-
Notifications
You must be signed in to change notification settings - Fork 1
/
dirbuster.go
193 lines (173 loc) · 5.8 KB
/
dirbuster.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
package main
import (
"golang.org/x/net/proxy"
"net/http"
"net/url"
"fmt"
"os"
"strconv"
"time"
"log"
"sync"
"bufio"
"flag"
"strings"
)
var NotFound, Found, Forbidden, Other int = 0, 0, 0, 0
func fatalf(fmtStr string, args interface{}) {
fmt.Fprintf(os.Stderr, fmtStr, args)
os.Exit(-1)
}
func MakeTorRequest(target string, verb bool) {
//start := time.Now()
// Create a transport that uses Tor Browser's SocksPort. If
// talking to a system tor, this may be an AF_UNIX socket, or
// 127.0.0.1:9050 instead.
tbProxyURL, err := url.Parse("socks5://127.0.0.1:9150")
if err != nil {
fatalf("Failed to parse proxy URL: %v\n", err)
}
// Get a proxy Dialer that will create the connection on our
// behalf via the SOCKS5 proxy. Specify the authentication
// and re-create the dialer/transport/client if tor's
// IsolateSOCKSAuth is needed.
tbDialer, err := proxy.FromURL(tbProxyURL, proxy.Direct)
if err != nil {
fatalf("Failed to obtain proxy dialer: %v\n", err)
}
// Make a http.Transport that uses the proxy dialer, and a
// http.Client that uses the transport.
tbTransport := &http.Transport{Dial: tbDialer.Dial}
client := &http.Client{Transport: tbTransport}
// Example: Fetch something. Real code will probably want to use
// client.Do() so they can change the User-Agent.
resp, resperr := client.Get(target)
if resperr != nil {
fmt.Printf("\033[31m%s \033[0m\n", resperr)
} else{
//secs := time.Since(start).Seconds()
//body, _ := ioutil.ReadAll(resp.Body)
//ch <- fmt.Sprintf("%.2f elapsed with response length: %d %s", secs, len(body), target)
status_code := resp.StatusCode
file, err := os.OpenFile("result.txt", os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0600)
if err != nil {
log.Fatal("Cannot create file", err)
}
if status_code == 401{
Other += 1
fmt.Fprintf(file, "%s %s\n", target, strconv.Itoa(status_code) )
if verb == true {
log.Printf("%s HTTP Response Code %s\n", target, strconv.Itoa(status_code) )
}
} else if status_code == 200{
Found += 1
fmt.Fprintf(file, "%s %s\n", target, strconv.Itoa(status_code) )
if verb == true {
log.Printf("%s HTTP Response Code %s\n", target, strconv.Itoa(status_code) )
}
} else if status_code == 403{
Forbidden = Forbidden + 1
} else if status_code == 404{
NotFound += 1
} else{
Other += 1
}
defer file.Close()
defer resp.Body.Close()
}
}
func MakeRequest(target string, verb bool) {
//start := time.Now()
resp, resperr := http.Get(target)
if resperr != nil {
fmt.Printf("\033[31m%s \033[0m\n", resperr)
} else{
//secs := time.Since(start).Seconds()
//body, _ := ioutil.ReadAll(resp.Body)
//ch <- fmt.Sprintf("%.2f elapsed with response length: %d %s", secs, len(body), target)
status_code := resp.StatusCode
file, err := os.OpenFile("result.txt", os.O_WRONLY|os.O_APPEND|os.O_CREATE, 0600)
if err != nil {
fmt.Fprintf(file, "Cannot create file: %s", err)
//log.Fatal("Cannot create file", err)
}
if status_code == 401{
Other += 1
fmt.Fprintf(file, "%s %s\n", target, strconv.Itoa(status_code) )
if verb == true {
log.Printf("%s HTTP Response Code %s\n", target, strconv.Itoa(status_code) )
}
} else if status_code == 200{
Found += 1
fmt.Fprintf(file, "%s %s\n", target, strconv.Itoa(status_code) )
if verb == true {
log.Printf("%s HTTP Response Code %s\n", target, strconv.Itoa(status_code) )
}
} else if status_code == 403{
Forbidden = Forbidden + 1
} else if status_code == 404{
NotFound += 1
} else{
Other += 1
}
defer file.Close()
defer resp.Body.Close()
}
}
func readLines(baseURL, path string) ([]string, error) {
file, err := os.Open(path)
if err != nil {
return nil, err
}
defer file.Close()
var lines []string
scanner := bufio.NewScanner(file)
for scanner.Scan() {
target := baseURL + "/" + scanner.Text()
lines = append(lines, target)
}
return lines, scanner.Err()
}
func main() {
start := time.Now()
URL := flag.String("URL", "https://facebook.com", "Base URL")
FNAME := flag.String("FNAME", "directorylist.txt", "Path to file of keywords for scanning")
V := flag.Bool("V", true, "Verbose Mode, Prints 200 and 401 codes to the screen.")
TOR := flag.Bool("TOR", false, "Make GET request over Tor (or not). Currently set to use Tor Browser (please have it open).")
flag.Parse()
if strings.HasPrefix(*URL, "http") != true {
fmt.Printf("Please include the http:// or https:// \n")
os.Exit(0)
}
if strings.HasSuffix(*URL, "onion") == true {
if *TOR == false{
fmt.Printf("Requested Onion address but you are not using Tor! \n")
os.Exit(0)
}
}
urls, _ := readLines(*URL, *FNAME)
const workers = 5
wg := new(sync.WaitGroup)
in := make(chan string, 2*workers)
for i := 0; i < workers; i++ {
wg.Add(1)
go func() {
defer wg.Done()
for url := range in {
if *TOR{
MakeTorRequest(url, *V)
} else{
MakeRequest(url, *V)
}
}
}()
}
for _, url := range urls {
if url != "" {
in <- url
}
}
close(in)
wg.Wait()
fmt.Printf("\033[37mTime Elased: %.2f \033[32mFound(200): %d \033[36mNotFound(404): %d \033[31mUnauthorised(403): %d \033[34mOther(401): %d\033[0m\n", time.Since(start).Seconds(), Found, NotFound, Forbidden, Other)
}