[BUG] waitload no working on headless #5584
Description
Is there an existing issue for this?
- I have searched the existing issues.
Current Behavior
I'm studying nuclei and trying to bruteforce my home TP-Link ADSL.
I have to use headless since every login the modem use a new random AES key.
The script emulate a browser interaction, then after sending the login it just close with no right response.
I'm using the default password, that is correct.
I have to look for a string that tells me the login was successful.
But nuclei just finish with no waitload for the response
My script:
id: tplink-headless
info:
name: TP-Link bruteforce
author: me
severity: low
description: TP-Link bruteforce.
headless:
- steps:
- args:
url: "{{BaseURL}}"
action: navigate
- action: waitload
- action: text
args:
by: x
xpath: //*[@id="pc-login-password"]
value: admin
- action: click
args:
by: xpath
xpath: /html/body/div[3]/div[2]/div[2]/div[1]/div[2]/div[2]/div/div/div[1]/span[1]
- action: click
args:
by: xpath
xpath: //*[@id="pc-login-btn"]
- action: waitload
matchers:
- type: word
words:
- "$.ret=0;" # this value zero tells me he login was successful
part: body
My command:
nuclei -u 10.1.1.1 -t projects/nuclei/tplink_bruteforce/tplink_bt_headless.yaml -v -headless -allow-local-file-access -show-browser
The result:
[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.3.1 (latest)
[INF] Current nuclei-templates version: v9.9.3 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 56
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] Running httpx on input host
[INF] Found 1 URL from httpx
[VER] Sent Headless request to http://10.1.1.1
[INF] No results found. Better luck next time!
Expected Behavior
Tell if bruteforce was success or not.
Steps To Reproduce
- Save the yaml code then run wih he command line that i'm running.
- You can inspect with wireshark
Relevant log output
No response
Environment
- OS: Parrot
- Nuclei: 3.3.1
- Go: go1.21.8 linux/amd64Anything else?
No response