diff --git a/src/cli/cli.go b/src/cli/cli.go index de4c535..567ac50 100644 --- a/src/cli/cli.go +++ b/src/cli/cli.go @@ -1,6 +1,7 @@ package cli import ( + "bruteforce/src/matching" "bruteforce/src/models" "errors" "flag" @@ -17,7 +18,7 @@ func Parse_cli_args() (models.Forcing_params, error) { // forkptr := flag.Bool("v", false, "Verbose program") statusPtr := flag.String("status-codes", "200,401,403,404,429,500", "Comma-separated list of status codes to match") - headerPtr := flag.String("header", "", "Header to match") + headerPtr := flag.String("header", "", "Header to match, formatted as \"key: value\"") bodyPtr := flag.String("body", "", "String to match in response body") wordlistPtr := flag.String("wordlist", "", "Wordlist to bruteforce url with") flag.IntVar(¶ms.Workers, "threads", 1, "Number of threads to be used") @@ -37,14 +38,14 @@ func Parse_cli_args() (models.Forcing_params, error) { if len(flag.Args()) < 1 { return params, UrlError } + params.Url = flag.Args()[0] // params.BoolFlags.Verbose = *forkptr - params.Status = *statusPtr - params.Header = *headerPtr - params.Body = *bodyPtr + params.Criteria = matcher.MatchParser(*statusPtr, *headerPtr, *bodyPtr) params.Wordlist = *wordlistPtr if params.Wordlist == "" { return params, WordListError } + return params, nil } diff --git a/src/main.go b/src/main.go index 2061245..9642a22 100644 --- a/src/main.go +++ b/src/main.go @@ -2,7 +2,6 @@ package main import ( "bruteforce/src/cli" - "bruteforce/src/matching" "bruteforce/src/query" "fmt" ) @@ -16,7 +15,5 @@ func main() { } fmt.Println(forcing_params) - criteria := matcher.MatchParser(&forcing_params) - - query.MainRequest(&forcing_params, criteria) // maybe like this? + query.MainRequest(&forcing_params) } diff --git a/src/matching/body.go b/src/matching/body.go index c6734b9..9ccf9f5 100644 --- a/src/matching/body.go +++ b/src/matching/body.go @@ -1,13 +1,14 @@ package matcher import ( + "bruteforce/src/models" "errors" "strings" ) -func matchContents(body []byte, criteria MatchCriteria) (bool, error) { +func matchContents(body []byte, criteria models.MatchCriteria) error { if criteria.BodyContains != "" && !strings.Contains(string(body), criteria.BodyContains) { - return false, errors.New("body content mismatch") + return errors.New("body content mismatch") } - return true, nil + return nil } diff --git a/src/matching/headers.go b/src/matching/headers.go index 88f2c09..9bae1bb 100644 --- a/src/matching/headers.go +++ b/src/matching/headers.go @@ -1,19 +1,20 @@ package matcher import ( + "bruteforce/src/models" "fmt" "log" "net/http" "strings" ) -func matchHeaders(resp *http.Response, criteria MatchCriteria) (bool, error) { +func matchHeaders(resp *http.Response, criteria models.MatchCriteria) error { for key, value := range criteria.Headers { if resp.Header.Get(key) != value { - return false, fmt.Errorf("header mismatch: %s=%s\nheaders: %s", key, value, resp.Header) + return fmt.Errorf("header mismatch: %s=%s\nheaders: %s", key, value, resp.Header) } } - return true, nil + return nil } func parseHeaders(headersList string) map[string]string { diff --git a/src/matching/matcher.go b/src/matching/matcher.go index cf7d287..687dc60 100644 --- a/src/matching/matcher.go +++ b/src/matching/matcher.go @@ -2,47 +2,35 @@ package matcher import ( "bruteforce/src/models" - "io" "log" "net/http" ) -type MatchCriteria struct { - StatusCodes []int - Headers map[string]string - BodyContains string -} - -func MatchResponse(response *http.Response, criteria MatchCriteria) (bool, string) { - body, err := io.ReadAll(response.Body) - if err != nil { - return false, err.Error() - } - - if matched, err := matchStatusCode(response, criteria.StatusCodes); !matched { - return false, err.Error() +func MatchResponse(response *http.Response, body []byte, criteria models.MatchCriteria) error { + if err := matchStatusCode(response, criteria); err != nil { + return err } - if matched, err := matchHeaders(response, criteria); !matched { - return false, err.Error() + if err := matchHeaders(response, criteria); err != nil { + return err } - if matched, err := matchContents(body, criteria); !matched { - return false, err.Error() + if err := matchContents(body, criteria); err != nil { + return err } - return true, "matched successfully" + return nil } -func MatchParser(params *models.Forcing_params) MatchCriteria { - matchCodes, err := parseStatusCodes(params.Status) +func MatchParser(statusPtr string, headerPtr string, bodyPtr string) models.MatchCriteria { + matchCodes, err := parseStatusCodes(statusPtr) if err != nil { log.Fatal("Error parsing status codes:", err) } - matchHeaders := parseHeaders(params.Header) - criteria := MatchCriteria{ + matchHeaders := parseHeaders(headerPtr) + criteria := models.MatchCriteria{ StatusCodes: matchCodes, Headers: matchHeaders, - BodyContains: params.Body, + BodyContains: bodyPtr, } return criteria diff --git a/src/matching/status.go b/src/matching/status.go index e60c746..2a90b01 100644 --- a/src/matching/status.go +++ b/src/matching/status.go @@ -1,26 +1,27 @@ package matcher import ( + "bruteforce/src/models" "fmt" "log" "net/http" "strings" ) -func matchStatusCode(resp *http.Response, matchCodes []int) (bool, error) { +func matchStatusCode(resp *http.Response, criteria models.MatchCriteria) error { isAll := false - if matchCodes[0] == 0 { + if criteria.StatusCodes[0] == 0 { isAll = !isAll } else { - log.Printf("Matching status codes %d...", matchCodes) + log.Printf("Matching status codes %d...", criteria.StatusCodes) } - for _, code := range matchCodes { + for _, code := range criteria.StatusCodes { if resp.StatusCode == code || isAll { - return true, nil + return nil } } - return false, fmt.Errorf("status code is %d", resp.StatusCode) + return fmt.Errorf("status code is %d", resp.StatusCode) } func parseStatusCodes(statusCodeList string) ([]int, error) { diff --git a/src/models/models.go b/src/models/models.go index 7e173fa..e496d22 100644 --- a/src/models/models.go +++ b/src/models/models.go @@ -4,12 +4,16 @@ type boolflags struct { Verbose bool } +type MatchCriteria struct { + StatusCodes []int + Headers map[string]string + BodyContains string +} + type Forcing_params struct { Workers int Url string Wordlist string BoolFlags boolflags - Status string - Header string - Body string + Criteria MatchCriteria } diff --git a/src/query/callWorker.go b/src/query/callWorker.go index 7102fcc..2bd783b 100644 --- a/src/query/callWorker.go +++ b/src/query/callWorker.go @@ -1,7 +1,6 @@ package query import ( - "bruteforce/src/matching" "bruteforce/src/models" "bruteforce/src/utils" "sync" @@ -14,7 +13,7 @@ func executeQueryFromFile(wg *sync.WaitGroup, params *models.Forcing_params, cur } } -func MainRequest(params *models.Forcing_params, criteria matcher.MatchCriteria) { +func MainRequest(params *models.Forcing_params) { wg := &sync.WaitGroup{} wg.Add(params.Workers) channel := make(chan string) diff --git a/src/query/queryExecute.go b/src/query/queryExecute.go index 7a76c97..5185636 100644 --- a/src/query/queryExecute.go +++ b/src/query/queryExecute.go @@ -1,6 +1,7 @@ package query import ( + "bruteforce/src/matching" "bruteforce/src/models" "fmt" "io" @@ -29,5 +30,10 @@ func QueryExecute(params *models.Forcing_params, path string, method string) { log.Fatal(err) } - fmt.Println(string(body)) + if err := matcher.MatchResponse(resp, body, params.Criteria); err == nil { + fmt.Println(string(body)) + } else { + log.Println(err) + } + }