mirror of
https://github.com/OJ/gobuster.git
synced 2024-05-12 00:26:04 +02:00
parent
1cb6806744
commit
956138a785
|
@ -14,7 +14,7 @@ issues:
|
|||
linters:
|
||||
- gocritic
|
||||
|
||||
- path: cli\\cmd\\.+\.go
|
||||
- path: cli\cmd\.+\.go
|
||||
linters:
|
||||
- gochecknoinits
|
||||
- gochecknoglobals
|
||||
|
|
|
@ -54,6 +54,7 @@ func parseDirOptions() (*libgobuster.Options, *gobusterdir.OptionsDir, error) {
|
|||
plugin.Timeout = httpOpts.Timeout
|
||||
plugin.FollowRedirect = httpOpts.FollowRedirect
|
||||
plugin.InsecureSSL = httpOpts.InsecureSSL
|
||||
plugin.Headers = httpOpts.Headers
|
||||
|
||||
plugin.Extensions, err = cmdDir.Flags().GetString("extensions")
|
||||
if err != nil {
|
||||
|
|
|
@ -23,6 +23,7 @@ func addCommonHTTPOptions(cmd *cobra.Command) error {
|
|||
cmd.Flags().DurationP("timeout", "", 10*time.Second, "HTTP Timeout")
|
||||
cmd.Flags().BoolP("followredirect", "r", false, "Follow redirects")
|
||||
cmd.Flags().BoolP("insecuressl", "k", false, "Skip SSL certificate verification")
|
||||
cmd.Flags().StringArrayP("headers", "H", []string{""}, "Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'")
|
||||
|
||||
if err := cmdDir.MarkFlagRequired("url"); err != nil {
|
||||
return fmt.Errorf("error on marking flag as required: %v", err)
|
||||
|
@ -100,6 +101,25 @@ func parseCommonHTTPOptions(cmd *cobra.Command) (libgobuster.OptionsHTTP, error)
|
|||
return options, fmt.Errorf("invalid value for insecuressl: %v", err)
|
||||
}
|
||||
|
||||
headers, err := cmd.Flags().GetStringArray("headers")
|
||||
if err != nil {
|
||||
return options, fmt.Errorf("invalid value for headers: %v", err)
|
||||
}
|
||||
|
||||
for _, h := range headers {
|
||||
keyAndValue := strings.SplitN(h, ":", 2)
|
||||
if len(keyAndValue) != 2 {
|
||||
return options, fmt.Errorf("invalid header format for header %q", h)
|
||||
}
|
||||
key := strings.TrimSpace(keyAndValue[0])
|
||||
value := strings.TrimSpace(keyAndValue[1])
|
||||
if len(key) == 0 {
|
||||
return options, fmt.Errorf("invalid header format for header %q - name is empty", h)
|
||||
}
|
||||
header := libgobuster.HTTPHeader{Name: key, Value: value}
|
||||
options.Headers = append(options.Headers, header)
|
||||
}
|
||||
|
||||
// Prompt for PW if not provided
|
||||
if options.Username != "" && options.Password == "" {
|
||||
fmt.Printf("[?] Auth Password: ")
|
||||
|
|
|
@ -49,6 +49,7 @@ func parseVhostOptions() (*libgobuster.Options, *gobustervhost.OptionsVhost, err
|
|||
plugin.Timeout = httpOpts.Timeout
|
||||
plugin.FollowRedirect = httpOpts.FollowRedirect
|
||||
plugin.InsecureSSL = httpOpts.InsecureSSL
|
||||
plugin.Headers = httpOpts.Headers
|
||||
|
||||
return globalopts, &plugin, nil
|
||||
}
|
||||
|
|
|
@ -52,6 +52,7 @@ func NewGobusterDir(cont context.Context, globalopts *libgobuster.Options, opts
|
|||
Username: opts.Username,
|
||||
Password: opts.Password,
|
||||
UserAgent: opts.UserAgent,
|
||||
Headers: opts.Headers,
|
||||
}
|
||||
|
||||
h, err := libgobuster.NewHTTPClient(cont, &httpOpts)
|
||||
|
|
|
@ -46,6 +46,7 @@ func NewGobusterVhost(cont context.Context, globalopts *libgobuster.Options, opt
|
|||
Username: opts.Username,
|
||||
Password: opts.Password,
|
||||
UserAgent: opts.UserAgent,
|
||||
Headers: opts.Headers,
|
||||
}
|
||||
|
||||
h, err := libgobuster.NewHTTPClient(cont, &httpOpts)
|
||||
|
|
|
@ -13,6 +13,11 @@ import (
|
|||
"unicode/utf8"
|
||||
)
|
||||
|
||||
type HTTPHeader struct {
|
||||
Name string
|
||||
Value string
|
||||
}
|
||||
|
||||
// HTTPClient represents a http object
|
||||
type HTTPClient struct {
|
||||
client *http.Client
|
||||
|
@ -21,6 +26,7 @@ type HTTPClient struct {
|
|||
defaultUserAgent string
|
||||
username string
|
||||
password string
|
||||
headers []HTTPHeader
|
||||
includeLength bool
|
||||
}
|
||||
|
||||
|
@ -30,6 +36,7 @@ type HTTPOptions struct {
|
|||
Username string
|
||||
Password string
|
||||
UserAgent string
|
||||
Headers []HTTPHeader
|
||||
Timeout time.Duration
|
||||
FollowRedirect bool
|
||||
InsecureSSL bool
|
||||
|
@ -80,6 +87,7 @@ func NewHTTPClient(c context.Context, opt *HTTPOptions) (*HTTPClient, error) {
|
|||
client.includeLength = opt.IncludeLength
|
||||
client.userAgent = opt.UserAgent
|
||||
client.defaultUserAgent = DefaultUserAgent()
|
||||
client.headers = opt.Headers
|
||||
return &client, nil
|
||||
}
|
||||
|
||||
|
@ -195,6 +203,11 @@ func (client *HTTPClient) makeRequest(method, fullURL, host, cookie string, data
|
|||
req.Header.Set("User-Agent", client.defaultUserAgent)
|
||||
}
|
||||
|
||||
// add custom headers
|
||||
for _, h := range client.headers {
|
||||
req.Header.Set(h.Name, h.Value)
|
||||
}
|
||||
|
||||
if client.username != "" {
|
||||
req.SetBasicAuth(client.username, client.password)
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ type OptionsHTTP struct {
|
|||
Username string
|
||||
Proxy string
|
||||
Cookies string
|
||||
Headers []HTTPHeader
|
||||
Timeout time.Duration
|
||||
FollowRedirect bool
|
||||
InsecureSSL bool
|
||||
|
|
Loading…
Reference in New Issue