-
Notifications
You must be signed in to change notification settings - Fork 5
/
dirscan.go
129 lines (108 loc) · 3.06 KB
/
dirscan.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
/*
dirscan, fast web bruteforcer.
@sha0coder
*/
package main
import "os"
import "fmt"
import "flag"
import "bufio"
import "strings"
import "strconv"
var R *Requests
func check(err error, msg string) {
if err != nil {
fmt.Println(msg)
os.Exit(1)
}
}
func checkWebserver(surl string) {
_, code, resp := R.Get(surl)
R.QuitOnFail(code, "Can't connect")
fmt.Printf("Server: %s\nDefault response: %d\n", resp.Header.Get("Server"), resp.StatusCode)
_, _, resp = R.Options(surl)
fmt.Printf("Allowed Options: %s\n", resp.Header.Get("Allow"))
}
func loadWordlist(wordlist string, c chan string) {
file, err := os.Open(wordlist)
check(err, "Can't load the wordlist")
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() {
c <- scanner.Text()
}
c <- "[EOF1337]"
close(c)
fmt.Println("Wordlist completed.")
}
func main() {
var url *string = flag.String("url", "", "the url")
var post *string = flag.String("post", "", "post variables with ## where to bruteforce")
var wordlist *string = flag.String("dict", "", "the wordlist")
var num *int = flag.Int("num", 0, "numeric sequence")
var goroutines *int = flag.Int("go", 1, "num of concurrent goroutines")
var hl *int = flag.Int("hl", 0, "hide lines")
var hw *int = flag.Int("hw", 0, "hide words")
var hwl *int = flag.Int("hwl", 0, "hide words low")
var hwh *int = flag.Int("hwh", 0, "hide words hight")
var hb *int = flag.Int("hb", 0, "hide bytes")
var hc *int = flag.Int("hc", 0, "hide code")
var proxy *string = flag.String("proxy", "", "set proxy ip:port")
var i int
flag.Parse()
if *url == "" || (*wordlist == "" && *num == 0) {
fmt.Println("num:%d\n", *num)
check(nil, "bad usage --help")
}
R = NewRequests()
if *proxy != "" {
R.SetProxy("http://" + *proxy)
}
checkWebserver(*url)
c := make(chan string, 6)
if *wordlist != "" {
go loadWordlist(*wordlist, c)
}
if *num > 0 {
go func() {
for n := 0; n < *num; n++ {
c <- strconv.Itoa(n)
}
c <- "[EOF1337]"
close(c)
}()
}
for i = 0; i < *goroutines; i++ {
go func(url string, post string, r int, c <-chan string) {
var html string
var lines int
var words int
var bytes int
var code int
var u string
var p string
for w := range c {
if w == "[EOF1337]" {
fmt.Println("end.\n")
os.Exit(1)
}
u = strings.Replace(url, "##", w, -1)
p = strings.Replace(post, "##", w, -1)
html, code, _ = R.GetOrPost(u, p)
lines = len(strings.Split(html, "\n"))
words = len(strings.Split(html, " "))
bytes = len(html)
if *hl == lines || *hw == words || *hb == bytes || *hc == code || (*hwl <= words && words <= *hwh) {
bytes = 0
//fmt.Printf("\033[2K%d) (%d) [%d] [%d] [%d]\t\tword: %s\r", r, code, lines, words, bytes, w)
} else {
fmt.Printf("(%d) [%d] [%d] [%d]\t\t%s %s\n", code, lines, words, bytes, u, p)
//fmt.Printf("\033[32m%d) (%d) [%d] [%d] [%d]\t\tword: %s\n\033[0m", r, code, lines, words, bytes, w)
}
}
}(*url, *post, i, c)
}
fmt.Printf("Scanning, press enter to interrupt.\n")
fmt.Scanf("%d", &i)
fmt.Printf("interrupted.")
}