2020-04-06 00:05:01 +05:30
|
|
|
package extractors
|
|
|
|
|
|
2020-07-16 10:32:00 +02:00
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/miekg/dns"
|
|
|
|
|
)
|
|
|
|
|
|
2020-04-06 00:05:01 +05:30
|
|
|
// Extract extracts response from the parts of request using a regex
|
2020-07-16 10:32:00 +02:00
|
|
|
func (e *Extractor) Extract(resp *http.Response, body, headers string) map[string]struct{} {
|
2020-07-15 00:47:01 +02:00
|
|
|
switch e.extractorType {
|
|
|
|
|
case RegexExtractor:
|
|
|
|
|
if e.part == BodyPart {
|
|
|
|
|
return e.extractRegex(body)
|
|
|
|
|
} else if e.part == HeaderPart {
|
|
|
|
|
return e.extractRegex(headers)
|
|
|
|
|
} else {
|
|
|
|
|
matches := e.extractRegex(headers)
|
|
|
|
|
if len(matches) > 0 {
|
|
|
|
|
return matches
|
|
|
|
|
}
|
|
|
|
|
return e.extractRegex(body)
|
2020-04-06 00:05:01 +05:30
|
|
|
}
|
2020-07-15 00:47:01 +02:00
|
|
|
case KValExtractor:
|
2020-07-16 10:32:00 +02:00
|
|
|
if e.part == HeaderPart {
|
|
|
|
|
return e.extractKVal(resp)
|
|
|
|
|
} else {
|
|
|
|
|
matches := e.extractKVal(resp)
|
|
|
|
|
if len(matches) > 0 {
|
|
|
|
|
return matches
|
|
|
|
|
}
|
2020-07-16 12:47:38 +02:00
|
|
|
return e.extractInlineKVal(resp, "set-cookie")
|
2020-07-16 10:32:00 +02:00
|
|
|
}
|
2020-04-06 00:05:01 +05:30
|
|
|
}
|
2020-07-15 00:47:01 +02:00
|
|
|
|
|
|
|
|
return nil
|
2020-04-06 00:05:01 +05:30
|
|
|
}
|
|
|
|
|
|
2020-04-22 22:45:02 +02:00
|
|
|
// ExtractDNS extracts response from dns message using a regex
|
2020-07-16 10:32:00 +02:00
|
|
|
func (e *Extractor) ExtractDNS(msg *dns.Msg) map[string]struct{} {
|
2020-07-15 00:47:01 +02:00
|
|
|
switch e.extractorType {
|
|
|
|
|
case RegexExtractor:
|
2020-07-16 10:32:00 +02:00
|
|
|
return e.extractRegex(msg.String())
|
2020-07-15 00:47:01 +02:00
|
|
|
case KValExtractor:
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
2020-04-22 22:45:02 +02:00
|
|
|
}
|
|
|
|
|
|
2020-04-06 00:05:01 +05:30
|
|
|
// extractRegex extracts text from a corpus and returns it
|
2020-04-27 23:34:08 +05:30
|
|
|
func (e *Extractor) extractRegex(corpus string) map[string]struct{} {
|
|
|
|
|
results := make(map[string]struct{})
|
2020-04-06 00:44:45 +05:30
|
|
|
for _, regex := range e.regexCompiled {
|
2020-04-27 23:34:08 +05:30
|
|
|
matches := regex.FindAllString(corpus, -1)
|
|
|
|
|
for _, match := range matches {
|
|
|
|
|
results[match] = struct{}{}
|
|
|
|
|
}
|
2020-04-06 00:44:45 +05:30
|
|
|
}
|
|
|
|
|
return results
|
2020-04-06 00:05:01 +05:30
|
|
|
}
|
2020-07-16 10:32:00 +02:00
|
|
|
|
|
|
|
|
// extractKVal extracts text from http response
|
|
|
|
|
func (e *Extractor) extractKVal(r *http.Response) map[string]struct{} {
|
|
|
|
|
results := make(map[string]struct{})
|
|
|
|
|
for _, k := range e.KVal {
|
|
|
|
|
for _, v := range r.Header.Values(k) {
|
|
|
|
|
results[v] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return results
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// extractInlineKVal extracts text from inline corpus
|
|
|
|
|
func (e *Extractor) extractInlineKVal(r *http.Response, key string) map[string]struct{} {
|
|
|
|
|
results := make(map[string]struct{})
|
|
|
|
|
for _, v := range r.Header.Values(key) {
|
2020-07-16 12:47:38 +02:00
|
|
|
for _, token := range strings.Split(v, ";") {
|
2020-07-16 10:32:00 +02:00
|
|
|
semicolon := strings.Index(token, ":")
|
|
|
|
|
key, value := token[:semicolon], token[semicolon:]
|
|
|
|
|
for _, k := range e.KVal {
|
|
|
|
|
if key == k {
|
|
|
|
|
results[value] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return results
|
|
|
|
|
}
|
