add command line argument limiting directory recursion depth

main.go

@@ -20,6 +20,7 @@ func main() {
 	simpleReport := flag.Bool("simpleReport", true, "print out a simple report detailing what is wrong and how to fix it, true by default")
 	jsonReport := flag.Bool("jsonReport", false, "print out a json report providing a detailed report of the scan.")
 	verbose := flag.Bool("verbose", false, "print out a verbose log output of the scan")
+	directoryDepth := flag.Int("d", 0, "depth of directory scan recursion (default: 0)")
 
 	flag.Parse()
 
@@ -37,7 +38,7 @@ func main() {
 		log.SetOutput(ioutil.Discard)
 	}
 
-	onionScan := Configure(*torProxyAddress)
+	onionScan := Configure(*torProxyAddress, *directoryDepth)
 	report, err := onionScan.Scan(hiddenService)
 
 	if err != nil {

onionscan.go

@@ -8,11 +8,13 @@ import (
 
 type OnionScan struct {
 	TorProxyAddress string
+	DirectoryDepth  int
 }
 
-func Configure(torProxyAddress string) *OnionScan {
+func Configure(torProxyAddress string, directoryDepth int) *OnionScan {
 	onionScan := new(OnionScan)
 	onionScan.TorProxyAddress = torProxyAddress
+	onionScan.DirectoryDepth = directoryDepth
 	return onionScan
 }
 
@@ -32,7 +34,7 @@ func (os *OnionScan) Scan(hiddenService string) (*report.OnionScanReport, error)
 
 	// HTTP
 	hps := new(protocol.HTTPProtocolScanner)
-	hps.ScanProtocol(hiddenService, os.TorProxyAddress, report)
+	hps.ScanProtocol(hiddenService, os.TorProxyAddress, os.DirectoryDepth, report)
 
 	// SSH
 	sps := new(protocol.SSHProtocolScanner)

protocol/http_scanner.go

@@ -22,7 +22,7 @@ var (
 		"/products", "/products/cat"}
 )
 
-func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress string, report *report.OnionScanReport) {
+func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress string, directoryDepth int, report *report.OnionScanReport) {
 
 	// HTTP
 	log.Printf("Checking %s http(80)\n", hiddenService)
@@ -64,7 +64,7 @@ func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress
 		directories := append(CommonDirectories, report.PageReferencedDirectories...)
 		utils.RemoveDuplicates(&directories)
 		for _, directory := range directories {
-			hps.ScanPage(hiddenService, directory, report, scans.CheckDirectoryListing)
+			hps.ScanPage(hiddenService, directory, report, scans.CheckDirectoryListing(directoryDepth))
 		}
 	}
 	log.Printf("\n")

scans/check_directory_listing.go

@@ -7,7 +7,13 @@ import (
 	"strings"
 )
 
-func CheckDirectoryListing(scan Scanner, dir string, status int, contents string, report *report.OnionScanReport) {
+func CheckDirectoryListing(depth int) func(Scanner, string, int, string, *report.OnionScanReport) {
+	return func(scan Scanner, dir string, status int, contents string, report *report.OnionScanReport) {
+		CheckDirectoryListingDepth(scan, dir, status, depth, contents, report)
+	}
+}
+
+func CheckDirectoryListingDepth(scan Scanner, dir string, status int, depth int, contents string, report *report.OnionScanReport) {
 	if status == 200 && strings.Contains(string(contents), "Index of "+dir) {
 		log.Printf("Detected Open Directory %s...\033[091mAlert!\033[0m\n", dir)
 
@@ -33,7 +39,9 @@ func CheckDirectoryListing(scan Scanner, dir string, status int, contents string
 		for _, file := range subDir {
 			log.Printf("\t Found subdir %s/%s\n", dir, file[1])
 			//TODO: We can do further analysis here, for now, just report them.
-			scan.ScanPage(report.HiddenService, dir+"/"+file[1], report, CheckDirectoryListing)
+			if depth > 0 {
+				scan.ScanPage(report.HiddenService, dir+"/"+file[1], report, CheckDirectoryListing(depth-1))
+			}
 		}
 
 	} else {