Merge features for 2.0.1

OJ · Aug 29, 2018 · c361d77 · c361d77
2 parents d8be724 + 9604142
commit c361d77
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 21 deletions.
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-Gobuster v2.0.0 (OJ Reeves @TheColonial)
+Gobuster v2.0.1 (OJ Reeves @TheColonial)
 ========================================
 
 Gobuster is a tool used to brute-force:
@@ -112,7 +112,7 @@ Default options looks like this:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dir
 [+] Url/Domain : https://buffered.io/
@@ -136,7 +136,7 @@ Default options with status codes disabled looks like this:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -n
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dir
 [+] Url/Domain : https://buffered.io/
@@ -161,7 +161,7 @@ Verbose output looks like this:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -v
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dir
 [+] Url/Domain : https://buffered.io/
@@ -188,7 +188,7 @@ Example showing content length:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -l
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dir
 [+] Url/Domain : https://buffered.io/
@@ -228,7 +228,7 @@ Normal sample run goes like this:
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dns
 [+] Url/Domain : google.com
@@ -264,7 +264,7 @@ Show IP sample run goes like this:
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com -i
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dns
 [+] Url/Domain : google.com
@@ -300,7 +300,7 @@ Base domain validation warning when the base domain fails to resolve. This is a
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u yp.to -i
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dns
 [+] Url/Domain : yp.to
@@ -320,7 +320,7 @@ Wildcard DNS is also detected properly:
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io 
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dns
 [+] Url/Domain : 0.0.1.xip.io
@@ -340,7 +340,7 @@ If the user wants to force processing of a domain that has wildcard entries, use
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io -fw
 
 =====================================================
-Gobuster v2.0.0 OJ Reeves (@TheColonial)
+Gobuster v2.0.1 OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode : dns
 [+] Url/Domain : 0.0.1.xip.io

diff --git a/gobusterdns/gobusterdns.go b/gobusterdns/gobusterdns.go
@@ -4,7 +4,6 @@ import (
  "bytes"
  "fmt"
  "log"
- "net"
  "strings"
 
  "github.com/OJ/gobuster/libgobuster"
@@ -18,7 +17,7 @@ type GobusterDNS struct{}
 func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error {
  // Resolve a subdomain sthat probably shouldn't exist
  guid := uuid.New()
- wildcardIps, err := net.LookupHost(fmt.Sprintf("%s.%s", guid, g.Opts.URL))
+ wildcardIps, err := g.DNSLookup(fmt.Sprintf("%s.%s", guid, g.Opts.URL))
  if err == nil {
  g.IsWildcard = true
  g.WildcardIps.AddRange(wildcardIps)
@@ -30,7 +29,7 @@ func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error {
 
  if !g.Opts.Quiet {
  // Provide a warning if the base domain doesn't resolve (in case of typo)
- _, err = net.LookupHost(g.Opts.URL)
+ _, err = g.DNSLookup(g.Opts.URL)
  if err != nil {
  // Not an error, just a warning. Eg. `yp.to` doesn't resolve, but `cr.py.to` does!
  log.Printf("[-] Unable to validate base domain: %s", g.Opts.URL)
@@ -43,7 +42,7 @@ func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error {
 // Process is the process implementation of gobusterdns
 func (d GobusterDNS) Process(g *libgobuster.Gobuster, word string) ([]libgobuster.Result, error) {
  subdomain := fmt.Sprintf("%s.%s", word, g.Opts.URL)
- ips, err := net.LookupHost(subdomain)
+ ips, err := g.DNSLookup(subdomain)
  var ret []libgobuster.Result
  if err == nil {
  if !g.IsWildcard || !g.WildcardIps.ContainsAny(ips) {
@@ -53,7 +52,7 @@ func (d GobusterDNS) Process(g *libgobuster.Gobuster, word string) ([]libgobuste
  if g.Opts.ShowIPs {
  result.Extra = strings.Join(ips, ", ")
  } else if g.Opts.ShowCNAME {
- cname, err := net.LookupCNAME(subdomain)
+ cname, err := g.DNSLookupCname(subdomain)
  if err == nil {
  result.Extra = cname
  }

diff --git a/libgobuster/libgobuster.go b/libgobuster/libgobuster.go
@@ -5,14 +5,15 @@ import (
  "bytes"
  "context"
  "fmt"
+ "net"
  "os"
  "strings"
  "sync"
 )
 
 const (
  // VERSION contains the current gobuster version
- VERSION = "2.0.0"
+ VERSION = "2.0.1"
 )
 
 // SetupFunc is the "setup" function prototype for implementations
@@ -111,10 +112,19 @@ func (g *Gobuster) ClearProgress() {
 // GetRequest issues a GET request to the target and returns
 // the status code, length and an error
 func (g *Gobuster) GetRequest(url string) (*int, *int64, error) {
- g.incrementRequests()
  return g.http.makeRequest(url, g.Opts.Cookies)
 }
 
+// DNSLookup looks up a domain via system default DNS servers
+func (g *Gobuster) DNSLookup(domain string) ([]string, error) {
+ return net.LookupHost(domain)
+}
+
+// DNSLookupCname looks up a CNAME record via system default DNS servers
+func (g *Gobuster) DNSLookupCname(domain string) (string, error) {
+ return net.LookupCNAME(domain)
+}
+
 func (g *Gobuster) worker(wordChan <-chan string, wg *sync.WaitGroup) {
  defer wg.Done()
  for {
@@ -126,6 +136,7 @@ func (g *Gobuster) worker(wordChan <-chan string, wg *sync.WaitGroup) {
  if !ok {
  return
  }
+ g.incrementRequests()
  // Mode-specific processing
  res, err := g.plugin.Process(g, word)
  if err != nil {
@@ -157,10 +168,6 @@ func (g *Gobuster) getWordlist() (*bufio.Scanner, error) {
  return nil, fmt.Errorf("failed to get number of lines: %v", err)
  }
 
- // mutiply by extensions to get the total number of requests
- if len(g.Opts.ExtensionsParsed.Set) > 0 {
- lines = lines + (lines * len(g.Opts.ExtensionsParsed.Set))
- }
  g.requestsExpected = lines
  g.requestsIssued = 0