mirror of
https://github.com/OJ/gobuster.git
synced 2024-09-26 01:30:43 +02:00
parent
1cb6806744
commit
956138a785
@ -14,7 +14,7 @@ issues:
|
|||||||
linters:
|
linters:
|
||||||
- gocritic
|
- gocritic
|
||||||
|
|
||||||
- path: cli\\cmd\\.+\.go
|
- path: cli\cmd\.+\.go
|
||||||
linters:
|
linters:
|
||||||
- gochecknoinits
|
- gochecknoinits
|
||||||
- gochecknoglobals
|
- gochecknoglobals
|
||||||
|
@ -54,6 +54,7 @@ func parseDirOptions() (*libgobuster.Options, *gobusterdir.OptionsDir, error) {
|
|||||||
plugin.Timeout = httpOpts.Timeout
|
plugin.Timeout = httpOpts.Timeout
|
||||||
plugin.FollowRedirect = httpOpts.FollowRedirect
|
plugin.FollowRedirect = httpOpts.FollowRedirect
|
||||||
plugin.InsecureSSL = httpOpts.InsecureSSL
|
plugin.InsecureSSL = httpOpts.InsecureSSL
|
||||||
|
plugin.Headers = httpOpts.Headers
|
||||||
|
|
||||||
plugin.Extensions, err = cmdDir.Flags().GetString("extensions")
|
plugin.Extensions, err = cmdDir.Flags().GetString("extensions")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -23,6 +23,7 @@ func addCommonHTTPOptions(cmd *cobra.Command) error {
|
|||||||
cmd.Flags().DurationP("timeout", "", 10*time.Second, "HTTP Timeout")
|
cmd.Flags().DurationP("timeout", "", 10*time.Second, "HTTP Timeout")
|
||||||
cmd.Flags().BoolP("followredirect", "r", false, "Follow redirects")
|
cmd.Flags().BoolP("followredirect", "r", false, "Follow redirects")
|
||||||
cmd.Flags().BoolP("insecuressl", "k", false, "Skip SSL certificate verification")
|
cmd.Flags().BoolP("insecuressl", "k", false, "Skip SSL certificate verification")
|
||||||
|
cmd.Flags().StringArrayP("headers", "H", []string{""}, "Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'")
|
||||||
|
|
||||||
if err := cmdDir.MarkFlagRequired("url"); err != nil {
|
if err := cmdDir.MarkFlagRequired("url"); err != nil {
|
||||||
return fmt.Errorf("error on marking flag as required: %v", err)
|
return fmt.Errorf("error on marking flag as required: %v", err)
|
||||||
@ -100,6 +101,25 @@ func parseCommonHTTPOptions(cmd *cobra.Command) (libgobuster.OptionsHTTP, error)
|
|||||||
return options, fmt.Errorf("invalid value for insecuressl: %v", err)
|
return options, fmt.Errorf("invalid value for insecuressl: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
headers, err := cmd.Flags().GetStringArray("headers")
|
||||||
|
if err != nil {
|
||||||
|
return options, fmt.Errorf("invalid value for headers: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, h := range headers {
|
||||||
|
keyAndValue := strings.SplitN(h, ":", 2)
|
||||||
|
if len(keyAndValue) != 2 {
|
||||||
|
return options, fmt.Errorf("invalid header format for header %q", h)
|
||||||
|
}
|
||||||
|
key := strings.TrimSpace(keyAndValue[0])
|
||||||
|
value := strings.TrimSpace(keyAndValue[1])
|
||||||
|
if len(key) == 0 {
|
||||||
|
return options, fmt.Errorf("invalid header format for header %q - name is empty", h)
|
||||||
|
}
|
||||||
|
header := libgobuster.HTTPHeader{Name: key, Value: value}
|
||||||
|
options.Headers = append(options.Headers, header)
|
||||||
|
}
|
||||||
|
|
||||||
// Prompt for PW if not provided
|
// Prompt for PW if not provided
|
||||||
if options.Username != "" && options.Password == "" {
|
if options.Username != "" && options.Password == "" {
|
||||||
fmt.Printf("[?] Auth Password: ")
|
fmt.Printf("[?] Auth Password: ")
|
||||||
|
@ -49,6 +49,7 @@ func parseVhostOptions() (*libgobuster.Options, *gobustervhost.OptionsVhost, err
|
|||||||
plugin.Timeout = httpOpts.Timeout
|
plugin.Timeout = httpOpts.Timeout
|
||||||
plugin.FollowRedirect = httpOpts.FollowRedirect
|
plugin.FollowRedirect = httpOpts.FollowRedirect
|
||||||
plugin.InsecureSSL = httpOpts.InsecureSSL
|
plugin.InsecureSSL = httpOpts.InsecureSSL
|
||||||
|
plugin.Headers = httpOpts.Headers
|
||||||
|
|
||||||
return globalopts, &plugin, nil
|
return globalopts, &plugin, nil
|
||||||
}
|
}
|
||||||
|
@ -52,6 +52,7 @@ func NewGobusterDir(cont context.Context, globalopts *libgobuster.Options, opts
|
|||||||
Username: opts.Username,
|
Username: opts.Username,
|
||||||
Password: opts.Password,
|
Password: opts.Password,
|
||||||
UserAgent: opts.UserAgent,
|
UserAgent: opts.UserAgent,
|
||||||
|
Headers: opts.Headers,
|
||||||
}
|
}
|
||||||
|
|
||||||
h, err := libgobuster.NewHTTPClient(cont, &httpOpts)
|
h, err := libgobuster.NewHTTPClient(cont, &httpOpts)
|
||||||
|
@ -46,6 +46,7 @@ func NewGobusterVhost(cont context.Context, globalopts *libgobuster.Options, opt
|
|||||||
Username: opts.Username,
|
Username: opts.Username,
|
||||||
Password: opts.Password,
|
Password: opts.Password,
|
||||||
UserAgent: opts.UserAgent,
|
UserAgent: opts.UserAgent,
|
||||||
|
Headers: opts.Headers,
|
||||||
}
|
}
|
||||||
|
|
||||||
h, err := libgobuster.NewHTTPClient(cont, &httpOpts)
|
h, err := libgobuster.NewHTTPClient(cont, &httpOpts)
|
||||||
|
@ -13,6 +13,11 @@ import (
|
|||||||
"unicode/utf8"
|
"unicode/utf8"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type HTTPHeader struct {
|
||||||
|
Name string
|
||||||
|
Value string
|
||||||
|
}
|
||||||
|
|
||||||
// HTTPClient represents a http object
|
// HTTPClient represents a http object
|
||||||
type HTTPClient struct {
|
type HTTPClient struct {
|
||||||
client *http.Client
|
client *http.Client
|
||||||
@ -21,6 +26,7 @@ type HTTPClient struct {
|
|||||||
defaultUserAgent string
|
defaultUserAgent string
|
||||||
username string
|
username string
|
||||||
password string
|
password string
|
||||||
|
headers []HTTPHeader
|
||||||
includeLength bool
|
includeLength bool
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -30,6 +36,7 @@ type HTTPOptions struct {
|
|||||||
Username string
|
Username string
|
||||||
Password string
|
Password string
|
||||||
UserAgent string
|
UserAgent string
|
||||||
|
Headers []HTTPHeader
|
||||||
Timeout time.Duration
|
Timeout time.Duration
|
||||||
FollowRedirect bool
|
FollowRedirect bool
|
||||||
InsecureSSL bool
|
InsecureSSL bool
|
||||||
@ -80,6 +87,7 @@ func NewHTTPClient(c context.Context, opt *HTTPOptions) (*HTTPClient, error) {
|
|||||||
client.includeLength = opt.IncludeLength
|
client.includeLength = opt.IncludeLength
|
||||||
client.userAgent = opt.UserAgent
|
client.userAgent = opt.UserAgent
|
||||||
client.defaultUserAgent = DefaultUserAgent()
|
client.defaultUserAgent = DefaultUserAgent()
|
||||||
|
client.headers = opt.Headers
|
||||||
return &client, nil
|
return &client, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -195,6 +203,11 @@ func (client *HTTPClient) makeRequest(method, fullURL, host, cookie string, data
|
|||||||
req.Header.Set("User-Agent", client.defaultUserAgent)
|
req.Header.Set("User-Agent", client.defaultUserAgent)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// add custom headers
|
||||||
|
for _, h := range client.headers {
|
||||||
|
req.Header.Set(h.Name, h.Value)
|
||||||
|
}
|
||||||
|
|
||||||
if client.username != "" {
|
if client.username != "" {
|
||||||
req.SetBasicAuth(client.username, client.password)
|
req.SetBasicAuth(client.username, client.password)
|
||||||
}
|
}
|
||||||
|
@ -12,6 +12,7 @@ type OptionsHTTP struct {
|
|||||||
Username string
|
Username string
|
||||||
Proxy string
|
Proxy string
|
||||||
Cookies string
|
Cookies string
|
||||||
|
Headers []HTTPHeader
|
||||||
Timeout time.Duration
|
Timeout time.Duration
|
||||||
FollowRedirect bool
|
FollowRedirect bool
|
||||||
InsecureSSL bool
|
InsecureSSL bool
|
||||||
|
Loading…
Reference in New Issue
Block a user