Extracting PGP Keys from Pages

Also fixes a bug with reporting of headers.

report/onionscanreport.go

@@ -38,6 +38,7 @@ type OnionScanReport struct {
 	ExifImages                []ExifImage `json:"exifImages"`
 	InterestingFiles          []string    `json:"interestingFiles"`
 	PageReferencedDirectories []string    `json:"pageReferencedDirectories"`
+	PGPKeys                   []string    `json:"pgpKeys"`
 
 	Hashes          []string          `json:"hashes"`
 	SSHKey          string            `json:"sshKey"`
@@ -85,6 +86,11 @@ func (osr *OnionScanReport) AddLinkedSite(site string) {
 	utils.RemoveDuplicates(&osr.LinkedSites)
 }
 
+func (osr *OnionScanReport) AddPGPKey(key string) {
+	osr.PGPKeys = append(osr.PGPKeys, key)
+	utils.RemoveDuplicates(&osr.PGPKeys)
+}
+
 func (osr *OnionScanReport) AddResponseHeader(name string, value string) {
 	osr.ResponseHeaders[name] = value
 }

report/report_generator.go

@@ -70,6 +70,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
 		}
 	}
 
+	if report.WebDetected {
 		if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok {
 			info += 1
 		}
@@ -85,6 +86,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
 		if _, ok := report.ResponseHeaders["CONTENT-SECURITY-POLICY"]; !ok {
 			info += 1
 		}
+	}
 
 	buffer := bytes.NewBuffer(nil)
 	buffer.WriteString("--------------- OnionScan Report ---------------\n")
@@ -144,7 +146,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
 		buffer.WriteString("\n")
 	}
 
-	if report.ResponseHeaders != nil {
+	if report.ResponseHeaders != nil && report.WebDetected {
 		if _, ok := report.ResponseHeaders["X-FRAME-OPTIONS"]; !ok {
 			buffer.WriteString("Info: Missing X-Frame-Options HTTP header discovered!\n")
 			buffer.WriteString("\t Why this is bad: Provides Clickjacking protection. Values: deny - no rendering within a frame, sameorigin\n\t - no rendering if origin mismatch, allow-from: DOMAIN - allow rendering if framed by frame loaded from DOMAIN\n")

scans/content_scan.go

@@ -0,0 +1,9 @@
+package scans
+
+import (
+	"github.com/s-rah/onionscan/report"
+)
+
+type ContentScan interface {
+	ScanContent(content string, report *report.OnionScanReport)
+}

scans/pgp_content_scan.go

@@ -0,0 +1,19 @@
+package scans
+
+import (
+	"github.com/s-rah/onionscan/report"
+	"log"
+	"regexp"
+)
+
+type PGPContentScan struct {
+}
+
+func (cs *PGPContentScan) ScanContent(content string, report *report.OnionScanReport) {
+	log.Printf("\tScanning for PGP Key\n")
+	pgpRegexp := regexp.MustCompile("-----BEGIN PGP PUBLIC KEY BLOCK-----((?s).*)-----END PGP PUBLIC KEY BLOCK-----")
+	foundPGP := pgpRegexp.FindAllString(content, -1)
+	for _, key := range foundPGP {
+		report.AddPGPKey(key)
+	}
+}

scans/standard-page-scan.go

@@ -30,6 +30,7 @@ func StandardPageScan(scan Scanner, page string, status int, contents string, re
 			report.PageTitle = pageTitle
 		}
 
+		new(PGPContentScan).ScanContent(contents, report)
 		domains := utils.ExtractDomains(contents)
 
 		for _, domain := range domains {