removed "setStatusCode" flag, as it was unnecessary and complicated t…

…hings
Hackmanit · Apr 27, 2022 · 6f0890a · 6f0890a
1 parent a190547
commit 6f0890a
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 15 deletions.
diff --git a/pkg/config.go b/pkg/config.go
@@ -18,7 +18,6 @@ type (
 		ContentType    string
 		QuerySeperator string
 		CacheBuster    string
-		StatusCode     int
 		TimeOut        int
 		DeclineCookies bool
 		Force          bool
@@ -97,7 +96,6 @@ func ReadConfigFile() ConfigStruct {
 		ContentType:    "",
 		QuerySeperator: "",
 		CacheBuster:    "",
-		StatusCode:     0,
 		TimeOut:        0,
 		DeclineCookies: false,
 		Urls:           nil,

diff --git a/pkg/flags.go b/pkg/flags.go
@@ -107,8 +107,6 @@ func ParseFlags(vers string) {
 		"post", "post", false, "Do a POST request instead of a GET request")
 	appendString(&requestOptions, &Config.ContentType,
 		"contenttype", "ct", "application/x-www-form-urlencoded", "Set the contenttype for a POST Request. Default is application/x-www-form-urlencoded. If you don't want a content-type to be used at all use -ct ''")
-	appendInt(&requestOptions, &Config.StatusCode,
-		"statuscode", "status", -1, "Expected status code of the responses. If not specified it takes the status code of the first response")
 	appendString(&requestOptions, &Config.QuerySeperator,
 		"parameterseperator", "ps", "&", "Specify the seperator for parameters. The default value is &")
 	appendBoolean(&requestOptions, &userAgentChrome,

diff --git a/pkg/recon.go b/pkg/recon.go
@@ -8,7 +8,6 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
-	"strconv"
 	"strings"
 	"time"
 
@@ -1207,7 +1206,8 @@ func GetWebsite(requrl string, setStatusCode bool, cacheBuster bool) (WebsiteStr
 	waitLimiter(errorString)
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
-		msg := fmt.Sprintf("%s: http.DefaultClient.Do: %s", errorString, err.Error())
+		msg := fmt.Sprintf("%s: http.DefaultClient.Do: %s", errorString, err.Error()) // Error: context deadline exceeded -> panic; runtime error
+
 		Print(msg+"\n", Red)
 		return web, errors.New(msg)
 	}
@@ -1228,22 +1228,16 @@ func GetWebsite(requrl string, setStatusCode bool, cacheBuster bool) (WebsiteStr
 		return web, errors.New(msg)
 	}
 
-	tempStatusCode := Config.StatusCode
-	Print("vorher:"+strconv.Itoa(Config.Website.StatusCode)+"\n", Red)
-	if Config.Website.StatusCode != 0 {
-		tempStatusCode = Config.Website.StatusCode
-	}
+	tempStatusCode := Config.Website.StatusCode
 	// Only overwrite statuscode if 1. it wasn't set via flag 2. its the first and only request or the second of two requests
-	if setStatusCode && tempStatusCode == -1 && tempStatusCode != resp.StatusCode {
-		Print("temp"+strconv.Itoa(tempStatusCode)+"resp"+strconv.Itoa(resp.StatusCode)+"\n", Red)
+	if setStatusCode && tempStatusCode != resp.StatusCode {
 		tempStatusCode = resp.StatusCode
 
 		cache = Config.Website.Cache
 
 		msg := fmt.Sprintf("The default status code was set to %d\n", tempStatusCode)
 		Print(msg, Cyan)
 	}
-	Print("nachher:"+strconv.Itoa(Config.Website.StatusCode)+"\n", Red)
 
 	// if retrieveCookies is false, only the specified cookies will be used
 	// otherwise the by the server given cookies AND the specified cookies will be used

diff --git a/web-cache-vulnerability-scanner.go b/web-cache-vulnerability-scanner.go
@@ -263,7 +263,7 @@ func runTests(rec int, u string, progress string, foundUrls *[]string, stat stri
 	pkg.Statistics[stat+"total"]++
 
 	// retrieve cookies, headers etc
-	pkg.Config.Website, err = pkg.GetWebsite(u, false, false)
+	pkg.Config.Website, err = pkg.GetWebsite(u, true, false)
 	if err != nil {
 		repWebsite.HasError = true
 		repWebsite.ErrorMessages = append(repWebsite.ErrorMessages, err.Error())