithDSN(executionId, dsn)
 }
 
 // ExecuteQueryWithOpts connects to Mysql database using given credentials

pkg/js/libs/mysql/mysql_private.go

@@ -1,6 +1,7 @@
 package mysql
 
 import (
+	"context"
 	"database/sql"
 	"fmt"
 	"net"
@@ -72,7 +73,7 @@ func BuildDSN(opts MySQLOptions) (string, error) {
 }
 
 // @memo
-func connectWithDSN(dsn string) (bool, error) {
+func connectWithDSN(executionId string, dsn string) (bool, error) {
 	db, err := sql.Open("mysql", dsn)
 	if err != nil {
 		return false, err
@@ -83,7 +84,8 @@ func connectWithDSN(dsn string) (bool, error) {
 	db.SetMaxOpenConns(1)
 	db.SetMaxIdleConns(0)
 
-	_, err = db.Exec("select 1")
+	ctx := context.WithValue(context.Background(), "executionId", executionId) // nolint: staticcheck
+	err = db.PingContext(ctx)
 	if err != nil {
 		return false, err
 	}

pkg/js/libs/oracle/memo.oracle.go

@@ -9,7 +9,7 @@ import (
 )
 
 func memoizedisOracle(executionId string, host string, port int) (IsOracleResponse, error) {
-	hash := "isOracle" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
+	hash := "isOracle" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return isOracle(executionId, host, port)

pkg/js/libs/pop3/memo.pop3.go

@@ -9,7 +9,7 @@ import (
 )
 
 func memoizedisPoP3(executionId string, host string, port int) (IsPOP3Response, error) {
-	hash := "isPoP3" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
+	hash := "isPoP3" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return isPoP3(executionId, host, port)

pkg/js/libs/postgres/memo.postgres.go

@@ -5,15 +5,15 @@ import (
 	"errors"
 	"fmt"
 
-	_ "github.com/projectdiscovery/nuclei/v3/pkg/js/utils/pgwrap"
-
 	utils "github.com/projectdiscovery/nuclei/v3/pkg/js/utils"
 
+	_ "github.com/projectdiscovery/nuclei/v3/pkg/js/utils/pgwrap"
+
 	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
 )
 
 func memoizedisPostgres(executionId string, host string, port int) (bool, error) {
-	hash := "isPostgres" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
+	hash := "isPostgres" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return isPostgres(executionId, host, port)
@@ -29,7 +29,7 @@ func memoizedisPostgres(executionId string, host string, port int) (bool, error)
 }
 
 func memoizedexecuteQuery(executionId string, host string, port int, username string, password string, dbName string, query string) (*utils.SQLResult, error) {
-	hash := "executeQuery" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port) + ":" + fmt.Sprint(username) + ":" + fmt.Sprint(password) + ":" + fmt.Sprint(dbName) + ":" + fmt.Sprint(query)
+	hash := "executeQuery" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port) + ":" + fmt.Sprint(username) + ":" + fmt.Sprint(password) + ":" + fmt.Sprint(dbName) + ":" + fmt.Sprint(query)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return executeQuery(executionId, host, port, username, password, dbName, query)
@@ -45,7 +45,7 @@ func memoizedexecuteQuery(executionId string, host string, port int, username st
 }
 
 func memoizedconnect(executionId string, host string, port int, username string, password string, dbName string) (bool, error) {
-	hash := "connect" + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port) + ":" + fmt.Sprint(username) + ":" + fmt.Sprint(password) + ":" + fmt.Sprint(dbName)
+	hash := "connect" + ":" + fmt.Sprint(executionId) + ":" + fmt.Sprint(host) + ":" + fmt.Sprint(port) + ":" + fmt.Sprint(username) + ":" + fmt.Sprint(password) + ":" + fmt.Sprint(dbName)
 
 	v, err, _ := protocolstate.Memoizer.Do(hash, func() (interface{}, error) {
 		return connect(executionId, host, port, username, password, dbName)