add command line argument limiting directory recursion depth
This commit is contained in:
parent
44cc375066
commit
58094f810c
3
main.go
3
main.go
|
@ -20,6 +20,7 @@ func main() {
|
||||||
simpleReport := flag.Bool("simpleReport", true, "print out a simple report detailing what is wrong and how to fix it, true by default")
|
simpleReport := flag.Bool("simpleReport", true, "print out a simple report detailing what is wrong and how to fix it, true by default")
|
||||||
jsonReport := flag.Bool("jsonReport", false, "print out a json report providing a detailed report of the scan.")
|
jsonReport := flag.Bool("jsonReport", false, "print out a json report providing a detailed report of the scan.")
|
||||||
verbose := flag.Bool("verbose", false, "print out a verbose log output of the scan")
|
verbose := flag.Bool("verbose", false, "print out a verbose log output of the scan")
|
||||||
|
directoryDepth := flag.Int("d", 0, "depth of directory scan recursion (default: 0)")
|
||||||
|
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
@ -37,7 +38,7 @@ func main() {
|
||||||
log.SetOutput(ioutil.Discard)
|
log.SetOutput(ioutil.Discard)
|
||||||
}
|
}
|
||||||
|
|
||||||
onionScan := Configure(*torProxyAddress)
|
onionScan := Configure(*torProxyAddress, *directoryDepth)
|
||||||
report, err := onionScan.Scan(hiddenService)
|
report, err := onionScan.Scan(hiddenService)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -8,11 +8,13 @@ import (
|
||||||
|
|
||||||
type OnionScan struct {
|
type OnionScan struct {
|
||||||
TorProxyAddress string
|
TorProxyAddress string
|
||||||
|
DirectoryDepth int
|
||||||
}
|
}
|
||||||
|
|
||||||
func Configure(torProxyAddress string) *OnionScan {
|
func Configure(torProxyAddress string, directoryDepth int) *OnionScan {
|
||||||
onionScan := new(OnionScan)
|
onionScan := new(OnionScan)
|
||||||
onionScan.TorProxyAddress = torProxyAddress
|
onionScan.TorProxyAddress = torProxyAddress
|
||||||
|
onionScan.DirectoryDepth = directoryDepth
|
||||||
return onionScan
|
return onionScan
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -32,7 +34,7 @@ func (os *OnionScan) Scan(hiddenService string) (*report.OnionScanReport, error)
|
||||||
|
|
||||||
// HTTP
|
// HTTP
|
||||||
hps := new(protocol.HTTPProtocolScanner)
|
hps := new(protocol.HTTPProtocolScanner)
|
||||||
hps.ScanProtocol(hiddenService, os.TorProxyAddress, report)
|
hps.ScanProtocol(hiddenService, os.TorProxyAddress, os.DirectoryDepth, report)
|
||||||
|
|
||||||
// SSH
|
// SSH
|
||||||
sps := new(protocol.SSHProtocolScanner)
|
sps := new(protocol.SSHProtocolScanner)
|
||||||
|
|
|
@ -22,7 +22,7 @@ var (
|
||||||
"/products", "/products/cat"}
|
"/products", "/products/cat"}
|
||||||
)
|
)
|
||||||
|
|
||||||
func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress string, report *report.OnionScanReport) {
|
func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress string, directoryDepth int, report *report.OnionScanReport) {
|
||||||
|
|
||||||
// HTTP
|
// HTTP
|
||||||
log.Printf("Checking %s http(80)\n", hiddenService)
|
log.Printf("Checking %s http(80)\n", hiddenService)
|
||||||
|
@ -64,7 +64,7 @@ func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress
|
||||||
directories := append(CommonDirectories, report.PageReferencedDirectories...)
|
directories := append(CommonDirectories, report.PageReferencedDirectories...)
|
||||||
utils.RemoveDuplicates(&directories)
|
utils.RemoveDuplicates(&directories)
|
||||||
for _, directory := range directories {
|
for _, directory := range directories {
|
||||||
hps.ScanPage(hiddenService, directory, report, scans.CheckDirectoryListing)
|
hps.ScanPage(hiddenService, directory, report, scans.CheckDirectoryListing(directoryDepth))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
log.Printf("\n")
|
log.Printf("\n")
|
||||||
|
|
|
@ -7,7 +7,13 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
func CheckDirectoryListing(scan Scanner, dir string, status int, contents string, report *report.OnionScanReport) {
|
func CheckDirectoryListing(depth int) func(Scanner, string, int, string, *report.OnionScanReport) {
|
||||||
|
return func(scan Scanner, dir string, status int, contents string, report *report.OnionScanReport) {
|
||||||
|
CheckDirectoryListingDepth(scan, dir, status, depth, contents, report)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func CheckDirectoryListingDepth(scan Scanner, dir string, status int, depth int, contents string, report *report.OnionScanReport) {
|
||||||
if status == 200 && strings.Contains(string(contents), "Index of "+dir) {
|
if status == 200 && strings.Contains(string(contents), "Index of "+dir) {
|
||||||
log.Printf("Detected Open Directory %s...\033[091mAlert!\033[0m\n", dir)
|
log.Printf("Detected Open Directory %s...\033[091mAlert!\033[0m\n", dir)
|
||||||
|
|
||||||
|
@ -33,7 +39,9 @@ func CheckDirectoryListing(scan Scanner, dir string, status int, contents string
|
||||||
for _, file := range subDir {
|
for _, file := range subDir {
|
||||||
log.Printf("\t Found subdir %s/%s\n", dir, file[1])
|
log.Printf("\t Found subdir %s/%s\n", dir, file[1])
|
||||||
//TODO: We can do further analysis here, for now, just report them.
|
//TODO: We can do further analysis here, for now, just report them.
|
||||||
scan.ScanPage(report.HiddenService, dir+"/"+file[1], report, CheckDirectoryListing)
|
if depth > 0 {
|
||||||
|
scan.ScanPage(report.HiddenService, dir+"/"+file[1], report, CheckDirectoryListing(depth-1))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in New Issue