Skip to content

Commit

Permalink
Added keyword feature
Browse files Browse the repository at this point in the history
  • Loading branch information
mc air authored and mc air committed May 16, 2024
1 parent 213ace2 commit e0023db
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 6 deletions.
4 changes: 3 additions & 1 deletion cmd/request.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ var requestCmd = &cobra.Command{
method, _ := cmd.Flags().GetString("method")
singleTarget, _ := cmd.Flags().GetString("url")
attackHeader, _ := cmd.Flags().GetString("attack")
keyword, _ := cmd.Flags().GetString("keyword")

detectionTimout, _ := cmd.Flags().GetInt("interval")
colorDisabled, _ := cmd.Flags().GetBool("dc")
Expand Down Expand Up @@ -86,7 +87,7 @@ var requestCmd = &cobra.Command{
return
}

scanJob = *lib.NewScanJob(target, connection, []lib.Payload{attackHeaderPayload})
scanJob = *lib.NewScanJob(target, connection, []lib.Payload{attackHeaderPayload}, keyword)

fmt.Printf("[+]Starting Response Handler for: %s\n", target.URL.Hostname())

Expand Down Expand Up @@ -141,6 +142,7 @@ func init() {
requestCmd.Flags().StringP("data", "d", "99\r\n", "HTTP/2 Data frame content to send.")
requestCmd.Flags().BoolP("dc", "", false, "Disable colour in the output.")
requestCmd.Flags().StringP("method", "x", "POST", "The method to use.")
requestCmd.Flags().StringP("keyword", "k", "", "Check if keyword is in response body.")
requestCmd.Flags().StringP("header", "H", "", "Insert custom header. eg \"Cookie: values\"")
requestCmd.Flags().IntP("interval", "i", 5, "Detection timeout interval in seconds.")
requestCmd.Flags().StringP("attack", "a", "", "Attack Header, separated by (; ) like the wordlist in 'scan' mode.")
Expand Down
4 changes: 3 additions & 1 deletion cmd/scan.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ var scanCmd = &cobra.Command{
detectionTimout, _ := cmd.Flags().GetInt("interval")
colorDisabled, _ := cmd.Flags().GetBool("dc")
stringFilter, _ := cmd.Flags().GetString("filter")
keyword, _ := cmd.Flags().GetString("keyword")
additionalHeader, _ := cmd.Flags().GetString("header")
userDataFrame, _ := cmd.Flags().GetString("data")

Expand Down Expand Up @@ -164,7 +165,7 @@ var scanCmd = &cobra.Command{
fmt.Println("Error establishing HTTP2 connection:", err)
continue
}
scanJob := lib.NewScanJob(target, conn, payloadChunk)
scanJob := lib.NewScanJob(target, conn, payloadChunk, keyword)
scanJobs = append(scanJobs, *scanJob)
}

Expand Down Expand Up @@ -346,4 +347,5 @@ func init() {
scanCmd.Flags().StringP("filter", "", "", "Filter responses by string or frame type, etc. For example: 405, 200, 502, TIMEOUT, RST, GOAWAY, etc.")
scanCmd.Flags().StringP("data", "d", "99\r\n", "HTTP/2 Data frame to send. eg: 99\\r\\n")
scanCmd.Flags().BoolP("extended", "e", false, "Use the extended wordlist. Includes more characters. (By default, when no wordlist is provided the shorter wordlist is used)")
scanCmd.Flags().StringP("keyword", "k", "", "Keyword detection, return true if a keyword is found in the response. eg: \"Internal Server Error\"")
}
2 changes: 1 addition & 1 deletion lib/constants.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ const (
| __|_____ _ _ ___ ___| |___| __|_ _ ___ ___
|__ | | | | . | . | | -_| __| | |- _|- _|
|_____|_|_|_|___|_ |_ |_|___|__| |___|___|___|
|___|___| v0.2.1 @moopinger
|___|___| v0.2.2 @moopinger
`

Expand Down
20 changes: 18 additions & 2 deletions lib/http2.go
Original file line number Diff line number Diff line change
Expand Up @@ -218,7 +218,7 @@ func HandleConnection(scanJob *ScanJob, streamChan *chan string) {

framer := http2.NewFramer(scanJob.Conn, scanJob.Conn)
hpackstatus := ""

hpackBody := ""
hpackDecoder := hpack.NewDecoder(4096, func(hf hpack.HeaderField) {
if hf.Name == ":status" {
hpackstatus = hf.Value
Expand Down Expand Up @@ -291,15 +291,31 @@ func HandleConnection(scanJob *ScanJob, streamChan *chan string) {
size := len(frame.(*http2.DataFrame).Data())
streamContentCount[streamId] += size

hpackBody += string(frame.(*http2.DataFrame).Data())

//check if END_STREAM flag is set
if frame.(*http2.DataFrame).Flags == 0x1 {

if streamId == scanJob.StreamId {

*streamChan <- "SUCCESS [" + hpackstatus + "] Length: " + fmt.Sprintf("%d", streamContentCount[streamId])
if scanJob.Keyword != "" {
if strings.Contains(hpackBody, scanJob.Keyword) {
*streamChan <- "SUCCESS [" + hpackstatus + "] - Keyword: True - Length: " + fmt.Sprintf("%d", streamContentCount[streamId])

} else {
*streamChan <- "SUCCESS [" + hpackstatus + "] - Keyword: False - Length: " + fmt.Sprintf("%d", streamContentCount[streamId])
}

} else {

*streamChan <- "SUCCESS [" + hpackstatus + "] Length: " + fmt.Sprintf("%d", streamContentCount[streamId])

}

}

hpackBody = ""

}

case *http2.SettingsFrame:
Expand Down
4 changes: 3 additions & 1 deletion lib/scanjob.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,16 @@ type ScanJob struct {
Conn *tls.Conn
Payloads []Payload
StreamId uint32
Keyword string
}

func NewScanJob(target *Target, conn *tls.Conn, payloads []Payload) *ScanJob {
func NewScanJob(target *Target, conn *tls.Conn, payloads []Payload, keyword string) *ScanJob {
return &ScanJob{
Target: target,
Conn: conn,
Payloads: payloads,
StreamId: 1,
Keyword: keyword,
}
}

Expand Down

0 comments on commit e0023db

Please sign in to comment.