add command line argument limiting directory recursion depth

This commit is contained in:
Dan Ballard 2016-04-29 10:34:05 -07:00
parent 44cc375066
commit 58094f810c
4 changed files with 18 additions and 7 deletions

View File

@ -20,6 +20,7 @@ func main() {
simpleReport := flag.Bool("simpleReport", true, "print out a simple report detailing what is wrong and how to fix it, true by default")
jsonReport := flag.Bool("jsonReport", false, "print out a json report providing a detailed report of the scan.")
verbose := flag.Bool("verbose", false, "print out a verbose log output of the scan")
directoryDepth := flag.Int("d", 0, "depth of directory scan recursion (default: 0)")
flag.Parse()
@ -37,7 +38,7 @@ func main() {
log.SetOutput(ioutil.Discard)
}
onionScan := Configure(*torProxyAddress)
onionScan := Configure(*torProxyAddress, *directoryDepth)
report, err := onionScan.Scan(hiddenService)
if err != nil {

View File

@ -8,11 +8,13 @@ import (
type OnionScan struct {
TorProxyAddress string
DirectoryDepth int
}
func Configure(torProxyAddress string) *OnionScan {
func Configure(torProxyAddress string, directoryDepth int) *OnionScan {
onionScan := new(OnionScan)
onionScan.TorProxyAddress = torProxyAddress
onionScan.DirectoryDepth = directoryDepth
return onionScan
}
@ -32,7 +34,7 @@ func (os *OnionScan) Scan(hiddenService string) (*report.OnionScanReport, error)
// HTTP
hps := new(protocol.HTTPProtocolScanner)
hps.ScanProtocol(hiddenService, os.TorProxyAddress, report)
hps.ScanProtocol(hiddenService, os.TorProxyAddress, os.DirectoryDepth, report)
// SSH
sps := new(protocol.SSHProtocolScanner)

View File

@ -22,7 +22,7 @@ var (
"/products", "/products/cat"}
)
func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress string, report *report.OnionScanReport) {
func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress string, directoryDepth int, report *report.OnionScanReport) {
// HTTP
log.Printf("Checking %s http(80)\n", hiddenService)
@ -64,7 +64,7 @@ func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, proxyAddress
directories := append(CommonDirectories, report.PageReferencedDirectories...)
utils.RemoveDuplicates(&directories)
for _, directory := range directories {
hps.ScanPage(hiddenService, directory, report, scans.CheckDirectoryListing)
hps.ScanPage(hiddenService, directory, report, scans.CheckDirectoryListing(directoryDepth))
}
}
log.Printf("\n")

View File

@ -7,7 +7,13 @@ import (
"strings"
)
func CheckDirectoryListing(scan Scanner, dir string, status int, contents string, report *report.OnionScanReport) {
func CheckDirectoryListing(depth int) func(Scanner, string, int, string, *report.OnionScanReport) {
return func(scan Scanner, dir string, status int, contents string, report *report.OnionScanReport) {
CheckDirectoryListingDepth(scan, dir, status, depth, contents, report)
}
}
func CheckDirectoryListingDepth(scan Scanner, dir string, status int, depth int, contents string, report *report.OnionScanReport) {
if status == 200 && strings.Contains(string(contents), "Index of "+dir) {
log.Printf("Detected Open Directory %s...\033[091mAlert!\033[0m\n", dir)
@ -33,7 +39,9 @@ func CheckDirectoryListing(scan Scanner, dir string, status int, contents string
for _, file := range subDir {
log.Printf("\t Found subdir %s/%s\n", dir, file[1])
//TODO: We can do further analysis here, for now, just report them.
scan.ScanPage(report.HiddenService, dir+"/"+file[1], report, CheckDirectoryListing)
if depth > 0 {
scan.ScanPage(report.HiddenService, dir+"/"+file[1], report, CheckDirectoryListing(depth-1))
}
}
} else {