-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathmain.go
143 lines (119 loc) · 3.23 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
package main
import (
"encoding/base64"
"flag"
"fmt"
"log"
"net/http"
"net/http/httputil"
"os"
"path/filepath"
"strconv"
"strings"
"github.com/franela/goreq"
)
var dir *string
var root *string
var host *string
var port *string
var iport int
var burpBuddyURL *string
var localURL string
var count int
func init() {
host = flag.String("host", "localhost", "host for the file server to listen on")
port = flag.String("port", "9999", "port for the file server to listen on")
dir = flag.String("dir", "", "directory with code to scan")
root = flag.String("root", "", "root to serve from")
burpBuddyURL = flag.String("burpbuddy", "http://localhost:8001", "HTTP API URL for burpbuddy")
flag.Parse()
if *dir == "" {
log.Fatal("--dir is required")
}
d, err := filepath.Abs(*dir)
if err != nil {
log.Fatalf("Error getting absolute path of dir: %s", err.Error())
}
dir = &d
iport, err = strconv.Atoi(*port)
if err != nil {
log.Fatalf("Error converting port to int: %s", err.Error())
}
count = 0
localURL = fmt.Sprintf("http://%s:%s%s", *host, *port, *root)
}
func main() {
go func() {
log.Fatal(http.ListenAndServe(*host+":"+*port, http.StripPrefix(*root+"/", http.FileServer(http.Dir(*dir)))))
}()
log.Printf("Static file server listening on %s, serving %s", localURL, *dir)
log.Printf("Adding %s to scope", localURL)
s := ScopeRequest{URL: localURL + "/"}
resp, err := goreq.Request{
Method: "POST",
Uri: *burpBuddyURL + "/scope",
Body: s,
}.Do()
if err != nil {
log.Fatalf("Error adding site to scope: %s", err.Error())
}
if resp.StatusCode != 201 {
log.Fatal("Non 201 status code when adding to scope")
}
resp.Body.Close()
log.Println("Walking directory, each file will be sent to burp's passive scan")
if err := filepath.Walk(*dir, walker); err != nil {
log.Printf("Error during directory walk: %s", err.Error())
}
log.Printf("%d files sent to burp", count)
}
func walker(path string, info os.FileInfo, err error) error {
parts := strings.Split(path, *dir)
if parts[1] == "" {
return nil
}
fname := strings.Replace(parts[1], "\\", "/", -1)
resp, err := http.Get(localURL + fname)
if err != nil {
log.Printf("Error getting %s from go http server: %s", fname, err.Error())
return nil
}
if resp.StatusCode != 200 {
log.Printf("Non 200 status code from go for %s", fname)
return nil
}
rawResponse, err := httputil.DumpResponse(resp, true)
if err != nil {
log.Printf("Error dumping response: %s", err.Error())
return nil
}
rawRequest, err := httputil.DumpRequest(resp.Request, true)
if err != nil {
log.Printf("Error dumping request: %s", err.Error())
return nil
}
r := PassiveScanRequest{
Host: *host,
Port: iport,
UseHTTPS: false,
Request: base64.StdEncoding.EncodeToString(rawRequest),
Response: base64.StdEncoding.EncodeToString(rawResponse),
}
presp, err := goreq.Request{
Method: "POST",
Uri: *burpBuddyURL + "/scan/passive",
Body: r,
}.Do()
if err != nil {
log.Printf("Error during passive scan request to burpbuddy: %s", err.Error())
return nil
}
if presp.StatusCode != 201 {
log.Println("Non 201 status code during passive scan request to burpbuddy")
return nil
}
defer resp.Body.Close()
defer presp.Body.Close()
count++
return nil
}