-
Notifications
You must be signed in to change notification settings - Fork 778
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use a random hash instead of generating an url-based filename to store #848
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The each domain/ip the expected location is in the following format:
outputfolder/domain/hash.txt
The file content of hash.txt
should be:
[full URL]
[request]
response
Then a new line to outputfolder/index
file should be appended for each retrieved item as follows:
output-folder/domain/hash http://full.url/with/path (status-code status-reason)
This will make the output compatible with: https://github.com/tomnomnom/meg
Note: windows has 255 max char limit for filenames
data := append([]byte(fmt.Sprintf("[%s]", fullURL)), append([]byte("\n\n"), reqRaw...)...) | ||
data = append(data, append([]byte("\n"), respRaw...)...) | ||
fileutil.CreateFolder(domainBaseDir) | ||
writeErr := os.WriteFile(responsePath, data, 0644) |
Check warning
Code scanning / SonarCloud
<!--SONAR_ISSUE_KEY:AYRS5VF2SgJRRWal-d1K-->Expect WriteFile permissions to be 0600 or less <p>See more on <a href="https://sonarcloud.io/project/issues?id=projectdiscovery_httpx&issues=AYRS5VF2SgJRRWal-d1K&open=AYRS5VF2SgJRRWal-d1K&pullRequest=848">SonarCloud</a></p>
@@ -91,7 +91,10 @@ | |||
if err != nil { | |||
return nil, errors.Wrap(err, "could not create wappalyzer client") | |||
} | |||
|
|||
if options.StoreResponseDir != "" { | |||
os.RemoveAll(filepath.Join(options.StoreResponseDir, "index.txt")) |
Check warning
Code scanning / SonarCloud
<!--SONAR_ISSUE_KEY:AYRiQyYEW8k5B5vEBcJ1-->Errors unhandled. <p>See more on <a href="https://sonarcloud.io/project/issues?id=projectdiscovery_httpx&issues=AYRiQyYEW8k5B5vEBcJ1&open=AYRiQyYEW8k5B5vEBcJ1&pullRequest=848">SonarCloud</a></p>
if err != nil { | ||
gologger.Fatal().Msgf("Could not open/create index file '%s': %s\n", r.options.Output, err) | ||
} | ||
defer indexFile.Close() //nolint |
Check warning
Code scanning / SonarCloud
<!--SONAR_ISSUE_KEY:AYRnEvCuNbj9f4MOfSoY-->Deferring unsafe method "Close" on type "*os.File" <p>See more on <a href="https://sonarcloud.io/project/issues?id=projectdiscovery_httpx&issues=AYRnEvCuNbj9f4MOfSoY&open=AYRnEvCuNbj9f4MOfSoY&pullRequest=848">SonarCloud</a></p>
var err error | ||
indexPath := filepath.Join(r.options.StoreResponseDir, "index.txt") | ||
if r.options.Resume { | ||
indexFile, err = os.OpenFile(indexPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600) |
Check warning
Code scanning / SonarCloud
<!--SONAR_ISSUE_KEY:AYRnEvCuNbj9f4MOfSoX-->Potential file inclusion via variable <p>See more on <a href="https://sonarcloud.io/project/issues?id=projectdiscovery_httpx&issues=AYRnEvCuNbj9f4MOfSoX&open=AYRnEvCuNbj9f4MOfSoX&pullRequest=848">SonarCloud</a></p>
if r.options.Resume { | ||
indexFile, err = os.OpenFile(indexPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600) | ||
} else { | ||
indexFile, err = os.Create(indexPath) |
Check warning
Code scanning / SonarCloud
<!--SONAR_ISSUE_KEY:AYRnEvCuNbj9f4MOfSoW-->Potential file inclusion via variable <p>See more on <a href="https://sonarcloud.io/project/issues?id=projectdiscovery_httpx&issues=AYRnEvCuNbj9f4MOfSoW&open=AYRnEvCuNbj9f4MOfSoW&pullRequest=848">SonarCloud</a></p>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$ cat list.txt | go run . -srd test
...
$ cat test/index.txt
test/hackerone.com/b12ceb125f2e005739a0b6d87c900aefc0f97e1ba22609e10ed81ffd9c7b50a8.txt https://hackerone.com:443 (302 Found)
test/projectdiscovery.io/1fca6224ecf596635299a271b83d8a6f060c1f43ba3473895045a5a0cdeea177.txt https://projectdiscovery.io:443 (200 OK)
test/192.168.1.1/c5eb5a4cc76a5cdb16e79864b9ccd26c3553f0c396d0a21bafb7be71c1efcd8c.txt https://192.168.1.1:443 (200 OK)
SonarCloud Quality Gate failed. |
Follow up ticket - #873 |
closes #818
Test: