adding metadata for exact collab match

2020-11-23 21:37:52 +01:00 · 2020-11-23 21:37:52 +01:00 · bb277c70b0
parent e5d4c7a6d0
commit bb277c70b0
5 changed files with 32 additions and 10 deletions
--- a/v2/go.mod
+++ b/v2/go.mod
@ -14,7 +14,7 @@ require (
 	github.com/miekg/dns v1.1.35
 	github.com/pkg/errors v0.9.1
 	github.com/projectdiscovery/clistats v0.0.5
-	github.com/projectdiscovery/collaborator v0.0.1
+	github.com/projectdiscovery/collaborator v0.0.2-0.20201122173402-7afbb52febed
 	github.com/projectdiscovery/fastdialer v0.0.1
 	github.com/projectdiscovery/gologger v1.0.1
 	github.com/projectdiscovery/hmap v0.0.1
--- a/v2/go.sum
+++ b/v2/go.sum
@ -57,6 +57,8 @@ github.com/projectdiscovery/clistats v0.0.5 h1:vcvOR9PrFRawO/7FWD6pER9nYVSoSTD2F
 github.com/projectdiscovery/clistats v0.0.5/go.mod h1:lV6jUHAv2bYWqrQstqW8iVIydKJhWlVaLl3Xo9ioVGg=
 github.com/projectdiscovery/collaborator v0.0.1 h1:dbQ5BCL/a3c+BB9cGtrGgiLs23+EfSzoaTzX/pxqiTI=
 github.com/projectdiscovery/collaborator v0.0.1/go.mod h1:J1z0fC7Svutz3LJqoRyTHA3F0Suh4livmkYv8MnKw20=
+github.com/projectdiscovery/collaborator v0.0.2-0.20201122173402-7afbb52febed h1:0B4ccP68IL6MNHz99dAFeh0E3AY7fU5wVYwZJVX8ZG4=
+github.com/projectdiscovery/collaborator v0.0.2-0.20201122173402-7afbb52febed/go.mod h1:J1z0fC7Svutz3LJqoRyTHA3F0Suh4livmkYv8MnKw20=
 github.com/projectdiscovery/fastdialer v0.0.1 h1:MgBkJ/zkciFu/PcbAz0DYGiZn2aqv6b39NvfXxfN8qg=
 github.com/projectdiscovery/fastdialer v0.0.1/go.mod h1:d24GUzSb93wOY7lu4gJmXAzfomqAGEcRrInEVrM6zbc=
 github.com/projectdiscovery/gologger v1.0.1 h1:FzoYQZnxz9DCvSi/eg5A6+ET4CQ0CDUs27l6Exr8zMQ=
--- a/v2/pkg/collaborator/collaborator.go
+++ b/v2/pkg/collaborator/collaborator.go
@ -2,6 +2,7 @@ package collaborator

 import (
 	"strings"
+	"sync"
 	"time"

 	"github.com/projectdiscovery/collaborator"
@ -17,6 +18,7 @@ var DefaultPollInterval time.Duration = time.Second * time.Duration(PollSeconds)
 var DefaultCollaborator BurpCollaborator = BurpCollaborator{Collab: collaborator.NewBurpCollaborator()}

 type BurpCollaborator struct {
+	sync.RWMutex
 	options *Options // unused
 	Collab  *collaborator.BurpCollaborator
 }
@ -41,19 +43,23 @@ func (b *BurpCollaborator) Poll() {
 	}
 }

-func (b *BurpCollaborator) Has(s string) bool {
+func (b *BurpCollaborator) Has(s string) (found bool) {
+	foundAt := 0
 	for _, r := range b.Collab.RespBuffer {
 		for i := 0; i < len(r.Responses); i++ {
-			// search in dns
-			if strings.Contains(r.Responses[i].Data.RawRequestDecoded, s) {
-				return true
-			}
-			// search in http
-			if strings.Contains(r.Responses[i].Data.RequestDecoded, s) {
-				return true
+			// search in dns - http - smtp
+			b.RLock()
+			found = strings.Contains(r.Responses[i].Data.RawRequestDecoded, s) || strings.Contains(r.Responses[i].Data.RequestDecoded, s) || strings.Contains(r.Responses[i].Data.MessageDecoded, s)
+			b.RUnlock()
+			if found {
+				b.Lock()
+				r.Responses = removeMatch(r.Responses, foundAt)
+				b.Unlock()
+				break
 			}
+
 		}
 	}

-	return false
+	return
 }
--- a/v2/pkg/collaborator/util.go
+++ b/v2/pkg/collaborator/util.go
@ -0,0 +1,9 @@
+package collaborator
+
+import (
+	"github.com/projectdiscovery/collaborator"
+)
+
+func removeMatch(responses []collaborator.BurpResponse, index int) []collaborator.BurpResponse {
+	return append(responses[:index], responses[index+1:]...)
+}
--- a/v2/pkg/executer/executer_http.go
+++ b/v2/pkg/executer/executer_http.go
@ -530,6 +530,11 @@ func (e *HTTPExecuter) handleHTTP(reqURL string, request *requests.HTTPRequest,
 	// hardcode stopping storing data after defaultMaxHistorydata items
 	if len(result.historyData) < defaultMaxHistorydata {
 		result.Lock()
+		// update history data with current reqURL and hostname
+		result.historyData["reqURL"] = reqURL
+		if parsed, err := url.Parse(reqURL); err == nil {
+			result.historyData["Hostname"] = parsed.Host
+		}
 		result.historyData = generators.MergeMaps(result.historyData, matchers.HTTPToMap(resp, body, headers, duration, format))
 		result.Unlock()
 	}