Extracting PGP Keys from Pages

Also fixes a bug with reporting of headers.
This commit is contained in:
Sarah Jamie Lewis 2016-05-09 18:42:19 -07:00
parent a29741ed46
commit eee0c61490
5 changed files with 49 additions and 12 deletions

View File

@ -38,6 +38,7 @@ type OnionScanReport struct {
ExifImages []ExifImage `json:"exifImages"`
InterestingFiles []string `json:"interestingFiles"`
PageReferencedDirectories []string `json:"pageReferencedDirectories"`
PGPKeys []string `json:"pgpKeys"`
Hashes []string `json:"hashes"`
SSHKey string `json:"sshKey"`
@ -85,6 +86,11 @@ func (osr *OnionScanReport) AddLinkedSite(site string) {
utils.RemoveDuplicates(&osr.LinkedSites)
}
func (osr *OnionScanReport) AddPGPKey(key string) {
osr.PGPKeys = append(osr.PGPKeys, key)
utils.RemoveDuplicates(&osr.PGPKeys)
}
func (osr *OnionScanReport) AddResponseHeader(name string, value string) {
osr.ResponseHeaders[name] = value
}

View File

@ -70,20 +70,22 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
}
}
if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok {
info += 1
}
if report.WebDetected {
if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok {
info += 1
}
if _, ok := report.ResponseHeaders["X-XSS-PROTECTION"]; !ok {
info += 1
}
if _, ok := report.ResponseHeaders["X-XSS-PROTECTION"]; !ok {
info += 1
}
if _, ok := report.ResponseHeaders["X-CONTENT-TYPE-OPTIONS"]; !ok {
info += 1
}
if _, ok := report.ResponseHeaders["X-CONTENT-TYPE-OPTIONS"]; !ok {
info += 1
}
if _, ok := report.ResponseHeaders["CONTENT-SECURITY-POLICY"]; !ok {
info += 1
if _, ok := report.ResponseHeaders["CONTENT-SECURITY-POLICY"]; !ok {
info += 1
}
}
buffer := bytes.NewBuffer(nil)
@ -144,7 +146,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
buffer.WriteString("\n")
}
if report.ResponseHeaders != nil {
if report.ResponseHeaders != nil && report.WebDetected {
if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok {
buffer.WriteString("Info: Missing X-Frame-Options HTTP header discovered!\n")
buffer.WriteString("\t Why this is bad: Provides Clickjacking protection. Values: deny - no rendering within a frame, sameorigin\n\t - no rendering if origin mismatch, allow-from: DOMAIN - allow rendering if framed by frame loaded from DOMAIN\n")

9
scans/content_scan.go Normal file
View File

@ -0,0 +1,9 @@
package scans
import (
"github.com/s-rah/onionscan/report"
)
type ContentScan interface {
ScanContent(content string, report *report.OnionScanReport)
}

19
scans/pgp_content_scan.go Normal file
View File

@ -0,0 +1,19 @@
package scans
import (
"github.com/s-rah/onionscan/report"
"log"
"regexp"
)
type PGPContentScan struct {
}
func (cs *PGPContentScan) ScanContent(content string, report *report.OnionScanReport) {
log.Printf("\tScanning for PGP Key\n")
pgpRegexp := regexp.MustCompile("-----BEGIN PGP PUBLIC KEY BLOCK-----((?s).*)-----END PGP PUBLIC KEY BLOCK-----")
foundPGP := pgpRegexp.FindAllString(content, -1)
for _, key := range foundPGP {
report.AddPGPKey(key)
}
}

View File

@ -30,6 +30,7 @@ func StandardPageScan(scan Scanner, page string, status int, contents string, re
report.PageTitle = pageTitle
}
new(PGPContentScan).ScanContent(contents, report)
domains := utils.ExtractDomains(contents)
for _, domain := range domains {