STRLCPY/csprecon

update
edoardottt committed 1 year ago

013d996b

1 parent 10e753c7

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■ ■

pkg/csprecon/csp.go

1	1		package csprecon
2	2
3		-	func checkCSP() {
	3	+	import (
	4	+	"crypto/tls"
	5	+	"fmt"
	6	+	"io/ioutil"
	7	+	"net"
	8	+	"net/http"
	9	+	"time"
	10	+	)
	11	+
	12	+	func checkCSP(url string, client *http.Client) ([]string, error) {
	13	+	return get(url, client)
	14	+	}
	15	+
	16	+	func get(url string, client *http.Client) ([]string, error) {
	17	+	result := []string{}
	18	+	resp, err := client.Get(url)
	19	+
	20	+	if err != nil {
	21	+	return result, nil
	22	+	}
	23	+
	24	+	body, err := ioutil.ReadAll(resp.Body)
	25	+
	26	+	if resp != nil {
	27	+	defer resp.Body.Close()
	28	+	}
	29	+
	30	+	headerCSP := resp.Header.Get("Content-Security-Policy")
	31	+
	32	+	fmt.Println(headerCSP)
	33	+	fmt.Println(string(body))
	34	+
	35	+	return []string{}, nil
	36	+	}
	37	+
	38	+	func customClient(timeout int) *http.Client {
	39	+	//ref: Copy and modify defaults from https://golang.org/src/net/http/transport.go
	40	+	//Note: Clients and Transports should only be created once and reused
	41	+	transport := http.Transport{
	42	+	TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	43	+	Proxy: http.ProxyFromEnvironment,
	44	+	Dial: (&net.Dialer{
	45	+	// Modify the time to wait for a connection to establish
	46	+	Timeout: time.Duration(timeout) * time.Second,
	47	+	KeepAlive: 30 * time.Second,
	48	+	}).Dial,
	49	+	TLSHandshakeTimeout: 10 * time.Second,
	50	+	}
	51	+
	52	+	client := http.Client{
	53	+	Transport: &transport,
	54	+	Timeout: time.Duration(timeout) * time.Second,
	55	+	}
4	56
	57	+	return &client
5	58		}
6	59

■ ■ ■ ■ ■ ■

pkg/csprecon/csprecon.go

		skipped 1 lines
2	2
3	3		import (
4	4		"bufio"
5		-	"fmt"
6		-	"net/url"
	5	+	"net/http"
7	6		"os"
8	7		"sync"
9	8
		skipped 4 lines
14	13		)
15	14
16	15		type Runner struct {
	16	+	Client *http.Client
17	17		Input chan string
18	18		Output chan string
19	19		InWg sync.WaitGroup
		skipped 3 lines
23	23
24	24		func New(options *input.Options) Runner {
25	25		return Runner{
	26	+	Client: customClient(options.Timeout),
26	27		Input: make(chan string),
27	28		Output: make(chan string),
28	29		InWg: sync.WaitGroup{},
		skipped 4 lines
33	34
34	35		func (r *Runner) Run() {
35	36		r.InWg.Add(1)
36		-	go pushInput(&r.InWg, &r.Options, r.Input)
	37	+	go pushInput(r)
37	38
38	39		r.InWg.Add(1)
39		-	go execute(&r.InWg, &r.Options, r.Input, r.Output)
	40	+	go execute(r)
40	41
41	42		r.OutWg.Add(1)
42		-	go pullOutput(&r.OutWg, &r.Options, r.Output)
	43	+	go pullOutput(r)
43	44
44	45		r.InWg.Wait()
45	46
		skipped 1 lines
47	48		r.OutWg.Wait()
48	49		}
49	50
50		-	func pushInput(wg sync.WaitGroup, options input.Options, inputchan chan string) {
51		-	defer wg.Done()
	51	+	func pushInput(r *Runner) {
	52	+	defer r.InWg.Done()
52	53
53	54		if fileutil.HasStdin() {
54	55		scanner := bufio.NewScanner(os.Stdin)
55	56		for scanner.Scan() {
56		-	inputchan <- scanner.Text()
	57	+	r.Input <- scanner.Text()
57	58		}
58	59		}
59	60
60		-	if options.FileInput != "" {
61		-	for _, line := range golazy.ReadFileLineByLine(options.FileInput) {
62		-	inputchan <- line
	61	+	if r.Options.FileInput != "" {
	62	+	for _, line := range golazy.ReadFileLineByLine(r.Options.FileInput) {
	63	+	r.Input <- line
63	64		}
64	65		}
65	66
66		-	if options.Input != "" {
67		-	inputchan <- options.Input
	67	+	if r.Options.Input != "" {
	68	+	r.Input <- r.Options.Input
68	69		}
69	70
70		-	close(inputchan)
	71	+	close(r.Input)
71	72		}
72	73
73		-	func execute(wg sync.WaitGroup, options input.Options, inputchan chan string, outputchan chan string) {
74		-	defer wg.Done()
75		-	for value := range inputchan {
76		-	result, err := checkCSP(value)
	74	+	func execute(r *Runner) {
	75	+	defer r.InWg.Done()
	76	+	for value := range r.Input {
	77	+	result, err := checkCSP(value, r.Client)
77	78		if err == nil {
78		-	fmt.Println(result)
79		-	outputchan <- *result
	79	+	for _, res := range result {
	80	+	r.Output <- res
	81	+	}
80	82		}
81	83		}
82	84		}
83	85
84		-	func pullOutput(wg sync.WaitGroup, options input.Options, outputchan chan string) {
85		-	defer wg.Done()
	86	+	func pullOutput(r *Runner) {
	87	+	defer r.OutWg.Done()
86	88
87		-	for o := range outputchan {
88		-	wg.Add(1)
89		-	go writeOutput(wg, options, o)
	89	+	for o := range r.Output {
	90	+	r.OutWg.Add(1)
	91	+	go writeOutput(&r.OutWg, &r.Options, o)
90	92		}
91	93		}
92	94
93		-	func writeOutput(wg sync.WaitGroup, options input.Options, out url.URL) {
	95	+	func writeOutput(wg sync.WaitGroup, options input.Options, out string) {
94	96		defer wg.Done()
95	97		if options.FileOutput != "" {
96	98		file, err := os.OpenFile(options.FileOutput, os.O_CREATE\|os.O_RDWR\|os.O_APPEND, 0644)
		skipped 3 lines
100	102		options.Output = file
101	103		}
102	104
	105	+	//print output
103	106		//write output to file
104	107		}
105	108

■ ■ ■ ■ ■ ■

pkg/input/flags.go

		skipped 11 lines
12	12		"github.com/projectdiscovery/gologger/levels"
13	13		)
14	14
	15	+	const (
	16	+	DefaultTimeout = 4
	17	+	DefaultConcurrency = 100
	18	+	)
	19	+
15	20		type Options struct {
16	21		Input string
17	22		FileInput string
		skipped 23 lines
41	46		flag.StringVar(&options.FileOutput, "o", "", `Output File`)
42	47		flag.BoolVar(&options.Verbose, "v", false, `Be verbose`)
43	48		flag.BoolVar(&options.Silent, "s", false, `Print only results`)
44		-	flag.IntVar(&options.Concurrency, "c", 100, "Concurrency level (default 100)")
45		-	flag.IntVar(&options.Timeout, "t", 4, "Connection timeout in seconds")
	49	+	flag.IntVar(&options.Concurrency, "c", DefaultConcurrency, "Concurrency level (default 100)")
	50	+	flag.IntVar(&options.Timeout, "t", DefaultTimeout, "Connection timeout in seconds")
46	51
47	52		if help() {
48	53		output.ShowBanner()
		skipped 30 lines

update