diff --git a/v2/go.mod b/v2/go.mod index 8dab814d4..9a19c6ba1 100644 --- a/v2/go.mod +++ b/v2/go.mod @@ -19,7 +19,9 @@ require ( github.com/projectdiscovery/retryablehttp-go v1.0.1 github.com/remeh/sizedwaitgroup v1.0.0 github.com/spaolacci/murmur3 v1.1.0 + github.com/stretchr/testify v1.5.1 github.com/vbauerster/mpb/v5 v5.3.0 + go.uber.org/atomic v1.7.0 // indirect go.uber.org/ratelimit v0.1.0 golang.org/x/net v0.0.0-20201016165138-7b1cca2348c0 gopkg.in/yaml.v2 v2.3.0 diff --git a/v2/go.sum b/v2/go.sum index d64f03e23..11d1603e3 100644 --- a/v2/go.sum +++ b/v2/go.sum @@ -1,30 +1,31 @@ -github.com/Knetic/govaluate v1.5.0 h1:L4MyqdJSld9xr2eZcZHCWLfeIX2SBjqrwIKG1pcm/+4= github.com/Knetic/govaluate v3.0.0+incompatible h1:7o6+MAPhYTCF0+fdvoz1xDedhRb4f6s9Tn1Tt7/WTEg= github.com/Knetic/govaluate v3.0.0+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= +github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM= github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA= github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpHMqeKTCYkitsPqHNxTmd4SNR5r94FGM8= github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= -github.com/blang/semver v1.1.0 h1:ol1rO7QQB5uy7umSNV7VAmLugfLRD+17sYJujRNYPhg= +github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/coocood/freecache v1.1.0 h1:ENiHOsWdj1BrrlPwblhbn4GdAsMymK3pZORJ+bJGAjA= -github.com/coocood/freecache v1.1.0/go.mod h1:ePwxCDzOYvARfHdr1pByNct1at3CoKnsipOHwKlNbzI= -github.com/d5/tengo v1.24.8 h1:PRJ+NWt7ae/9sSbIfThOBTkPSvNV+dwYoBAvwfNgNJY= +github.com/chris-ramon/douceur v0.2.0/go.mod h1:wDW5xjJdeoMm1mRt4sD4c/LbF/mWdEpRXQKjTR8nIBE= +github.com/coocood/freecache v1.1.1 h1:uukNF7QKCZEdZ9gAV7WQzvh0SbjwdMF6m3x3rxEkaPc= +github.com/coocood/freecache v1.1.1/go.mod h1:OKrEjkGVoxZhyWAJoeFi5BMLUJm2Tit0kpGkIr7NGYY= github.com/d5/tengo/v2 v2.6.2 h1:AnPhA/Y5qrNLb5QSWHU9uXq25T3QTTdd2waTgsAHMdc= github.com/d5/tengo/v2 v2.6.2/go.mod h1:XRGjEs5I9jYIKTxly6HCF8oiiilk5E/RYXOZ5b0DZC8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY= github.com/google/go-github/v32 v32.1.0 h1:GWkQOdXqviCPx7Q7Fj+KyPoGm4SwHRh8rheoPhd27II= github.com/google/go-github/v32 v32.1.0/go.mod h1:rIEpZD9CTDQwDK9GDrtMTycQNA4JU3qBsCizh3q2WCI= github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c= github.com/hbakhtiyor/strsim v0.0.0-20190107154042-4d2bbb273edf/go.mod h1:V99KdStnMHZsvVOwIvhfcUzYgYkRZeQWUtumtL+SKxA= github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -35,8 +36,9 @@ github.com/logrusorgru/aurora v2.0.3+incompatible h1:tOpm7WcpBTn4fjmVfgpQq0EfczG github.com/logrusorgru/aurora v2.0.3+incompatible/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4= github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc= +github.com/microcosm-cc/bluemonday v1.0.4/go.mod h1:8iwZnFn2CDDNZ0r6UXhF4xawGvzaqzCRa1n3/lO3W2w= github.com/miekg/dns v1.1.29/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= +github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/dns v1.1.33 h1:8KUVEKrUw2dmu1Ys0aWnkEJgoRaLAzNysfCh2KSMWiI= github.com/miekg/dns v1.1.33/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc= @@ -45,12 +47,16 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLD github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/projectdiscovery/gologger v1.0.0/go.mod h1:Ok+axMqK53bWNwDSU1nTNwITLYMXMdZtRc8/y1c7sWE= +github.com/projectdiscovery/cdncheck v0.0.0-20200910082712-19e1db650e26/go.mod h1:+CNeKlAVwecauIkA+PBNoA7zXGm4MZhL3KKFkkpIaZw= +github.com/projectdiscovery/fdmax v0.0.2/go.mod h1:mbR7lJ9EONyxEfcsL2LlGtOSlzCQ5VraLzoJa/VTrAs= github.com/projectdiscovery/gologger v1.0.1 h1:FzoYQZnxz9DCvSi/eg5A6+ET4CQ0CDUs27l6Exr8zMQ= github.com/projectdiscovery/gologger v1.0.1/go.mod h1:Ok+axMqK53bWNwDSU1nTNwITLYMXMdZtRc8/y1c7sWE= -github.com/projectdiscovery/httpx v1.0.2 h1:g7EeRAPckZgWcHkcAH2Qzv9MkRACVRLF+T2LJcM7SCk= -github.com/projectdiscovery/httpx v1.0.2/go.mod h1:OwvMc5ogx69xukKXY6kIrDP6dgOYr4VtEWyr6o573Xs= +github.com/projectdiscovery/httpx v1.0.2 h1:I2jXn8FPW3cjrk0izQgCRpPt1cShWU5IkzyoLSZO9TU= +github.com/projectdiscovery/httpx v1.0.2/go.mod h1:N3YfUNqeDuVgHdHawzOiwepuPBP5KexlL7CwQqDif6M= +github.com/projectdiscovery/mapcidr v0.0.4/go.mod h1:ALOIj6ptkWujNoX8RdQwB2mZ+kAmKuLJBq9T5gR5wG0= +github.com/projectdiscovery/rawhttp v0.0.0-20200901223513-8a8a0cef2693/go.mod h1:RkML6Yq6hf4z2wAUXisa15al4bS+wuJnlhM5ZOfn9k4= github.com/projectdiscovery/rawhttp v0.0.4 h1:O5IreNGk83d4xTD9e6SpkKbX0sHTs8K1Q33Bz4eYl2E= github.com/projectdiscovery/rawhttp v0.0.4/go.mod h1:PQERZAhAv7yxI/hR6hdDPgK1WTU56l204BweXrBec+0= github.com/projectdiscovery/retryabledns v1.0.4 h1:0Va7qHlWQsIXjRLISTjzfN3tnJmHYDudY05Nu3IJd60= @@ -64,12 +70,15 @@ github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasO github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/vbauerster/mpb v1.1.3 h1:IRgic8VFaURXkW0VxDLkNOiNaAgtw0okB2YIaVvJDI4= -github.com/vbauerster/mpb v3.4.0+incompatible h1:mfiiYw87ARaeRW6x5gWwYRUawxaW1tLAD8IceomUCNw= github.com/vbauerster/mpb/v5 v5.3.0 h1:vgrEJjUzHaSZKDRRxul5Oh4C72Yy/5VEMb0em+9M0mQ= github.com/vbauerster/mpb/v5 v5.3.0/go.mod h1:4yTkvAb8Cm4eylAp6t0JRq6pXDkFJ4krUlDqWYkakAs= +github.com/yl2chen/cidranger v1.0.0/go.mod h1:L7Msw4X7EQK7zMVjOtv7o8xMyjv1rJcNlYlMgGwP7ko= +go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/ratelimit v0.1.0 h1:U2AruXqeTb4Eh9sYQSTrMhH8Cb7M0Ian2ibBOnBcnAw= go.uber.org/ratelimit v0.1.0/go.mod h1:2X8KaoNd1J0lZV+PxJk/5+DGbO/tpwLR1m++a7FnB/Y= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -82,10 +91,11 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200904194848-62affa334b73/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201016165138-7b1cca2348c0 h1:5kGOVHlq0euqwzgTC9Vu15p6fV1Wi0ArVi8da2urnVg= golang.org/x/net v0.0.0-20201016165138-7b1cca2348c0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -100,6 +110,7 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= diff --git a/v2/internal/runner/templates.go b/v2/internal/runner/templates.go index 9b7d4bada..f133b390b 100644 --- a/v2/internal/runner/templates.go +++ b/v2/internal/runner/templates.go @@ -136,16 +136,16 @@ func (r *Runner) getParsedTemplatesFor(templatePaths []string, severities string switch tp := t.(type) { case *templates.Template: // only include if severity matches or no severity filtering - sev := strings.ToLower(tp.Info.Severity) + sev := strings.ToLower(tp.Info["severity"]) if !filterBySeverity || hasMatchingSeverity(sev, allSeverities) { parsedTemplates = append(parsedTemplates, tp) - gologger.Infof("%s\n", r.templateLogMsg(tp.ID, tp.Info.Name, tp.Info.Author, tp.Info.Severity)) + gologger.Infof("%s\n", r.templateLogMsg(tp.ID, tp.Info["name"], tp.Info["author"], tp.Info["severity"])) } else { gologger.Warningf("Excluding template %s due to severity filter (%s not in [%s])", tp.ID, sev, severities) } case *workflows.Workflow: parsedTemplates = append(parsedTemplates, tp) - gologger.Infof("%s\n", r.templateLogMsg(tp.ID, tp.Info.Name, tp.Info.Author, tp.Info.Severity)) + gologger.Infof("%s\n", r.templateLogMsg(tp.ID, tp.Info["name"], tp.Info["author"], tp.Info["severity"])) workflowCount++ default: gologger.Errorf("Could not parse file '%s': %s\n", match, err) @@ -198,9 +198,9 @@ func (r *Runner) logAvailableTemplate(tplPath string) { if t != nil { switch tp := t.(type) { case *templates.Template: - gologger.Silentf("%s\n", r.templateLogMsg(tp.ID, tp.Info.Name, tp.Info.Author, tp.Info.Severity)) + gologger.Silentf("%s\n", r.templateLogMsg(tp.ID, tp.Info["name"], tp.Info["author"], tp.Info["severity"])) case *workflows.Workflow: - gologger.Silentf("%s\n", r.templateLogMsg(tp.ID, tp.Info.Name, tp.Info.Author, tp.Info.Severity)) + gologger.Silentf("%s\n", r.templateLogMsg(tp.ID, tp.Info["name"], tp.Info["author"], tp.Info["severity"])) default: gologger.Errorf("Could not parse file '%s': %s\n", tplPath, err) } diff --git a/v2/pkg/executer/dns_utils.go b/v2/pkg/executer/dns_utils.go deleted file mode 100644 index 21782ac5a..000000000 --- a/v2/pkg/executer/dns_utils.go +++ /dev/null @@ -1,30 +0,0 @@ -package executer - -import "net/url" - -// isURL tests a string to determine if it is a well-structured url or not. -func isURL(toTest string) bool { - _, err := url.ParseRequestURI(toTest) - if err != nil { - return false - } - - u, err := url.Parse(toTest) - if err != nil || u.Scheme == "" || u.Host == "" { - return false - } - - return true -} - -// extractDomain extracts the domain name of a URL -func extractDomain(theURL string) string { - u, err := url.Parse(theURL) - if err != nil { - return "" - } - - hostname := u.Hostname() - - return hostname -} diff --git a/v2/pkg/executer/output_dns.go b/v2/pkg/executer/output_dns.go index 70e694ff2..09cac593e 100644 --- a/v2/pkg/executer/output_dns.go +++ b/v2/pkg/executer/output_dns.go @@ -14,36 +14,29 @@ import ( // nolint:interfacer // dns.Msg is out of current scope func (e *DNSExecuter) writeOutputDNS(domain string, req, resp *dns.Msg, matcher *matchers.Matcher, extractorResults []string) { if e.jsonOutput { - output := jsonOutput{ - Template: e.template.ID, - Type: "dns", - Matched: domain, - Name: e.template.Info.Name, - Severity: e.template.Info.Severity, - Author: e.template.Info.Author, - Description: e.template.Info.Description, + output := make(jsonOutput) + output["template"] = e.template.ID + output["type"] = "dns" + output["matched"] = domain + for k, v := range e.template.Info { + output[k] = v } - if matcher != nil && len(matcher.Name) > 0 { - output.MatcherName = matcher.Name + output["matcher_name"] = matcher.Name } - if len(extractorResults) > 0 { - output.ExtractedResults = extractorResults + output["extracted_results"] = extractorResults } - if e.jsonRequest { - output.Request = req.String() - output.Response = resp.String() + output["request"] = req.String() + output["response"] = resp.String() } data, err := jsoniter.Marshal(output) if err != nil { gologger.Warningf("Could not marshal json output: %s\n", err) } - gologger.Silentf("%s", string(data)) - if e.writer != nil { if err := e.writer.Write(data); err != nil { gologger.Errorf("Could not write output data: %s\n", err) @@ -68,9 +61,9 @@ func (e *DNSExecuter) writeOutputDNS(domain string, req, resp *dns.Msg, matcher builder.WriteString(colorizer.Colorizer.BrightBlue("dns").String()) builder.WriteString("] ") - if e.template.Info.Severity != "" { + if e.template.Info["severity"] != "" { builder.WriteString("[") - builder.WriteString(colorizer.GetColorizedSeverity(e.template.Info.Severity)) + builder.WriteString(colorizer.GetColorizedSeverity(e.template.Info["severity"])) builder.WriteString("] ") } diff --git a/v2/pkg/executer/output_http.go b/v2/pkg/executer/output_http.go index a6f17bfbd..42a721954 100644 --- a/v2/pkg/executer/output_http.go +++ b/v2/pkg/executer/output_http.go @@ -24,23 +24,19 @@ func (e *HTTPExecuter) writeOutputHTTP(req *requests.HTTPRequest, resp *http.Res } if e.jsonOutput { - output := jsonOutput{ - Template: e.template.ID, - Type: "http", - Matched: URL, - Name: e.template.Info.Name, - Severity: e.template.Info.Severity, - Author: e.template.Info.Author, - Description: e.template.Info.Description, - Meta: meta, + output := make(jsonOutput) + output["template"] = e.template.ID + output["type"] = "http" + output["matched"] = URL + output["meta"] = meta + for k, v := range e.template.Info { + output[k] = v } - if matcher != nil && len(matcher.Name) > 0 { - output.MatcherName = matcher.Name + output["matcher_name"] = matcher.Name } - if len(extractorResults) > 0 { - output.ExtractedResults = extractorResults + output["extracted_results"] = extractorResults } // TODO: URL should be an argument @@ -49,24 +45,21 @@ func (e *HTTPExecuter) writeOutputHTTP(req *requests.HTTPRequest, resp *http.Res if err != nil { gologger.Warningf("could not dump request: %s\n", err) } else { - output.Request = string(dumpedRequest) + output["request"] = string(dumpedRequest) } dumpedResponse, err := httputil.DumpResponse(resp, false) - if err != nil { gologger.Warningf("could not dump response: %s\n", err) } else { - output.Response = string(dumpedResponse) + body + output["response"] = string(dumpedResponse) + body } } data, err := jsoniter.Marshal(output) - if err != nil { gologger.Warningf("Could not marshal json output: %s\n", err) } - gologger.Silentf("%s", string(data)) if e.writer != nil { @@ -75,7 +68,6 @@ func (e *HTTPExecuter) writeOutputHTTP(req *requests.HTTPRequest, resp *http.Res return } } - return } @@ -94,9 +86,9 @@ func (e *HTTPExecuter) writeOutputHTTP(req *requests.HTTPRequest, resp *http.Res builder.WriteString(colorizer.Colorizer.BrightBlue("http").String()) builder.WriteString("] ") - if e.template.Info.Severity != "" { + if e.template.Info["severity"] != "" { builder.WriteString("[") - builder.WriteString(colorizer.GetColorizedSeverity(e.template.Info.Severity)) + builder.WriteString(colorizer.GetColorizedSeverity(e.template.Info["severity"])) builder.WriteString("] ") } diff --git a/v2/pkg/executer/http_utils.go b/v2/pkg/executer/utils.go similarity index 73% rename from v2/pkg/executer/http_utils.go rename to v2/pkg/executer/utils.go index 8937367ae..c31d125ab 100644 --- a/v2/pkg/executer/http_utils.go +++ b/v2/pkg/executer/utils.go @@ -2,10 +2,14 @@ package executer import ( "net/http" + "net/url" "strings" "unsafe" ) +type jsonOutput map[string]interface{} + +/* type jsonOutput struct { Template string `json:"template"` Type string `json:"type"` @@ -19,7 +23,7 @@ type jsonOutput struct { Request string `json:"request,omitempty"` Response string `json:"response,omitempty"` Meta map[string]interface{} `json:"meta,omitempty"` -} +}*/ // unsafeToString converts byte slice to string with zero allocations func unsafeToString(bs []byte) string { @@ -43,9 +47,29 @@ func headersToString(headers http.Header) string { builder.WriteString(": ") } } - builder.WriteRune('\n') } - return builder.String() } + +// isURL tests a string to determine if it is a well-structured url or not. +func isURL(toTest string) bool { + _, err := url.ParseRequestURI(toTest) + if err != nil { + return false + } + u, err := url.Parse(toTest) + if err != nil || u.Scheme == "" || u.Host == "" { + return false + } + return true +} + +// extractDomain extracts the domain name of a URL +func extractDomain(theURL string) string { + u, err := url.Parse(theURL) + if err != nil { + return "" + } + return u.Hostname() +} diff --git a/v2/pkg/templates/templates.go b/v2/pkg/templates/templates.go index c6c0a22c1..4b2ebfdce 100644 --- a/v2/pkg/templates/templates.go +++ b/v2/pkg/templates/templates.go @@ -9,7 +9,7 @@ type Template struct { // ID is the unique id for the template ID string `yaml:"id"` // Info contains information about the template - Info Info `yaml:"info"` + Info map[string]string `yaml:"info"` // BulkRequestsHTTP contains the http request to make in the template BulkRequestsHTTP []*requests.BulkHTTPRequest `yaml:"requests,omitempty"` // RequestsDNS contains the dns request to make in the template @@ -22,18 +22,6 @@ func (t *Template) GetPath() string { return t.path } -// Info contains information about the request template -type Info struct { - // Name is the name of the template - Name string `yaml:"name"` - // Author is the name of the author of the template - Author string `yaml:"author"` - // Severity optionally describes the severity of the template - Severity string `yaml:"severity,omitempty"` - // Description optionally describes the template. - Description string `yaml:"description,omitempty"` -} - func (t *Template) GetHTTPRequestCount() int64 { var count int64 = 0 for _, request := range t.BulkRequestsHTTP { diff --git a/v2/pkg/workflows/workflows.go b/v2/pkg/workflows/workflows.go index ba067fba8..07fe6e9ef 100644 --- a/v2/pkg/workflows/workflows.go +++ b/v2/pkg/workflows/workflows.go @@ -5,7 +5,7 @@ type Workflow struct { // ID is the unique id for the template ID string `yaml:"id"` // Info contains information about the template - Info Info `yaml:"info"` + Info map[string]string `yaml:"info"` // CookieReuse makes all cookies shared by templates within the workflow CookieReuse bool `yaml:"cookie-reuse,omitempty"` // Variables contains the variables accessible to the pseudo-code @@ -19,15 +19,3 @@ type Workflow struct { func (w *Workflow) GetPath() string { return w.path } - -// Info contains information about workflow -type Info struct { - // Name is the name of the workflow - Name string `yaml:"name"` - // Author is the name of the author of the workflow - Author string `yaml:"author"` - // Severity optionally describes the severity of the template - Severity string `yaml:"severity,omitempty"` - // Description optionally describes the template. - Description string `yaml:"description,omitempty"` -}