From 6f0890a3c23da54e3b858cd2e1fa6b6141d0ea83 Mon Sep 17 00:00:00 2001 From: "maximilian.hildebrand" Date: Wed, 27 Apr 2022 09:42:00 +0200 Subject: [PATCH] removed "setStatusCode" flag, as it was unnecessary and complicated things --- pkg/config.go | 2 -- pkg/flags.go | 2 -- pkg/recon.go | 14 ++++---------- web-cache-vulnerability-scanner.go | 2 +- 4 files changed, 5 insertions(+), 15 deletions(-) diff --git a/pkg/config.go b/pkg/config.go index d0dbaa8..c494a04 100644 --- a/pkg/config.go +++ b/pkg/config.go @@ -18,7 +18,6 @@ type ( ContentType string QuerySeperator string CacheBuster string - StatusCode int TimeOut int DeclineCookies bool Force bool @@ -97,7 +96,6 @@ func ReadConfigFile() ConfigStruct { ContentType: "", QuerySeperator: "", CacheBuster: "", - StatusCode: 0, TimeOut: 0, DeclineCookies: false, Urls: nil, diff --git a/pkg/flags.go b/pkg/flags.go index 2f8e4d4..1c54a73 100644 --- a/pkg/flags.go +++ b/pkg/flags.go @@ -107,8 +107,6 @@ func ParseFlags(vers string) { "post", "post", false, "Do a POST request instead of a GET request") appendString(&requestOptions, &Config.ContentType, "contenttype", "ct", "application/x-www-form-urlencoded", "Set the contenttype for a POST Request. Default is application/x-www-form-urlencoded. If you don't want a content-type to be used at all use -ct ''") - appendInt(&requestOptions, &Config.StatusCode, - "statuscode", "status", -1, "Expected status code of the responses. If not specified it takes the status code of the first response") appendString(&requestOptions, &Config.QuerySeperator, "parameterseperator", "ps", "&", "Specify the seperator for parameters. The default value is &") appendBoolean(&requestOptions, &userAgentChrome, diff --git a/pkg/recon.go b/pkg/recon.go index 7c3da92..22efcff 100644 --- a/pkg/recon.go +++ b/pkg/recon.go @@ -8,7 +8,6 @@ import ( "io/ioutil" "net/http" "net/url" - "strconv" "strings" "time" @@ -1207,7 +1206,8 @@ func GetWebsite(requrl string, setStatusCode bool, cacheBuster bool) (WebsiteStr waitLimiter(errorString) resp, err := http.DefaultClient.Do(req) if err != nil { - msg := fmt.Sprintf("%s: http.DefaultClient.Do: %s", errorString, err.Error()) + msg := fmt.Sprintf("%s: http.DefaultClient.Do: %s", errorString, err.Error()) // Error: context deadline exceeded -> panic; runtime error + Print(msg+"\n", Red) return web, errors.New(msg) } @@ -1228,14 +1228,9 @@ func GetWebsite(requrl string, setStatusCode bool, cacheBuster bool) (WebsiteStr return web, errors.New(msg) } - tempStatusCode := Config.StatusCode - Print("vorher:"+strconv.Itoa(Config.Website.StatusCode)+"\n", Red) - if Config.Website.StatusCode != 0 { - tempStatusCode = Config.Website.StatusCode - } + tempStatusCode := Config.Website.StatusCode // Only overwrite statuscode if 1. it wasn't set via flag 2. its the first and only request or the second of two requests - if setStatusCode && tempStatusCode == -1 && tempStatusCode != resp.StatusCode { - Print("temp"+strconv.Itoa(tempStatusCode)+"resp"+strconv.Itoa(resp.StatusCode)+"\n", Red) + if setStatusCode && tempStatusCode != resp.StatusCode { tempStatusCode = resp.StatusCode cache = Config.Website.Cache @@ -1243,7 +1238,6 @@ func GetWebsite(requrl string, setStatusCode bool, cacheBuster bool) (WebsiteStr msg := fmt.Sprintf("The default status code was set to %d\n", tempStatusCode) Print(msg, Cyan) } - Print("nachher:"+strconv.Itoa(Config.Website.StatusCode)+"\n", Red) // if retrieveCookies is false, only the specified cookies will be used // otherwise the by the server given cookies AND the specified cookies will be used diff --git a/web-cache-vulnerability-scanner.go b/web-cache-vulnerability-scanner.go index 97e3c07..06545a4 100644 --- a/web-cache-vulnerability-scanner.go +++ b/web-cache-vulnerability-scanner.go @@ -263,7 +263,7 @@ func runTests(rec int, u string, progress string, foundUrls *[]string, stat stri pkg.Statistics[stat+"total"]++ // retrieve cookies, headers etc - pkg.Config.Website, err = pkg.GetWebsite(u, false, false) + pkg.Config.Website, err = pkg.GetWebsite(u, true, false) if err != nil { repWebsite.HasError = true repWebsite.ErrorMessages = append(repWebsite.ErrorMessages, err.Error())