Merge pull request #508 from hahwul/dev

Dev
hahwul · Nov 26, 2023 · 2fec671 · 2fec671
2 parents f7245e5 + 3344c92
commit 2fec671
Show file tree

Hide file tree

Showing 12 changed files with 123 additions and 117 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -6,7 +6,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go: ["1.17", "1.18", "1.19", "1.20"]
+        go: ["1.17", "1.18", "1.19", "1.20", "1.21"]
     steps:
       - name: Set up Go ${{ matrix.go }}
         uses: actions/setup-go@v4

diff --git a/cmd/file.go b/cmd/file.go
@@ -3,7 +3,6 @@ package cmd
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"strconv"
 	"strings"
@@ -101,7 +100,7 @@ var fileCmd = &cobra.Command{
 					options.SpinnerObject = spinner.New(spinner.CharSets[14], 100*time.Millisecond, spinner.WithWriter(os.Stderr)) // Build our new spinner
 				}
 				var harObject voltHar.HARObject
-				harFile, err := ioutil.ReadFile(args[0])
+				harFile, err := os.ReadFile(args[0])
 				if err == nil {
 					err = json.Unmarshal(harFile, &harObject)
 					if options.Format == "json" {

diff --git a/cmd/root.go b/cmd/root.go
@@ -3,7 +3,7 @@ package cmd
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"time"
 
@@ -211,11 +211,10 @@ func initConfig() {
 		printing.DalLog("SYSTEM", "Loaded "+grep+" file for grepping", options)
 		// defer the closing of our jsonFile so that we can parse it later on
 		defer jsonFile.Close()
-		byteValue, _ := ioutil.ReadAll(jsonFile)
+		byteValue, _ := io.ReadAll(jsonFile)
 		options.Grep = string(byteValue)
 
 	}
-
 	if config != "" {
 		// Open our jsonFile
 		jsonFile, err := os.Open(config)
@@ -227,8 +226,10 @@ func initConfig() {
 		// defer the closing of our jsonFile so that we can parse it later on
 		defer jsonFile.Close()
 
-		byteValue, _ := ioutil.ReadAll(jsonFile)
-		json.Unmarshal([]byte(byteValue), options)
+		byteValue, _ := io.ReadAll(jsonFile)
+		err = json.Unmarshal([]byte(byteValue), &options)
+		if err != nil {
+			printing.DalLog("SYSTEM", "Error while parsing config file", options)
+		}
 	}
-
 }
diff --git a/docs/_docs/config.md b/docs/_docs/config.md
@@ -7,22 +7,27 @@ permalink: /docs/config/
 Please check [sample file](https://github.com/hahwul/dalfox/blob/main/samples/sample_config.json)
 ```json
 {
-	"Header":"",
-	"Cookie":"",
-	"UniqParam":"",
-	"BlindURL":"",
-	"CustomPayloadFile":"",
-	"Data":"",
-	"UserAgent":"",
-	"OutputFile":"",
-	"Format":"",
-	"FoundAction":"",
-	"Proxy":"",
-	"Timeout": 30,
-	"Concurrence": 100,
-	"Delay": 30,
-	"OnlyDiscovery": false
+	"header":[
+		""
+	],
+	"cookie":"",
+	"param":[
+		""
+	],
+	"blind":"",
+	"custom-payload-file":"",
+	"data":"",
+	"user-agent":"",
+	"output":"",
+	"format":"",
+	"found-action":"",
+	"proxy":"",
+	"timeout": 30,
+	"worker": 100,
+	"delay": 30,
+	"only-discovery": false
 }
+
 ```
 
 and Config is mapped to options.model.

diff --git a/pkg/model/options.go b/pkg/model/options.go
@@ -12,68 +12,68 @@ import (
 
 // Options is struct of options
 type Options struct {
-	UniqParam         []string `json:"param"`
-	Cookie            string   `json:"cookie"`
-	Header            []string `json:"header"`
-	ConfigFile        string   `json:"config"`
-	BlindURL          string   `json:"blind"`
-	CustomPayloadFile string   `json:"custom-payload-file"`
-	CustomAlertValue  string   `json:"custom-alert-value"`
-	CustomAlertType   string   `json:"custom-alert-type"`
-	Data              string   `json:"data"`
-	UserAgent         string   `json:"user-agent"`
-	OutputFile        string   `json:"output"`
-	Format            string   `json:"format"`
-	FoundAction       string   `json:"found-action"`
-	FoundActionShell  string   `json:"found-action-shell"`
-	ProxyAddress      string   `json:"proxy"`
-	Grep              string   `json:"grep"`
-	IgnoreReturn      string   `json:"ignore-return"`
-	IgnoreParams      []string `json:"ignore-params"`
-	Trigger           string   `json:"trigger"`
-	Timeout           int      `json:"timeout"`
-	Concurrence       int      `json:"worker"`
-	Delay             int      `json:"delay"`
+	UniqParam         []string `json:"param,omitempty"`
+	Cookie            string   `json:"cookie,omitempty"`
+	Header            []string `json:"header,omitempty"`
+	ConfigFile        string   `json:"config,omitempty"`
+	BlindURL          string   `json:"blind,omitempty"`
+	CustomPayloadFile string   `json:"custom-payload-file,omitempty"`
+	CustomAlertValue  string   `json:"custom-alert-value,omitempty"`
+	CustomAlertType   string   `json:"custom-alert-type,omitempty"`
+	Data              string   `json:"data,omitempty"`
+	UserAgent         string   `json:"user-agent,omitempty"`
+	OutputFile        string   `json:"output,omitempty"`
+	Format            string   `json:"format,omitempty"`
+	FoundAction       string   `json:"found-action,omitempty"`
+	FoundActionShell  string   `json:"found-action-shell,omitempty"`
+	ProxyAddress      string   `json:"proxy,omitempty"`
+	Grep              string   `json:"grep,omitempty"`
+	IgnoreReturn      string   `json:"ignore-return,omitempty"`
+	IgnoreParams      []string `json:"ignore-params,omitempty"`
+	Trigger           string   `json:"trigger,omitempty"`
+	Timeout           int      `json:"timeout,omitempty"`
+	Concurrence       int      `json:"worker,omitempty"`
+	Delay             int      `json:"delay,omitempty"`
 	AllURLS           int
 	NowURL            int
-	Sequence          int  `json:"sequence"`
-	OnlyDiscovery     bool `json:"only-discovery"`
-	OnlyCustomPayload bool `json:"only-custom-payload"`
-	Silence           bool `json:"silence"`
-	IsAPI             bool
-	IsLibrary         bool
-	Mass              bool `json:"mass"`
-	MulticastMode     bool
+	Sequence          int  `json:"sequence,omitempty"`
+	OnlyDiscovery     bool `json:"only-discovery,omitempty"`
+	OnlyCustomPayload bool `json:"only-custom-payload,omitempty"`
+	Silence           bool `json:"silence,omitempty"`
+	IsAPI             bool `json:"is-api,omitempty"`
+	IsLibrary         bool `json:"is-library,omitempty"`
+	Mass              bool `json:"mass,omitempty"`
+	MulticastMode     bool `json:"multicast-mode,omitempty"`
 	Scan              map[string]Scan
-	FollowRedirect    bool   `json:"follow-redirects"`
-	Mining            bool   `json:"mining-dict"`
-	FindingDOM        bool   `json:"mining-dom"`
-	MiningWordlist    string `json:"mining-dict-word"`
-	NoColor           bool   `json:"no-color"`
-	Method            string `json:"method"`
-	TriggerMethod     string `json:"trigger-method"`
-	NoSpinner         bool   `json:"no-spinner"`
-	NoBAV             bool   `json:"no-bav"`
-	ServerHost        string
-	ServerPort        int
-	NoGrep            bool `json:"skip-grepping"`
-	Debug             bool `json:"debug"`
-	CookieFromRaw     string
+	FollowRedirect    bool   `json:"follow-redirects,omitempty"`
+	Mining            bool   `json:"mining-dict,omitempty"`
+	FindingDOM        bool   `json:"mining-dom,omitempty"`
+	MiningWordlist    string `json:"mining-dict-word,omitempty"`
+	NoColor           bool   `json:"no-color,omitempty"`
+	Method            string `json:"method,omitempty"`
+	TriggerMethod     string `json:"trigger-method,omitempty"`
+	NoSpinner         bool   `json:"no-spinner,omitempty"`
+	NoBAV             bool   `json:"no-bav,omitempty"`
+	ServerHost        string `json:"server-host,omitempty"`
+	ServerPort        int    `json:"server-port,omitempty"`
+	NoGrep            bool   `json:"skip-grepping,omitempty"`
+	Debug             bool   `json:"debug,omitempty"`
+	CookieFromRaw     string `json:"cookie-from-raw,omitempty"`
 	ScanResult        Result
 	SpinnerObject     *s.Spinner
 	AuroraObject      a.Aurora
 	StartTime         t.Time
 	HarWriter         *har.Writer
 	PathReflection    map[int]string
-	RemotePayloads    string
-	RemoteWordlists   string
-	UseHeadless       bool   `json:"use-headless"`
-	UseDeepDXSS       bool   `json:"use-deepdxss"`
-	OnlyPoC           string `json:"only-poc"`
-	OutputAll         bool   `json:"output-all"`
+	RemotePayloads    string `json:"remote-payloads,omitempty"`
+	RemoteWordlists   string `json:"remote-wordlists,omitempty"`
+	UseHeadless       bool   `json:"use-headless,omitempty"`
+	UseDeepDXSS       bool   `json:"use-deepdxss,omitempty"`
+	OnlyPoC           string `json:"only-poc,omitempty"`
+	OutputAll         bool   `json:"output-all,omitempty"`
 	WAF               bool
 	WAFEvasion        bool
-	PoCType           string `json:"poc-type"`
+	PoCType           string `json:"poc-type,omitempty"`
 	Mutex             *sync.Mutex
 	ReportFormat      string
 	ReportBool        bool

diff --git a/pkg/printing/version.go b/pkg/printing/version.go
@@ -1,4 +1,4 @@
 package printing
 
 // VERSION is version of dalfox
-const VERSION = "v2.9.0"
+const VERSION = "v2.9.1"
diff --git a/pkg/scanning/parameterAnlaysis.go b/pkg/scanning/parameterAnlaysis.go
@@ -152,7 +152,7 @@ func ParameterAnalysis(target string, options model.Options, rl *rateLimiter) ma
 				default:
 					reader = tres.Body
 				}
-				bodyString, err := ioutil.ReadAll(reader)
+				bodyString, err := io.ReadAll(reader)
 				if err == nil {
 					body := ioutil.NopCloser(strings.NewReader(string(bodyString)))
 					defer body.Close()
@@ -177,25 +177,27 @@ func ParameterAnalysis(target string, options model.Options, rl *rateLimiter) ma
 						doc.Find("form").Each(func(i int, s *goquery.Selection) {
 							action, _ := s.Attr("action")
 							if strings.HasPrefix(action, "/") || strings.HasPrefix(action, "?") { // assuming this is a relative URL
-								url, _ := url.Parse(action)
-								query := url.Query()
-								for aParam := range query {
-									p, dp = setP(p, dp, aParam, options)
-									count = count + 1
+								url, err := url.Parse(action)
+								if err == nil {
+									query := url.Query()
+									for aParam := range query {
+										p, dp = setP(p, dp, aParam, options)
+										count = count + 1
+									}
 								}
-
 							}
 						})
 						doc.Find("a").Each(func(i int, s *goquery.Selection) {
 							href, _ := s.Attr("href")
 							if strings.HasPrefix(href, "/") || strings.HasPrefix(href, "?") { // assuming this is a relative URL
-								url, _ := url.Parse(href)
-								query := url.Query()
-								for aParam := range query {
-									p, dp = setP(p, dp, aParam, options)
-									count = count + 1
+								url, err := url.Parse(href)
+								if err == nil {
+									query := url.Query()
+									for aParam := range query {
+										p, dp = setP(p, dp, aParam, options)
+										count = count + 1
+									}
 								}
-
 							}
 						})
 						printing.DalLog("INFO", "Found "+strconv.Itoa(count)+" testing point in DOM base parameter mining", options)

diff --git a/pkg/scanning/payload.go b/pkg/scanning/payload.go
@@ -3,7 +3,7 @@ package scanning
 import (
 	"bufio"
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"strings"
 )
@@ -56,7 +56,7 @@ func GetInJsBreakScriptPayload() ([]string, int) {
 	return lst, len(lst)
 }
 
-//basic open redirect payloads
+// basic open redirect payloads
 func getOpenRedirectPayload() []string {
 	payload := []string{
 		"//google.com",
@@ -128,7 +128,7 @@ func getESIIPayload() []string {
 	return payload
 }
 
-//basic sql injection payloads
+// basic sql injection payloads
 func getSQLIPayload() []string {
 	payload := []string{
 		"'",
@@ -179,7 +179,7 @@ func getSQLIPayload() []string {
 	return payload
 }
 
-//getSSTIPayload is return SSTI Payloads
+// getSSTIPayload is return SSTI Payloads
 func getSSTIPayload() []string {
 	payload := []string{
 		"{444*6664}",
@@ -217,7 +217,7 @@ func getAssetHahwul(apiEndpoint, dataEndpoint string) ([]string, string, string)
 	}
 	defer apiResp.Body.Close()
 	var asset Asset
-	infoJSON, err := ioutil.ReadAll(apiResp.Body)
+	infoJSON, err := io.ReadAll(apiResp.Body)
 	json.Unmarshal(infoJSON, &asset)
 
 	// Get Payload Data
@@ -227,7 +227,7 @@ func getAssetHahwul(apiEndpoint, dataEndpoint string) ([]string, string, string)
 		return t, "", ""
 	}
 	defer dataResp.Body.Close()
-	payloadData, err := ioutil.ReadAll(dataResp.Body)
+	payloadData, err := io.ReadAll(dataResp.Body)
 	//payload := strings.Split(string(payloadData), `\n`)
 	payload := splitLines(string(payloadData))
 

diff --git a/pkg/scanning/poc.go b/pkg/scanning/poc.go
@@ -1,7 +1,7 @@
 package scanning
 
 import (
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/http/httputil"
 
@@ -20,7 +20,7 @@ func MakePoC(poc string, req *http.Request, options model.Options) string {
 	if req.Body != nil {
 		body, err := req.GetBody()
 		if err == nil {
-			reqBody, err := ioutil.ReadAll(body)
+			reqBody, err := io.ReadAll(body)
 			if err == nil {
 				if string(reqBody) != "" {
 					switch options.PoCType {

diff --git a/pkg/scanning/scan.go b/pkg/scanning/scan.go
@@ -3,7 +3,7 @@ package scanning
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/http/httputil"
 	"net/url"
@@ -127,7 +127,7 @@ func Scan(target string, options model.Options, sid string) (model.Result, error
 		}
 
 		defer tres.Body.Close()
-		body, err := ioutil.ReadAll(tres.Body)
+		body, err := io.ReadAll(tres.Body)
 		printing.DalLog("SYSTEM", "Valid target [ code:"+strconv.Itoa(tres.StatusCode)+" / size:"+strconv.Itoa(len(body))+" ]", options)
 	}
 

diff --git a/pkg/scanning/sendReq.go b/pkg/scanning/sendReq.go
@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"errors"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/http/httputil"
 	"strconv"
@@ -103,7 +102,7 @@ func SendReq(req *http.Request, payload string, options model.Options) (string,
 	default:
 		reader = resp.Body
 	}
-	bytes, err := ioutil.ReadAll(reader)
+	bytes, err := io.ReadAll(reader)
 	if err == nil {
 		str := string(bytes)
 
@@ -380,7 +379,7 @@ func SendReq(req *http.Request, payload string, options model.Options) (string,
 				return "", resp, false, false, err
 			}
 
-			bytes, _ := ioutil.ReadAll(resp.Body)
+			bytes, _ := io.ReadAll(resp.Body)
 			str := string(bytes)
 
 			if resp.Header["Content-Type"] != nil {