From a05faa868d758c7f7c0b039151654a933c468e3f Mon Sep 17 00:00:00 2001 From: Mzack9999 Date: Tue, 28 Apr 2020 04:01:25 +0200 Subject: [PATCH] adding proxy socks support - untested --- go.mod | 5 +---- go.sum | 16 +++------------- internal/runner/options.go | 24 +++++++++++++----------- pkg/executor/executer_http.go | 22 ++++++++++++++++------ 4 files changed, 33 insertions(+), 34 deletions(-) diff --git a/go.mod b/go.mod index 251f57ad..7b833350 100644 --- a/go.mod +++ b/go.mod @@ -9,10 +9,7 @@ require ( github.com/projectdiscovery/gologger v1.0.0 github.com/projectdiscovery/retryabledns v1.0.4 github.com/projectdiscovery/retryablehttp-go v1.0.1 - github.com/stretchr/testify v1.5.1 github.com/valyala/fasttemplate v1.1.0 - golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5 // indirect - golang.org/x/net v0.0.0-20200421231249-e086a090c8fd // indirect - golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f // indirect + golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 gopkg.in/yaml.v2 v2.2.8 ) diff --git a/go.sum b/go.sum index dba51c0f..e0192a4d 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,5 @@ github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496 h1:zV3ejI06GQ59hwDQAvmK1qxOQGB3WuVTRoY0okPTAv0= github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= -github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381 h1:bqDmpDG49ZRnB5PcgP0RXtQvnMSgIF14M7CBd2shtXs= github.com/logrusorgru/aurora v0.0.0-20200102142835-e9ef32dff381/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4= @@ -8,7 +7,6 @@ github.com/miekg/dns v1.1.29 h1:xHBEhR+t5RzcFJjBLJlax2daXOrTYtr9z4WdKEfWFzg= github.com/miekg/dns v1.1.29/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/projectdiscovery/gologger v1.0.0 h1:XAQ8kHeVKXMjY4rLGh7eT5+oHU077BNEvs7X6n+vu1s= github.com/projectdiscovery/gologger v1.0.0/go.mod h1:Ok+axMqK53bWNwDSU1nTNwITLYMXMdZtRc8/y1c7sWE= @@ -17,7 +15,6 @@ github.com/projectdiscovery/retryabledns v1.0.4/go.mod h1:/UzJn4I+cPdQl6pKiiQfvV github.com/projectdiscovery/retryablehttp-go v1.0.1 h1:V7wUvsZNq1Rcz7+IlcyoyQlNwshuwptuBVYWw9lx8RE= github.com/projectdiscovery/retryablehttp-go v1.0.1/go.mod h1:SrN6iLZilNG1X4neq1D+SBxoqfAF4nyzvmevkTkWsek= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= @@ -26,28 +23,21 @@ github.com/valyala/fasttemplate v1.1.0/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPU golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5 h1:Q7tZBpemrlsc2I7IyODzhtallWRSm4Q0d09pL6XbQtU= -golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200421231249-e086a090c8fd h1:QPwSajcTUrFriMF1nJ3XzgoqakqQEsnZf9LdXdi2nkI= -golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= -golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU= +golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0 h1:Jcxah/M+oLZ/R4/z5RzfPzGbPXnVDPkEDtf2JnuxN+U= +golang.org/x/net v0.0.0-20200425230154-ff2c4b7c35a0/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe h1:6fAMxZRR6sl1Uq8U61gxU+kPTs2tR8uOySCbBP7BN/M= golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f h1:gWF768j/LaZugp8dyS4UwsslYCYz9XgFxvlgsn0n9H8= -golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= diff --git a/internal/runner/options.go b/internal/runner/options.go index 3ec1ac18..2452a715 100644 --- a/internal/runner/options.go +++ b/internal/runner/options.go @@ -10,17 +10,18 @@ import ( // Options contains the configuration options for tuning // the template requesting process. type Options struct { - Templates string // Signature specifies the template/templates to use - Targets string // Targets specifies the targets to scan using templates. - Threads int // Thread controls the number of concurrent requests to make. - Timeout int // Timeout is the seconds to wait for a response from the server. - Retries int // Retries is the number of times to retry the request - Output string // Output is the file to write found subdomains to. - ProxyURL string // ProxyURL is the URL for the proxy server - Silent bool // Silent suppresses any extra text and only writes found URLs on screen. - Version bool // Version specifies if we should just show version and exit - Verbose bool // Verbose flag indicates whether to show verbose output or not - NoColor bool // No-Color disables the colored output. + Templates string // Signature specifies the template/templates to use + Targets string // Targets specifies the targets to scan using templates. + Threads int // Thread controls the number of concurrent requests to make. + Timeout int // Timeout is the seconds to wait for a response from the server. + Retries int // Retries is the number of times to retry the request + Output string // Output is the file to write found subdomains to. + ProxyURL string // ProxyURL is the URL for the proxy server + ProxySocksURL string // ProxySocksURL is the URL for the proxy socks server + Silent bool // Silent suppresses any extra text and only writes found URLs on screen. + Version bool // Version specifies if we should just show version and exit + Verbose bool // Verbose flag indicates whether to show verbose output or not + NoColor bool // No-Color disables the colored output. Stdin bool // Stdin specifies whether stdin input was given to the process } @@ -33,6 +34,7 @@ func ParseOptions() *Options { flag.StringVar(&options.Targets, "l", "", "List of URLs to run templates on") flag.StringVar(&options.Output, "o", "", "File to write output to (optional)") flag.StringVar(&options.ProxyURL, "proxy-url", "", "URL of the proxy server") + flag.StringVar(&options.ProxySocksURL, "proxy-socks-url", "", "URL of the proxy socks server") flag.BoolVar(&options.Silent, "silent", false, "Show only results in output") flag.BoolVar(&options.Version, "version", false, "Show version of nuclei") flag.BoolVar(&options.Verbose, "v", false, "Show Verbose output") diff --git a/pkg/executor/executer_http.go b/pkg/executor/executer_http.go index 70833302..30248243 100644 --- a/pkg/executor/executer_http.go +++ b/pkg/executor/executer_http.go @@ -16,6 +16,7 @@ import ( "github.com/projectdiscovery/nuclei/pkg/requests" "github.com/projectdiscovery/nuclei/pkg/templates" "github.com/projectdiscovery/retryablehttp-go" + "golang.org/x/net/proxy" ) // HTTPExecutor is client for performing HTTP requests @@ -30,12 +31,13 @@ type HTTPExecutor struct { // HTTPOptions contains configuration options for the HTTP executor. type HTTPOptions struct { - Template *templates.Template - HTTPRequest *requests.HTTPRequest - Writer *bufio.Writer - Timeout int - Retries int - ProxyURL string + Template *templates.Template + HTTPRequest *requests.HTTPRequest + Writer *bufio.Writer + Timeout int + Retries int + ProxyURL string + ProxySocksURL string } // NewHTTPExecutor creates a new HTTP executor from a template @@ -165,6 +167,14 @@ func makeHTTPClient(proxyURL *url.URL, options *HTTPOptions) *retryablehttp.Clie DisableKeepAlives: true, } + // Attempts to overwrite the dial function with the socks proxied version + if options.ProxySocksURL != "" { + dialer, err := proxy.SOCKS5("tcp", options.ProxySocksURL, nil, proxy.Direct) + if err == nil { + transport.Dial = dialer.Dial + } + } + if proxyURL != nil { transport.Proxy = http.ProxyURL(proxyURL) }