Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
New functionality to map fired blind payloads back to the initial req…
…uest (#632) * Fix ioutil deprecation and use xdg paths instead (wip) * Clean up deprecated ioutil references, add config directory structure creation and run entry creation * Add wordlist position setting and FFUFHASH variable * Save full wordlist paths and print out a raw request when searched * Cast from string to 32bit integer, 2billion should be enough for a position * Use correct format strings for float
- Loading branch information
Showing
19 changed files
with
578 additions
and
154 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,18 @@ | ||
github.com/adrg/xdg v0.4.0 h1:RzRqFcjH4nE5C6oTAxhBtoE2IRyjBSa62SCbyPidvls= | ||
github.com/adrg/xdg v0.4.0/go.mod h1:N6ag73EX4wyxeaoeHctc1mas01KZgsj5tYiAIwqJE/E= | ||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | ||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= | ||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | ||
github.com/pelletier/go-toml v1.8.1 h1:1Nf83orprkJyknT6h7zbuEGUEjcyVlCxSUGTENmNCRM= | ||
github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= | ||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= | ||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= | ||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= | ||
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= | ||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= | ||
golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359 h1:2B5p2L5IfGiD7+b9BOoRMC6DgObAVZV+Fsp050NqXik= | ||
golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= | ||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= | ||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= | ||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,127 @@ | ||
package ffuf | ||
|
||
import ( | ||
"fmt" | ||
"strings" | ||
) | ||
|
||
func (c *Config) ToOptions() ConfigOptions { | ||
o := ConfigOptions{} | ||
// HTTP options | ||
o.HTTP.Cookies = []string{} | ||
o.HTTP.Data = c.Data | ||
o.HTTP.FollowRedirects = c.FollowRedirects | ||
o.HTTP.Headers = make([]string, 0) | ||
for k, v := range c.Headers { | ||
o.HTTP.Headers = append(o.HTTP.Headers, fmt.Sprintf("%s: %s", k, v)) | ||
} | ||
o.HTTP.IgnoreBody = c.IgnoreBody | ||
o.HTTP.Method = c.Method | ||
o.HTTP.ProxyURL = c.ProxyURL | ||
o.HTTP.Recursion = c.Recursion | ||
o.HTTP.RecursionDepth = c.RecursionDepth | ||
o.HTTP.RecursionStrategy = c.RecursionStrategy | ||
o.HTTP.ReplayProxyURL = c.ReplayProxyURL | ||
o.HTTP.SNI = c.SNI | ||
o.HTTP.Timeout = c.Timeout | ||
o.HTTP.URL = c.Url | ||
o.HTTP.Http2 = c.Http2 | ||
|
||
o.General.AutoCalibration = c.AutoCalibration | ||
o.General.AutoCalibrationKeyword = c.AutoCalibrationKeyword | ||
o.General.AutoCalibrationPerHost = c.AutoCalibrationPerHost | ||
o.General.AutoCalibrationStrategy = c.AutoCalibrationStrategy | ||
o.General.AutoCalibrationStrings = c.AutoCalibrationStrings | ||
o.General.Colors = c.Colors | ||
o.General.ConfigFile = "" | ||
if c.Delay.HasDelay { | ||
if c.Delay.IsRange { | ||
o.General.Delay = fmt.Sprintf("%.2f-%.2f", c.Delay.Min, c.Delay.Max) | ||
} else { | ||
o.General.Delay = fmt.Sprintf("%.2f", c.Delay.Min) | ||
} | ||
} else { | ||
o.General.Delay = "" | ||
} | ||
o.General.Json = c.Json | ||
o.General.MaxTime = c.MaxTime | ||
o.General.MaxTimeJob = c.MaxTimeJob | ||
o.General.Noninteractive = c.Noninteractive | ||
o.General.Quiet = c.Quiet | ||
o.General.Rate = int(c.Rate) | ||
o.General.StopOn403 = c.StopOn403 | ||
o.General.StopOnAll = c.StopOnAll | ||
o.General.StopOnErrors = c.StopOnErrors | ||
o.General.Threads = c.Threads | ||
o.General.Verbose = c.Verbose | ||
|
||
o.Input.DirSearchCompat = c.DirSearchCompat | ||
o.Input.Extensions = strings.Join(c.Extensions, ",") | ||
o.Input.IgnoreWordlistComments = c.IgnoreWordlistComments | ||
o.Input.InputMode = c.InputMode | ||
o.Input.InputNum = c.InputNum | ||
o.Input.InputShell = c.InputShell | ||
o.Input.Inputcommands = []string{} | ||
for _, v := range c.InputProviders { | ||
if v.Name == "command" { | ||
o.Input.Inputcommands = append(o.Input.Inputcommands, fmt.Sprintf("%s:%s", v.Value, v.Keyword)) | ||
} | ||
} | ||
o.Input.Request = c.RequestFile | ||
o.Input.RequestProto = c.RequestProto | ||
o.Input.Wordlists = c.Wordlists | ||
|
||
o.Output.DebugLog = c.Debuglog | ||
o.Output.OutputDirectory = c.OutputDirectory | ||
o.Output.OutputFile = c.OutputFile | ||
o.Output.OutputFormat = c.OutputFormat | ||
o.Output.OutputSkipEmptyFile = c.OutputSkipEmptyFile | ||
|
||
o.Filter.Mode = c.FilterMode | ||
o.Filter.Lines = "" | ||
o.Filter.Regexp = "" | ||
o.Filter.Size = "" | ||
o.Filter.Status = "" | ||
o.Filter.Time = "" | ||
o.Filter.Words = "" | ||
for name, filter := range c.MatcherManager.GetFilters() { | ||
switch name { | ||
case "line": | ||
o.Filter.Lines = filter.Repr() | ||
case "regexp": | ||
o.Filter.Regexp = filter.Repr() | ||
case "size": | ||
o.Filter.Size = filter.Repr() | ||
case "status": | ||
o.Filter.Status = filter.Repr() | ||
case "time": | ||
o.Filter.Time = filter.Repr() | ||
case "words": | ||
o.Filter.Words = filter.Repr() | ||
} | ||
} | ||
o.Matcher.Mode = c.MatcherMode | ||
o.Matcher.Lines = "" | ||
o.Matcher.Regexp = "" | ||
o.Matcher.Size = "" | ||
o.Matcher.Status = "" | ||
o.Matcher.Time = "" | ||
o.Matcher.Words = "" | ||
for name, filter := range c.MatcherManager.GetMatchers() { | ||
switch name { | ||
case "line": | ||
o.Matcher.Lines = filter.Repr() | ||
case "regexp": | ||
o.Matcher.Regexp = filter.Repr() | ||
case "size": | ||
o.Matcher.Size = filter.Repr() | ||
case "status": | ||
o.Matcher.Status = filter.Repr() | ||
case "time": | ||
o.Matcher.Time = filter.Repr() | ||
case "words": | ||
o.Matcher.Words = filter.Repr() | ||
} | ||
} | ||
return o | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,15 @@ | ||
package ffuf | ||
|
||
import ( | ||
"github.com/adrg/xdg" | ||
"path/filepath" | ||
) | ||
|
||
var ( | ||
//VERSION holds the current version number | ||
VERSION = "1.5.0" | ||
//VERSION_APPENDIX holds additional version definition | ||
VERSION_APPENDIX = "-dev" | ||
CONFIGDIR = filepath.Join(xdg.ConfigHome, "ffuf") | ||
HISTORYDIR = filepath.Join(CONFIGDIR, "history") | ||
) |
Oops, something went wrong.