Closed avhadpooja closed 6 years ago
Sure, what do you need help with?
Hi,
I am a newbie to Golang. My applications needs to be deployed on heroku like a page that lets users upload a list of domains and then run "subjack.go".
I am not sure how to integrate the user input domain list into your "subjack.go" file
I would appreciate it, if you could give some suggestions.
HTML page:
Subjack.go (modified to my understanding) : Added a handle function for fileupload. But how do I make use of the user input file into your process function?!
package main
import ( "bufio" "bytes" "crypto/tls" "flag" "fmt" "io/ioutil" "io" "log" "math/rand" "net" "net/http" "os" "strings" "sync" "time" "html/template" "mime/multipart" )
var ( Wordlist = flag.String("w", "", "Path to wordlist.") Threads = flag.Int("t", 10, "Number of concurrent threads (Default: 10).") Timeout = flag.Int("timeout", 10, "Seconds to wait before connection timeout (Default: 10).") Output = flag.String("o", "", "Output file to write results to.") Https = flag.Bool("https", false, "Force HTTPS connections (May increase accuracy. Default: http://).") Strict = flag.Bool("strict", false, "Find those hidden gems by sending HTTP requests to ever URL. (Default: HTTP requests are only sent to URLs with cloud CNAMEs).") )
type Http struct { Url, Num string }
func getDomains(path string) (lines []string, Error error) {
file, err := os.Open(path) if err != nil { log.Fatalln(err) }
defer file.Close()
scanner := bufio.NewScanner(file)
for scanner.Scan() { lines = append(lines, scanner.Text()) }
return lines, scanner.Err() }
func write(result string) { f, err := os.OpenFile(*Output, os.O_RDWR|os.O_APPEND|os.O_CREATE, 0600) if err != nil { log.Fatalln(err) }
defer f.Close()
if _, err = f.WriteString(result); err != nil { log.Fatalln(err) } }
func Site(url string) (site string) { if *Https { site = fmt.Sprintf("https://%s", url) } else { site = fmt.Sprintf("http://%s", url) }
return site }
func get(url string) (body []byte) { tr := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, }
client := &http.Client{ Transport: tr, Timeout: time.Duration(Timeout) time.Second, }
req, err := http.NewRequest("GET", Site(url), nil) if err != nil { return }
req.Header.Add("Connection", "close")
resp, err := client.Do(req) if err != nil { return }
defer resp.Body.Close()
body, err = ioutil.ReadAll(resp.Body) if err != nil { return }
return body }
func Identify(url string) (service string) { body := get(url)
service = ""
fingerprints := map[string]string{ "ERROR: The request could not be satisfied": "CLOUDFRONT", "Fastly error: unknown domain": "FASTLY", "There isn't a Github Pages site here.": "GITHUB", "herokucdn.com/error-pages/no-such-app.html": "HEROKU", "The gods are wise, but do not know of the site which you seek.": "PANTHEON", "Whatever you were looking for doesn't currently exist at this address.": "TUMBLR", "Do you want to register": "WORDPRESS", "Sorry, We Couldn't Find That Page": "DESK", "Help Center Closed": "ZENDESK", "Oops - We didn't find your site.": "TEAMWORK", "We could not find what you're looking for.": "HELPJUICE", "No settings were found for this company:": "HELPSCOUT", "The specified bucket does not exist": "S3 BUCKET", "The thing you were looking for is no longer here, or never was": "GHOST", "If you're moving your domain away from Cargo you must make this configuration through your registrar": "CARGO", "The feed has not been found.": "FEEDPRESS", "May be this is still fresh!": "FRESHDESK", "Sorry, this shop is currently unavailable.": "SHOPIFY", "You are being <a href=\"https://www.statuspage.io\">redirected": "STATUSPAGE", "This domain is successfully pointed at WP Engine, but is not configured for an account on our platform": "WPENGINE", "This UserVoice subdomain is currently available!": "USERVOICE", "project not found": "SURGE", "Unrecognized domain ": "MASHERY", "Repository not found": "BITBUCKET", }
for f, _ := range fingerprints { if bytes.Contains(body, []byte(f)) { service = fingerprints[f] break } }
return service }
func RandChar() string { chars := []string{ "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", "?", }
rand.Seed(time.Now().Unix()) num := rand.Int() % len(chars)
return chars[num] }
func Detect(url, num string) { service := Identify(url)
// Clears previous line -- needs to be optimized in the future. fmt.Printf("\r%s", strings.Repeat(" ", 100))
if service != "" { result := fmt.Sprintf("[%s] %s\n", service, url)
fmt.Printf("\r%s", result)
if *Output != "" { write(result) } } else { fmt.Printf("\r") }
fmt.Printf("\r[ \u001b[34m%s\u001b[0m Domains \001b[31m%s\u001b[0m - Last Request to %s ]", RandChar(), num, url) }
func (s Http) DNS() { if Strict { Detect(s.Url, s.Num) } else { cname, err := net.LookupCNAME(s.Url) if err != nil { return }
cnames := []string{ ".cloudfront.net", "amazonaws", "heroku", "wordpress.com", "pantheonsite.io", "domains.tumblr.com", "wpengine.com", "desk.com", "zendesk.com", "github.io", "fastly", "helpjuice.com", "helpscoutdocs.com", "ghost.io", "cargocollective.com", "redirect.feedpress.me", "freshdesk.com", "myshopify.com", "statuspage.io", "uservoice.com", "surge.sh", "mashery.com", "bitbucket.io", }
for _, cn := range cnames { if strings.Contains(cname, cn) { Detect(s.Url, s.Num) } } } }
func Process() { urls := make(chan Http, Threads10) list, err := getDomains(Wordlist) if err != nil { log.Fatalln(err) }
var wg sync.WaitGroup for i := 0; i < *Threads; i++ { wg.Add(1) go func() { for url := range urls { url.DNS() }
wg.Done() }() }
for i := 0; i < len(list); i++ { Progress := fmt.Sprintf("%d", len(list)) urls <- &Http{Url: list[i], Num: Progress} }
close(urls)
wg.Wait()
fmt.Printf("\r%s", strings.Repeat(" ", 100)) fmt.Printf("\rTask completed.\n") }
func hello(res http.ResponseWriter, req *http.Request) { t, _ := template.ParseFiles("client.html") t.Execute(res, nil) //fmt.Fprintln(res, "hello, heroku") }
http.HandleFunc("/", client)
// upload logic func upload(w http.ResponseWriter, r *http.Request) { fmt.Println("method:", r.Method) if r.Method == "GET" { crutime := time.Now().Unix() h := md5.New() io.WriteString(h, strconv.FormatInt(crutime, 10)) token := fmt.Sprintf("%x", h.Sum(nil))
t, _ := template.ParseFiles("client.html")
t.Execute(w, token)
} else {
r.ParseMultipartForm(32 << 20)
file, handler, err := r.FormFile("uploadfile")
if err != nil {
fmt.Println(err)
return
}
defer file.Close()
fmt.Fprintf(w, "%v", handler.Header)
f, err := os.OpenFile("./test/"+handler.Filename,
os.O_WRONLY|os.O_CREATE, 0666) if err != nil { fmt.Println(err) return } defer f.Close() io.Copy(f, file) } }
func main() {
http.HandleFunc("/", hello)
fmt.Println("listening...") err := http.ListenAndServe(":"+os.Getenv("PORT"), nil) if err != nil { panic(err) flag.Parse()
flag.Usage = func() { fmt.Printf("Usage of %s:\n", os.Args[0]) flag.PrintDefaults() }
if flag.NFlag() == 0 { flag.Usage() os.Exit(1) }
Process() }
Thanks, Pooja
On Fri, Feb 23, 2018 at 3:46 PM, Cody Zacharias notifications@github.com wrote:
Sure, what do you need help with?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/haccer/subjack/issues/6#issuecomment-368133593, or mute the thread https://github.com/notifications/unsubscribe-auth/Aikbhk7qbz68bwKG2viSQo6PzEHmvIDbks5tXyOIgaJpZM4SQKoZ .
Hi,
I am trying to integrate your tool into my existing project. Could you provide assistance in deploying this app on Heroku?