crash.software
Projects
Pull Requests
Issues
Builds
goc2
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY goc2 Commits f831555d
🤬
  • ■ ■ ■ ■ ■ ■
    web/server.go
     1 +package web
     2 + 
     3 +import (
     4 + "RedMap/internal/app/api"
     5 + "encoding/json"
     6 + "fmt"
     7 + "log"
     8 + "net/http"
     9 + 
     10 + "text/template"
     11 + 
     12 + "github.com/globalsign/mgo/bson"
     13 + "github.com/julienschmidt/httprouter"
     14 +)
     15 + 
     16 +type Todo struct {
     17 + Title string
     18 + Done bool
     19 +}
     20 + 
     21 +type TodoPageData struct {
     22 + PageTitle string
     23 + ScanID string
     24 + Todos []Todo
     25 +}
     26 + 
     27 +type domainObject struct {
     28 + ID bson.ObjectId `bson:"_id,omitempty"`
     29 + Type string
     30 + Hostname string
     31 + Domain string
     32 + Private bool
     33 + Ipv4 string
     34 +}
     35 + 
     36 +//Start the Web Server
     37 +func Start() {
     38 + router := httprouter.New()
     39 + 
     40 + //Main Entry
     41 + router.GET("/api/reports", apiReports)
     42 + router.GET("/", reports)
     43 + 
     44 + router.GET("/scan", scan)
     45 + router.POST("/api/scan", apiScan)
     46 + 
     47 + //Services Endpoints
     48 + router.GET("/api/services/:name", apiServices)
     49 + router.GET("/services/:name", services)
     50 + router.GET("/services/", redirect)
     51 + 
     52 + //Vulnerabilities Endpoints
     53 + router.GET("/api/vulns/:name", apiVulns)
     54 + router.GET("/vulns/:name", vulns)
     55 + router.GET("/vulns/", redirect)
     56 + 
     57 + //Secrets Endpoints
     58 + router.GET("/api/secrets/:name", apiSecrets)
     59 + router.GET("/secrets/:name", secrets)
     60 + router.GET("/secrets/", redirect)
     61 + 
     62 + //Users Endpoints
     63 + router.GET("/api/users/:name", apiUsers)
     64 + router.GET("/users/:name", users)
     65 + router.GET("/users/", redirect)
     66 + 
     67 + //Sub Endpoints
     68 + router.GET("/api/sub/:name", apiSub)
     69 + router.GET("/sub/:name", sub)
     70 + router.GET("/sub/", redirect)
     71 + 
     72 + fmt.Printf("Starting server at port 8005\n")
     73 + if err := http.ListenAndServe(":8005", router); err != nil {
     74 + log.Fatal(err)
     75 + }
     76 +}
     77 + 
     78 +func redirect(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     79 + 
     80 + http.Redirect(w, r, "/", 301)
     81 +}
     82 + 
     83 +func scan(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     84 + w.Header().Set("Content-Type", "text/html")
     85 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-scan.html"))
     86 + data := TodoPageData{
     87 + PageTitle: "RedMap - Reports",
     88 + }
     89 + tmpl.ExecuteTemplate(w, "base", data)
     90 +}
     91 + 
     92 +func apiScan(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     93 + w.Header().Set("Content-Type", "application/json")
     94 + if err := r.ParseForm(); err != nil {
     95 + fmt.Fprintf(w, "ParseForm() err: %v", err)
     96 + return
     97 + }
     98 + 
     99 + domains := r.FormValue("domains")
     100 + git := r.FormValue("git")
     101 + email := r.FormValue("email")
     102 + scanner := r.FormValue("scanner")
     103 + 
     104 + jsond := map[string]interface{}{
     105 + "status": "Scan Started",
     106 + }
     107 + 
     108 + jsondata, err := json.Marshal(jsond)
     109 + if err != nil {
     110 + log.Fatalln(err)
     111 + }
     112 + fmt.Fprintf(w, string(jsondata))
     113 + go api.WebScan(domains, git, email, scanner)
     114 +}
     115 + 
     116 +func apiReports(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     117 + w.Header().Set("Content-Type", "application/json")
     118 + 
     119 + fmt.Fprintf(w, "%s", api.GetReports())
     120 +}
     121 + 
     122 +func reports(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     123 + w.Header().Set("Content-Type", "text/html")
     124 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-reports.html"))
     125 + data := TodoPageData{
     126 + PageTitle: "RedMap - Reports",
     127 + ScanID: ps.ByName("name"),
     128 + }
     129 + tmpl.ExecuteTemplate(w, "base", data)
     130 +}
     131 + 
     132 +func apiServices(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     133 + w.Header().Set("Content-Type", "application/json")
     134 + d := api.GetServices(ps.ByName("name"))
     135 + 
     136 + fmt.Fprintf(w, "%s", string(d))
     137 +}
     138 + 
     139 +func services(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     140 + w.Header().Set("Content-Type", "text/html")
     141 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-services.html"))
     142 + data := TodoPageData{
     143 + PageTitle: "RedMap - Services",
     144 + ScanID: ps.ByName("name"),
     145 + Todos: []Todo{
     146 + {Title: "Task 1", Done: false},
     147 + {Title: "Task 2", Done: true},
     148 + {Title: "Task 3", Done: true},
     149 + },
     150 + }
     151 + tmpl.ExecuteTemplate(w, "base", data)
     152 +}
     153 + 
     154 +func apiVulns(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     155 + w.Header().Set("Content-Type", "application/json")
     156 + d := api.GetVulns(ps.ByName("name"))
     157 + 
     158 + fmt.Fprintf(w, "%s", string(d))
     159 +}
     160 + 
     161 +func vulns(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     162 + w.Header().Set("Content-Type", "text/html")
     163 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-vulns.html"))
     164 + data := TodoPageData{
     165 + PageTitle: "RedMap - Vulnerabilities",
     166 + ScanID: ps.ByName("name"),
     167 + Todos: []Todo{
     168 + {Title: "Task 1", Done: false},
     169 + {Title: "Task 2", Done: true},
     170 + {Title: "Task 3", Done: true},
     171 + },
     172 + }
     173 + tmpl.ExecuteTemplate(w, "base", data)
     174 +}
     175 + 
     176 +func apiSecrets(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     177 + w.Header().Set("Content-Type", "application/json")
     178 + d := api.GetSecrets(ps.ByName("name"))
     179 + 
     180 + fmt.Fprintf(w, "%s", string(d))
     181 +}
     182 + 
     183 +func secrets(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     184 + w.Header().Set("Content-Type", "text/html")
     185 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-secrets.html"))
     186 + data := TodoPageData{
     187 + PageTitle: "RedMap - Secrets",
     188 + ScanID: ps.ByName("name"),
     189 + Todos: []Todo{
     190 + {Title: "Task 1", Done: false},
     191 + {Title: "Task 2", Done: true},
     192 + {Title: "Task 3", Done: true},
     193 + },
     194 + }
     195 + tmpl.ExecuteTemplate(w, "base", data)
     196 +}
     197 + 
     198 +func apiUsers(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     199 + w.Header().Set("Content-Type", "application/json")
     200 + d := api.GetEmails(ps.ByName("name"))
     201 + 
     202 + fmt.Fprintf(w, "%s", string(d))
     203 +}
     204 + 
     205 +func users(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     206 + w.Header().Set("Content-Type", "text/html")
     207 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-users.html"))
     208 + data := TodoPageData{
     209 + PageTitle: "RedMap - Users",
     210 + ScanID: ps.ByName("name"),
     211 + Todos: []Todo{
     212 + {Title: "Task 1", Done: false},
     213 + {Title: "Task 2", Done: true},
     214 + {Title: "Task 3", Done: true},
     215 + },
     216 + }
     217 + tmpl.ExecuteTemplate(w, "base", data)
     218 +}
     219 + 
     220 +func apiSub(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     221 + w.Header().Set("Content-Type", "application/json")
     222 + d := api.GetSubs(ps.ByName("name"))
     223 + 
     224 + fmt.Fprintf(w, "%s", string(d))
     225 +}
     226 + 
     227 +func sub(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
     228 + w.Header().Set("Content-Type", "text/html")
     229 + tmpl := template.Must(template.ParseFiles("web/template/base.html", "web/template/tmp-sub.html"))
     230 + data := TodoPageData{
     231 + PageTitle: "RedMap - Subdomain Takeovers",
     232 + ScanID: ps.ByName("name"),
     233 + Todos: []Todo{
     234 + {Title: "Task 1", Done: false},
     235 + {Title: "Task 2", Done: true},
     236 + {Title: "Task 3", Done: true},
     237 + },
     238 + }
     239 + tmpl.ExecuteTemplate(w, "base", data)
     240 +}
     241 + 
     242 +func helloHandler(w http.ResponseWriter, r *http.Request) {
     243 + if r.URL.Path != "/hello" {
     244 + http.Error(w, "404 not found.", http.StatusNotFound)
     245 + return
     246 + }
     247 + 
     248 + if r.Method != "GET" {
     249 + http.Error(w, "Method is not supported.", http.StatusNotFound)
     250 + return
     251 + }
     252 + 
     253 + fmt.Fprintf(w, "Hello!")
     254 +}
     255 + 
     256 +func formHandler(w http.ResponseWriter, r *http.Request) {
     257 + w.Header().Set("Content-Type", "application/json")
     258 + if err := r.ParseForm(); err != nil {
     259 + fmt.Fprintf(w, "ParseForm() err: %v", err)
     260 + return
     261 + }
     262 + //fmt.Fprintf(w, "POST request successful")
     263 + //name := r.FormValue("name")
     264 + //address := r.FormValue("address")
     265 + 
     266 + //fmt.Fprintf(w, "Name = %s\n", name)
     267 + //fmt.Fprintf(w, "Address = %s\n", address)
     268 + json := "{'status': 'started'}"
     269 + fmt.Fprintf(w, json)
     270 +}
     271 + 
Please wait...
Page is in error, reload to recover