diff --git a/report/onionscanreport.go b/report/onionscanreport.go index dcc6f69..ab18941 100644 --- a/report/onionscanreport.go +++ b/report/onionscanreport.go @@ -38,6 +38,7 @@ type OnionScanReport struct { ExifImages []ExifImage `json:"exifImages"` InterestingFiles []string `json:"interestingFiles"` PageReferencedDirectories []string `json:"pageReferencedDirectories"` + PGPKeys []string `json:"pgpKeys"` Hashes []string `json:"hashes"` SSHKey string `json:"sshKey"` @@ -85,6 +86,11 @@ func (osr *OnionScanReport) AddLinkedSite(site string) { utils.RemoveDuplicates(&osr.LinkedSites) } +func (osr *OnionScanReport) AddPGPKey(key string) { + osr.PGPKeys = append(osr.PGPKeys, key) + utils.RemoveDuplicates(&osr.PGPKeys) +} + func (osr *OnionScanReport) AddResponseHeader(name string, value string) { osr.ResponseHeaders[name] = value } diff --git a/report/report_generator.go b/report/report_generator.go index af8fe67..db8bfef 100644 --- a/report/report_generator.go +++ b/report/report_generator.go @@ -70,20 +70,22 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) { } } - if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok { - info += 1 - } + if report.WebDetected { + if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok { + info += 1 + } - if _, ok := report.ResponseHeaders["X-XSS-PROTECTION"]; !ok { - info += 1 - } + if _, ok := report.ResponseHeaders["X-XSS-PROTECTION"]; !ok { + info += 1 + } - if _, ok := report.ResponseHeaders["X-CONTENT-TYPE-OPTIONS"]; !ok { - info += 1 - } + if _, ok := report.ResponseHeaders["X-CONTENT-TYPE-OPTIONS"]; !ok { + info += 1 + } - if _, ok := report.ResponseHeaders["CONTENT-SECURITY-POLICY"]; !ok { - info += 1 + if _, ok := report.ResponseHeaders["CONTENT-SECURITY-POLICY"]; !ok { + info += 1 + } } buffer := bytes.NewBuffer(nil) @@ -144,7 +146,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) { buffer.WriteString("\n") } - if report.ResponseHeaders != nil { + if report.ResponseHeaders != nil && report.WebDetected { if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok { buffer.WriteString("Info: Missing X-Frame-Options HTTP header discovered!\n") buffer.WriteString("\t Why this is bad: Provides Clickjacking protection. Values: deny - no rendering within a frame, sameorigin\n\t - no rendering if origin mismatch, allow-from: DOMAIN - allow rendering if framed by frame loaded from DOMAIN\n") diff --git a/scans/content_scan.go b/scans/content_scan.go new file mode 100644 index 0000000..935768b --- /dev/null +++ b/scans/content_scan.go @@ -0,0 +1,9 @@ +package scans + +import ( + "github.com/s-rah/onionscan/report" +) + +type ContentScan interface { + ScanContent(content string, report *report.OnionScanReport) +} diff --git a/scans/pgp_content_scan.go b/scans/pgp_content_scan.go new file mode 100644 index 0000000..ebbdfb5 --- /dev/null +++ b/scans/pgp_content_scan.go @@ -0,0 +1,19 @@ +package scans + +import ( + "github.com/s-rah/onionscan/report" + "log" + "regexp" +) + +type PGPContentScan struct { +} + +func (cs *PGPContentScan) ScanContent(content string, report *report.OnionScanReport) { + log.Printf("\tScanning for PGP Key\n") + pgpRegexp := regexp.MustCompile("-----BEGIN PGP PUBLIC KEY BLOCK-----((?s).*)-----END PGP PUBLIC KEY BLOCK-----") + foundPGP := pgpRegexp.FindAllString(content, -1) + for _, key := range foundPGP { + report.AddPGPKey(key) + } +} diff --git a/scans/standard-page-scan.go b/scans/standard-page-scan.go index b5f16d4..4ea9b4b 100644 --- a/scans/standard-page-scan.go +++ b/scans/standard-page-scan.go @@ -30,6 +30,7 @@ func StandardPageScan(scan Scanner, page string, status int, contents string, re report.PageTitle = pageTitle } + new(PGPContentScan).ScanContent(contents, report) domains := utils.ExtractDomains(contents) for _, domain := range domains {