diff --git a/main.go b/main.go index 55358b4..ad11272 100644 --- a/main.go +++ b/main.go @@ -90,9 +90,9 @@ func main() { onionScan.Config.LogError(errors.New(scanReport.HiddenService + " timed out")) } - file := *reportFile - if file != "" { - file := scanReport.HiddenService + "." + *reportFile + file := *reportFile + if file != "" { + file = scanReport.HiddenService + "." + *reportFile } if *jsonReport { diff --git a/protocol/bitcoin_scanner.go b/protocol/bitcoin_scanner.go index cbfa53e..b5aedaa 100644 --- a/protocol/bitcoin_scanner.go +++ b/protocol/bitcoin_scanner.go @@ -22,5 +22,7 @@ func (rps *BitcoinProtocolScanner) ScanProtocol(hiddenService string, osc *confi // TODO: Actual Analysis report.BitcoinDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/ftp_scanner.go b/protocol/ftp_scanner.go index 6e1559a..3252095 100644 --- a/protocol/ftp_scanner.go +++ b/protocol/ftp_scanner.go @@ -31,5 +31,7 @@ func (sps *FTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.On osc.LogInfo(fmt.Sprintf("Found FTP Banner: %s (%s)", banner, report.FTPFingerprint)) } } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/http_scanner.go b/protocol/http_scanner.go index df2951e..62d0edf 100644 --- a/protocol/http_scanner.go +++ b/protocol/http_scanner.go @@ -1,6 +1,7 @@ package protocol import ( + "crypto/tls" "fmt" "github.com/s-rah/onionscan/config" "github.com/s-rah/onionscan/report" @@ -10,7 +11,6 @@ import ( "io/ioutil" "net/http" "strings" - "crypto/tls" ) type HTTPProtocolScanner struct { @@ -33,19 +33,20 @@ func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.O if err != nil { osc.LogInfo("Failed to connect to service on port 80\n") report.WebDetected = false - conn.Close() + if conn != nil { + conn.Close() + } } else { osc.LogInfo("Found potential service on http(80)\n") report.WebDetected = true conn.Close() dialSocksProxy := socks.DialSocksProxy(socks.SOCKS5, osc.TorProxyAddress) transportConfig := &http.Transport{ - Dial: dialSocksProxy, + Dial: dialSocksProxy, TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, } hps.Client = &http.Client{ Transport: transportConfig, - } // FIXME This should probably be moved to it's own file now. response, err := hps.Client.Get("http://" + hiddenService) diff --git a/protocol/irc_scanner.go b/protocol/irc_scanner.go index 1a1dee3..efda250 100644 --- a/protocol/irc_scanner.go +++ b/protocol/irc_scanner.go @@ -22,7 +22,9 @@ func (rps *IRCProtocolScanner) ScanProtocol(hiddenService string, osc *config.On // TODO: Actual Analysis report.IRCDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } // IRC osc.LogInfo(fmt.Sprintf("Checking %s IRC(6697)\n", hiddenService)) @@ -34,5 +36,7 @@ func (rps *IRCProtocolScanner) ScanProtocol(hiddenService string, osc *config.On // TODO: Actual Analysis report.IRCDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/mongodb_scanner.go b/protocol/mongodb_scanner.go index f04b857..34e9b81 100644 --- a/protocol/mongodb_scanner.go +++ b/protocol/mongodb_scanner.go @@ -22,6 +22,8 @@ func (rps *MongoDBProtocolScanner) ScanProtocol(hiddenService string, osc *confi // TODO: Actual Analysis report.MongoDBDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/ricochet_scanner.go b/protocol/ricochet_scanner.go index 0274d85..d334777 100644 --- a/protocol/ricochet_scanner.go +++ b/protocol/ricochet_scanner.go @@ -22,5 +22,7 @@ func (rps *RicochetProtocolScanner) ScanProtocol(hiddenService string, osc *conf // TODO: Actual Analysis report.RicochetDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/smtp_scanner.go b/protocol/smtp_scanner.go index 45d1e5d..6bb38ed 100644 --- a/protocol/smtp_scanner.go +++ b/protocol/smtp_scanner.go @@ -32,5 +32,7 @@ func (sps *SMTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.O osc.LogInfo(fmt.Sprintf("Found SMTP Banner: %s (%s)", banner, report.SMTPFingerprint)) } } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/ssh_scanner.go b/protocol/ssh_scanner.go index 3e0ae79..309ebf4 100644 --- a/protocol/ssh_scanner.go +++ b/protocol/ssh_scanner.go @@ -22,7 +22,9 @@ func (sps *SSHProtocolScanner) ScanProtocol(hiddenService string, osc *config.On if err != nil { osc.LogInfo("Failed to connect to service on port 22\n") report.SSHDetected = false - conn.Close() + if conn != nil { + conn.Close() + } } else { // TODO SSH Checking report.SSHDetected = true @@ -48,7 +50,9 @@ func (sps *SSHProtocolScanner) ScanProtocol(hiddenService string, osc *config.On }, } ssh.NewClientConn(conn, hiddenService+":22", config) - conn.Close() + if conn != nil { + conn.Close() + } conn, err = utils.GetNetworkConnection(hiddenService, 22, osc.TorProxyAddress, osc.Timeout) if err == nil { reader := bufio.NewReader(conn) @@ -58,6 +62,8 @@ func (sps *SSHProtocolScanner) ScanProtocol(hiddenService string, osc *config.On osc.LogInfo(fmt.Sprintf("Found SSH Banner: %s (%s)", banner)) } } - conn.Close() + if conn != nil { + conn.Close() + } } } diff --git a/protocol/tls_scanner.go b/protocol/tls_scanner.go index ab7d6ca..77ed40c 100644 --- a/protocol/tls_scanner.go +++ b/protocol/tls_scanner.go @@ -18,18 +18,20 @@ func (sps *TLSProtocolScanner) ScanProtocol(hiddenService string, osc *config.On osc.LogInfo("Failed to connect to service on port 443\n") report.TLSDetected = false } else { - osc.LogInfo("Found TLS Endpoint\n") + osc.LogInfo("Found TLS Endpoint\n") report.TLSDetected = true - config := &tls.Config{ - InsecureSkipVerify:true, - } - tlsConn := tls.Client(conn, config) - tlsConn.Write([]byte("GET / HTTP/1.1\r\n\r\n")) - for _, certificate := range tlsConn.ConnectionState().PeerCertificates { - osc.LogInfo(fmt.Sprintf("Found Certificate %v \n", certificate)) - report.Certificates = append(report.Certificates, *certificate) - } - tlsConn.Close() + config := &tls.Config{ + InsecureSkipVerify: true, + } + tlsConn := tls.Client(conn, config) + tlsConn.Write([]byte("GET / HTTP/1.1\r\n\r\n")) + for _, certificate := range tlsConn.ConnectionState().PeerCertificates { + osc.LogInfo(fmt.Sprintf("Found Certificate %v \n", certificate)) + report.Certificates = append(report.Certificates, *certificate) + } + tlsConn.Close() + } + if conn != nil { + conn.Close() } - conn.Close() } diff --git a/protocol/vnc_scanner.go b/protocol/vnc_scanner.go index 68f8603..ae67744 100644 --- a/protocol/vnc_scanner.go +++ b/protocol/vnc_scanner.go @@ -22,5 +22,7 @@ func (vncps *VNCProtocolScanner) ScanProtocol(hiddenService string, osc *config. // TODO: Actual Analysis report.VNCDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/protocol/xmpp_scanner.go b/protocol/xmpp_scanner.go index 14d7323..f87053f 100644 --- a/protocol/xmpp_scanner.go +++ b/protocol/xmpp_scanner.go @@ -22,7 +22,9 @@ func (rps *XMPPProtocolScanner) ScanProtocol(hiddenService string, osc *config.O // TODO: Actual Analysis report.XMPPDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } // XMPP osc.LogInfo(fmt.Sprintf("Checking %s XMPP(5223)\n", hiddenService)) conn, err = utils.GetNetworkConnection(hiddenService, 5223, osc.TorProxyAddress, osc.Timeout) @@ -33,5 +35,7 @@ func (rps *XMPPProtocolScanner) ScanProtocol(hiddenService string, osc *config.O // TODO: Actual Analysis report.XMPPDetected = true } - conn.Close() + if conn != nil { + conn.Close() + } } diff --git a/report/onionscanreport.go b/report/onionscanreport.go index 7ddc253..5cc3dfe 100644 --- a/report/onionscanreport.go +++ b/report/onionscanreport.go @@ -1,11 +1,11 @@ package report import ( + "crypto/x509" "encoding/json" "github.com/s-rah/onionscan/utils" "io/ioutil" "time" - "crypto/x509" ) type ExifTag struct { @@ -62,8 +62,8 @@ type OnionScanReport struct { PageTitle string `json:"pageTitle"` ResponseHeaders map[string]string `json:"responseHeaders"` - // TLS - Certificates []x509.Certificate `json:"certificates"` + // TLS + Certificates []x509.Certificate `json:"certificates"` //Bitcoin BitcoinAddresses []string `json:"bitcoinAddresses"`