fix(javascript): restore exec for templates w/o Port arg (#6709)

dwisiswant0 · web-flow · commit 746a05dac5aa · 2025-12-17T22:07:14.000+07:00
Restore backwards compat for JavaScript protocol templates that omit the `Port` argument. Regression was introduced in f4f2e9f, which removed the fallback for empty `Port` in `(*Request).ExecuteWithResults`, causing templates without `Port` to be silently skipped. Now, if no `Port` is specified, the engine executes the JavaScript block using the target URL's port. Fixes #6708. Signed-off-by: Dwi Siswanto <git@dw1.io>
diff --git a/cmd/integration-test/javascript.go b/cmd/integration-test/javascript.go
@@ -18,6 +18,7 @@ var jsTestcases = []TestCaseInfo{
 	{Path: "protocols/javascript/oracle-auth-test.yaml", TestCase: &javascriptOracleAuthTest{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
 	{Path: "protocols/javascript/vnc-pass-brute.yaml", TestCase: &javascriptVncPassBrute{}},
 	{Path: "protocols/javascript/multi-ports.yaml", TestCase: &javascriptMultiPortsSSH{}},
+	{Path: "protocols/javascript/no-port-args.yaml", TestCase: &javascriptNoPortArgs{}},
 }
 
 var (
@@ -179,6 +180,16 @@ func (j *javascriptMultiPortsSSH) Execute(filePath string) error {
 	return expectResultsCount(results, 1)
 }
 
+type javascriptNoPortArgs struct{}
+
+func (j *javascriptNoPortArgs) Execute(filePath string) error {
+	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "yo.dawg", debug)
+	if err != nil {
+		return err
+	}
+	return expectResultsCount(results, 1)
+}
+
 // purge any given resource if it is not nil
 func purge(resource *dockertest.Resource) {
 	if resource != nil && pool != nil {
diff --git a/integration_tests/protocols/javascript/no-port-args.yaml b/integration_tests/protocols/javascript/no-port-args.yaml
@@ -0,0 +1,23 @@
+id: javascript-no-port-args
+
+info:
+  name: JavaScript Template Without Port Args
+  author: dwisiswant0
+  severity: info
+  description: |
+    Test backwards compatibility for JavaScript templates without Port in args.
+    Templates should execute even when Port arg is not explicitly specified.
+
+javascript:
+  - code: |
+      // Simple JavaScript code that does not require Port
+      let result = "executed";
+      Export(result);
+
+    args:
+      TestArg: "test-value"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - success == true
diff --git a/pkg/protocols/javascript/js.go b/pkg/protocols/javascript/js.go
@@ -287,6 +287,9 @@ func (request *Request) GetID() string {
 func (request *Request) ExecuteWithResults(target *contextargs.Context, dynamicValues, previous output.InternalEvent, callback protocols.OutputEventCallback) error {
 	// Get default port(s) if specified in template
 	ports := request.getPorts()
+	if len(ports) == 0 {
+		return request.executeWithResults("", target, dynamicValues, previous, callback)
+	}
 
 	var errs []error
 
