onionscan/scans/apache_mod_status.go

package scans

import (
	"github.com/s-rah/onionscan/report"
	"github.com/s-rah/onionscan/utils"
	"log"
	"regexp"
	"strings"
)

func ApacheModStatus(scan Scanner, page string, status int, contents string, report *report.OnionScanReport) {
	if status == 200 {
		r := regexp.MustCompile(`Server Version: (.*)</dt>`)
		serverVersion := r.FindStringSubmatch(string(contents))

		// Check if this looks like a mod_status page. Sometimes sites simply load their index.
		if len(serverVersion) > 1 {
			log.Printf("Detected Apache mod_status Exposed...\033[091mAlert!\033[0m\n")
			report.FoundApacheModStatus = true

			log.Printf("\t Using mod_status Server Version: %s\n", serverVersion[1])
			report.ServerVersion = serverVersion[1]

			// Check for co-hosted onion services.
			log.Printf("Scanning for Co-Hosted Onions\n")
			r = regexp.MustCompile(`[a-z0-9]+.onion(:[0-9]{0-5})?`)
			foundServices := r.FindAllString(string(contents), -1)
			utils.RemoveDuplicates(&foundServices)
			for _, onion := range foundServices {
				if onion != report.HiddenService {
					log.Printf("\t \033[091mAlert!\033[0m Found Co-Hosted Onions: %s\n", onion)
					report.AddRelatedOnionService(onion)
				}
			}

			// Check for co-hosted onion services.
			log.Printf("Scanning for Co-Hosted Clearnet Domains\n")
			r = regexp.MustCompile(`>(([a-zA-Z]{1})|([a-zA-Z]{1}[a-zA-Z]{1})|([a-zA-Z]{1}[0-9]{1})|([0-9]{1}[a-zA-Z]{1})|([a-zA-Z0-9][a-zA-Z0-9-_]{1,61}[a-zA-Z0-9]))\.([a-zA-Z]{2,6}|[a-zA-Z0-9-]{2,30}\.[a-zA-Z]{2,3})`)
			foundServices = r.FindAllString(string(contents), -1)
			utils.RemoveDuplicates(&foundServices)
			for _, domain := range foundServices {
				if strings.Contains(domain, ".onion") == false {
					log.Printf("\t \033[091mAlert!\033[0m Found Co-Hosted Service: %s\n", domain[1:])
					report.AddRelatedClearnetDomain(domain[4:])
				}
			}

			// Check for IP Addresses
			log.Printf("Scanning for IP Addresses (clearweb clients, and servers)\n")
			r = regexp.MustCompile(`(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)`)
			foundIPs := r.FindAllString(string(contents), -1)
			utils.RemoveDuplicates(&foundIPs)
			for _, ip := range foundIPs {
				if ip != "127.0.0.1" {
					log.Printf("\t \033[091mAlert!\033[0m Found IP Address : %s\n", ip)
					report.AddIPAddress(ip)
				}
			}

		}
	}
	if !report.FoundApacheModStatus {
		log.Printf("\tApache mod_status Not Exposed...\033[92mGood!\033[0m\n")
		report.FoundApacheModStatus = false
	}
}
Initial Commit 2016-04-10 00:04:22 +00:00			`package scans`

			`import (`
			`"github.com/s-rah/onionscan/report"`
			`"github.com/s-rah/onionscan/utils"`
			`"log"`
			`"regexp"`
			`"strings"`
			`)`

			`func ApacheModStatus(scan Scanner, page string, status int, contents string, report *report.OnionScanReport) {`
			`if status == 200 {`
			r := regexp.MustCompile(`Server Version: (.*)</dt>`)
			`serverVersion := r.FindStringSubmatch(string(contents))`

			`// Check if this looks like a mod_status page. Sometimes sites simply load their index.`
			`if len(serverVersion) > 1 {`
			`log.Printf("Detected Apache mod_status Exposed...\033[091mAlert!\033[0m\n")`
			`report.FoundApacheModStatus = true`

			`log.Printf("\t Using mod_status Server Version: %s\n", serverVersion[1])`
			`report.ServerVersion = serverVersion[1]`

			`// Check for co-hosted onion services.`
			`log.Printf("Scanning for Co-Hosted Onions\n")`
			r = regexp.MustCompile(`[a-z0-9]+.onion(:[0-9]{0-5})?`)
			`foundServices := r.FindAllString(string(contents), -1)`
			`utils.RemoveDuplicates(&foundServices)`
			`for _, onion := range foundServices {`
			`if onion != report.HiddenService {`
			`log.Printf("\t \033[091mAlert!\033[0m Found Co-Hosted Onions: %s\n", onion)`
			`report.AddRelatedOnionService(onion)`
			`}`
			`}`

			`// Check for co-hosted onion services.`
			`log.Printf("Scanning for Co-Hosted Clearnet Domains\n")`
			r = regexp.MustCompile(`>(([a-zA-Z]{1})\|([a-zA-Z]{1}[a-zA-Z]{1})\|([a-zA-Z]{1}[0-9]{1})\|([0-9]{1}[a-zA-Z]{1})\|([a-zA-Z0-9][a-zA-Z0-9-_]{1,61}[a-zA-Z0-9]))\.([a-zA-Z]{2,6}\|[a-zA-Z0-9-]{2,30}\.[a-zA-Z]{2,3})`)
			`foundServices = r.FindAllString(string(contents), -1)`
			`utils.RemoveDuplicates(&foundServices)`
			`for _, domain := range foundServices {`
			`if strings.Contains(domain, ".onion") == false {`
			`log.Printf("\t \033[091mAlert!\033[0m Found Co-Hosted Service: %s\n", domain[1:])`
			`report.AddRelatedClearnetDomain(domain[4:])`
			`}`
			`}`

			`// Check for IP Addresses`
			`log.Printf("Scanning for IP Addresses (clearweb clients, and servers)\n")`
			r = regexp.MustCompile(`(?:(?:25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)`)
			`foundIPs := r.FindAllString(string(contents), -1)`
			`utils.RemoveDuplicates(&foundIPs)`
			`for _, ip := range foundIPs {`
			`if ip != "127.0.0.1" {`
			`log.Printf("\t \033[091mAlert!\033[0m Found IP Address : %s\n", ip)`
			`report.AddIPAddress(ip)`
			`}`
			`}`

			`}`
			`}`
			`if !report.FoundApacheModStatus {`
			`log.Printf("\tApache mod_status Not Exposed...\033[92mGood!\033[0m\n")`
			`report.FoundApacheModStatus = false`
			`}`
			`}`