crash.software
Projects
Pull Requests
Issues
Builds
csprecon
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY csprecon Commits b47213c7
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■
    .golangci.yml
    skipped 24 lines
    25 25   - gosimple
    26 26   - govet
    27 27   - ineffassign
    28  - - lll
    29 28   - misspell
    30 29   - nakedret
    31 30   - nolintlint
    skipped 24 lines
  • ■ ■ ■ ■ ■ ■
    go.mod
    skipped 4 lines
    5 5  require github.com/projectdiscovery/utils v0.0.3
    6 6   
    7 7  require (
     8 + github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect
     9 + github.com/projectdiscovery/fileutil v0.0.0-20220705195237-01becc2a8963 // indirect
     10 + github.com/projectdiscovery/stringsutil v0.0.2 // indirect
     11 +)
     12 + 
     13 +require (
    8 14   github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
    9 15   github.com/aymerick/douceur v0.2.0 // indirect
    10 16   github.com/edoardottt/golazy v0.1.2-dev // indirect
    skipped 4 lines
    15 21   github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
    16 22   github.com/modern-go/reflect2 v1.0.1 // indirect
    17 23   github.com/pkg/errors v0.9.1 // indirect
     24 + github.com/projectdiscovery/goflags v0.1.3
    18 25   github.com/projectdiscovery/gologger v1.1.4 // indirect
    19 26   github.com/saintfish/chardet v0.0.0-20120816061221-3af4cd4741ca // indirect
    20 27   golang.org/x/net v0.1.0 // indirect
    skipped 3 lines
  • ■ ■ ■ ■ ■ ■
    go.sum
    skipped 1 lines
    2 2  github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
    3 3  github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
    4 4  github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
     5 +github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 h1:ox2F0PSMlrAAiAdknSRMDrAr8mfxPCfSZolH+/qQnyQ=
     6 +github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08/go.mod h1:pCxVEbcm3AMg7ejXyorUXi6HQCzOIBf7zEDVPtw0/U4=
    5 7  github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
    6 8  github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
    7 9  github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
    skipped 21 lines
    29 31  github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
    30 32  github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
    31 33  github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
     34 +github.com/projectdiscovery/fileutil v0.0.0-20220705195237-01becc2a8963 h1:4o97N9ftX1J3iKlIRVMPVOVZs4qbCczJvoFF2WA40t4=
     35 +github.com/projectdiscovery/fileutil v0.0.0-20220705195237-01becc2a8963/go.mod h1:DaY7wmLPMleyHDCD/14YApPCDtrARY4J8Eny2ZGsG/g=
     36 +github.com/projectdiscovery/goflags v0.1.3 h1:dnJlg19VkDp1iYkpAod4Tv+OAngr7Mq61LMMpBQlO0M=
     37 +github.com/projectdiscovery/goflags v0.1.3/go.mod h1:/7ZAoY1SVfUcGobTP5QDvGQmrpPDDlBUDIMr7c+r94Q=
    32 38  github.com/projectdiscovery/gologger v1.1.4 h1:qWxGUq7ukHWT849uGPkagPKF3yBPYAsTtMKunQ8O2VI=
    33 39  github.com/projectdiscovery/gologger v1.1.4/go.mod h1:Bhb6Bdx2PV1nMaFLoXNBmHIU85iROS9y1tBuv7T5pMY=
     40 +github.com/projectdiscovery/stringsutil v0.0.0-20220422150559-b54fb5dc6833/go.mod h1:oTRc18WBv9t6BpaN9XBY+QmG28PUpsyDzRht56Qf49I=
     41 +github.com/projectdiscovery/stringsutil v0.0.2 h1:uzmw3IVLJSMW1kEg8eCStG/cGbYYZAja8BH3LqqJXMA=
     42 +github.com/projectdiscovery/stringsutil v0.0.2/go.mod h1:EJ3w6bC5fBYjVou6ryzodQq37D5c6qbAYQpGmAy+DC0=
    34 43  github.com/projectdiscovery/utils v0.0.3 h1:pAjZTGYpnATRc6uaNACdiHv4joZ0Ml7Wpu0dudpcGfM=
    35 44  github.com/projectdiscovery/utils v0.0.3/go.mod h1:ne3eSlZlUKuhjHr8FfsfGcGteCzxcbJvFBx4VDBCxK0=
    36 45  github.com/saintfish/chardet v0.0.0-20120816061221-3af4cd4741ca h1:NugYot0LIVPxTvN8n+Kvkn6TrbMyxQiuvKdEwFdR9vI=
    37 46  github.com/saintfish/chardet v0.0.0-20120816061221-3af4cd4741ca/go.mod h1:uugorj2VCxiV1x+LzaIdVa9b4S4qGAcH6cbhh4qVxOU=
    38 47  github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
     48 +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
    39 49  github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
    40 50  github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
     51 +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
     52 +github.com/stretchr/testify v1.7.3/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
     53 +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
     54 +golang.org/x/net v0.0.0-20221002022538-bcab6841153b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
    41 55  golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
    42 56  golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
     57 +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
     58 +golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
     59 +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
     60 +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
     61 +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
    43 62  gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
    44 63  gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
    45 64  gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
    skipped 4 lines
  • ■ ■ ■ ■ ■ ■
    pkg/csprecon/csp.go
    skipped 136 lines
    137 137   return r
    138 138  }
    139 139   
     140 +func domainOk(input string, domains []string) bool {
     141 + for _, domain := range domains {
     142 + if len(input) > len(domain)+1 && input[len(input)-len(domain)-1:] == "."+domain {
     143 + return true
     144 + }
     145 + }
     146 + 
     147 + return false
     148 +}
     149 + 
  • ■ ■ ■ ■ ■
    pkg/csprecon/csprecon.go
    skipped 3 lines
    4 4   "bufio"
    5 5   "fmt"
    6 6   "os"
    7  - "regexp"
    8 7   "strings"
    9 8   "sync"
    10 9   
    skipped 66 lines
    77 76  func execute(r *Runner) {
    78 77   defer r.InWg.Done()
    79 78   
    80  - regex := regexp.Regexp{}
    81  - 
    82  - if r.Options.Domain != "" {
    83  - regex = *CompileRegex(`.*\.` + r.Options.Domain)
    84  - }
    85  - 
    86 79   dregex := CompileRegex(DomainRegex)
    87 80   
    88 81   for i := 0; i < r.Options.Concurrency; i++ {
    skipped 16 lines
    105 98   
    106 99   for _, res := range result {
    107 100   if resTrimmed := strings.TrimSpace(res); resTrimmed != "" {
    108  - if r.Options.Domain != "" {
    109  - if regex.Match([]byte(resTrimmed)) {
     101 + if len(r.Options.Domain) != 0 {
     102 + if domainOk(resTrimmed, r.Options.Domain) {
    110 103   r.Output <- resTrimmed
    111 104   }
    112 105   } else {
    skipped 42 lines
  • ■ ■ ■ ■ ■ ■
    pkg/input/flags.go
    1 1  package input
    2 2   
    3 3  import (
    4  - "flag"
    5 4   "io"
    6 5   "os"
    7 6   "strings"
    8 7   
    9 8   "github.com/edoardottt/csprecon/pkg/output"
    10  - 
     9 + "github.com/projectdiscovery/goflags"
    11 10   "github.com/projectdiscovery/gologger"
    12 11   "github.com/projectdiscovery/gologger/levels"
    13 12  )
    skipped 7 lines
    21 20   Input string
    22 21   FileInput string
    23 22   FileOutput string
    24  - Domain string
     23 + Domain goflags.StringSlice
    25 24   Verbose bool
    26 25   Output io.Writer
    27 26   Silent bool
    skipped 14 lines
    42 41  func ParseOptions() *Options {
    43 42   options := &Options{}
    44 43   
    45  - flag.StringVar(&options.Input, "u", "", `Input domain`)
    46  - flag.StringVar(&options.FileInput, "l", "", `File containing input domains`)
    47  - flag.StringVar(&options.Domain, "d", "", `Filter results belonging to this domain`)
    48  - flag.StringVar(&options.FileOutput, "o", "", `File to write output results`)
    49  - flag.BoolVar(&options.Verbose, "v", false, `Verbose output`)
    50  - flag.BoolVar(&options.Silent, "s", false, `Print only results`)
    51  - flag.IntVar(&options.Concurrency, "c", DefaultConcurrency, "Concurrency level")
    52  - flag.IntVar(&options.Timeout, "t", DefaultTimeout, "Connection timeout in seconds")
     44 + flagSet := goflags.NewFlagSet()
     45 + flagSet.SetDescription(`Discover new target domains using Content Security Policy.`)
     46 + 
     47 + // Input
     48 + flagSet.CreateGroup("input", "Input",
     49 + flagSet.StringVar(&options.Input, "u", "", `Input domain`),
     50 + flagSet.StringVar(&options.FileInput, "l", "", `File containing input domains`),
     51 + )
    53 52   
    54  - if help() {
     53 + flagSet.CreateGroup("configs", "Configurations",
     54 + flagSet.StringSliceVar(&options.Domain, "d", nil, `Filter results belonging to these domains (comma separated)`, goflags.CommaSeparatedStringSliceOptions),
     55 + flagSet.IntVar(&options.Concurrency, "c", DefaultConcurrency, `Concurrency level`),
     56 + flagSet.IntVar(&options.Timeout, "t", DefaultTimeout, `Connection timeout in seconds`),
     57 + )
     58 + 
     59 + // Output
     60 + flagSet.CreateGroup("output", "Output",
     61 + flagSet.StringVar(&options.FileOutput, "o", "", `File to write output results`),
     62 + flagSet.BoolVar(&options.Verbose, "v", false, `Verbose output`),
     63 + flagSet.BoolVar(&options.Silent, "s", false, `Print only results`),
     64 + )
     65 + 
     66 + if help() || noArgs() || !options.Silent {
    55 67   output.ShowBanner()
    56 68   }
    57 69   
    58  - flag.Parse()
     70 + if err := flagSet.Parse(); err != nil {
     71 + output.ShowBanner()
     72 + gologger.Fatal().Msgf("%s\n", err)
     73 + }
    59 74   
    60 75   // Read the inputs and configure the logging.
    61 76   options.configureOutput()
    62  - 
    63  - if !options.Silent {
    64  - output.ShowBanner()
    65  - }
    66 77   
    67 78   if err := options.validateOptions(); err != nil {
    68 79   gologger.Fatal().Msgf("%s\n", err)
    skipped 14 lines
    83 94   return false
    84 95  }
    85 96   
     97 +func noArgs() bool {
     98 + // User passed no flag.
     99 + return len(os.Args) < 2
     100 +}
     101 + 
  • ■ ■ ■ ■ ■ ■
    pkg/output/output.go
    skipped 5 lines
    6 6   
    7 7  type Result struct {
    8 8   Map map[string]struct{}
    9  - Mutex sync.RWMutex
     9 + Mutex *sync.RWMutex
    10 10  }
    11 11   
    12 12  func New() Result {
    13 13   return Result{
    14 14   Map: map[string]struct{}{},
    15  - Mutex: sync.RWMutex{},
     15 + Mutex: &sync.RWMutex{},
    16 16   }
    17 17  }
    18 18   
    skipped 16 lines
Please wait...
Page is in error, reload to recover