-
Notifications
You must be signed in to change notification settings - Fork 339
/
scan_file.go
82 lines (67 loc) · 3.05 KB
/
scan_file.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package cmd
import (
"errors"
"github.com/sensepost/gowitness/internal/ascii"
"github.com/sensepost/gowitness/internal/islazy"
"github.com/sensepost/gowitness/pkg/log"
"github.com/sensepost/gowitness/pkg/readers"
"github.com/spf13/cobra"
)
var fileCmdOptions = &readers.FileReaderOptions{}
var fileCmd = &cobra.Command{
Use: "file",
Short: "Scan targets sourced from a file or stdin",
Long: ascii.LogoHelp(ascii.Markdown(`
# scan file
Scan targets sourced from a file or stdin.
## description
This command will check the structure of a target URL to ensure that a protocol
is defined. If it is not set, it will prepend 'http://' and 'https://'. You can
disable either using the --no-http / --no-https flags.
URLs in the source file should be newline-separated. Invalid URLs are simply
ignored.
If any ports are added (via --port or one of the ports collections), then URL
candidates will also be generated with the port section specified.
**Note**: By default, no metadata is saved except for screenshots that are
stored in the configured --screenshot-path. For later parsing (i.e., using the
gowitness reporting feature), you need to specify where to write results (db,
csv, jsonl) using the _--write-*_ set of flags. See _--help_ for available
flags.`)),
Example: ascii.Markdown(`
- gowitness scan file -f ~/Desktop/targets.txt --write-jsonl
- gowitness scan file -f targets.txt --threads 50 --write-db
- cat urls.txt | gowitness scan file -f - --write-csv
- gowitness scan file -f <( shuf domains.txt ) --no-http
`),
PreRunE: func(cmd *cobra.Command, args []string) error {
if fileCmdOptions.Source == "" {
return errors.New("a source must be specified")
}
if fileCmdOptions.Source != "-" && !islazy.FileExists(fileCmdOptions.Source) {
return errors.New("source is not readable")
}
return nil
},
Run: func(cmd *cobra.Command, args []string) {
log.Debug("starting file scanning", "file", fileCmdOptions.Source)
reader := readers.NewFileReader(fileCmdOptions)
go func() {
if err := reader.Read(scanRunner.Targets); err != nil {
log.Error("error in reader.Read", "err", err)
return
}
}()
scanRunner.Run()
scanRunner.Close()
},
}
func init() {
scanCmd.AddCommand(fileCmd)
fileCmd.Flags().StringVarP(&fileCmdOptions.Source, "file", "f", "", "A file with targets to scan. Use - for stdin")
fileCmd.Flags().BoolVar(&fileCmdOptions.NoHTTP, "no-http", false, "Do not add 'http://' to targets where missing")
fileCmd.Flags().BoolVar(&fileCmdOptions.NoHTTPS, "no-https", false, "Do not add 'https://' to targets where missing")
fileCmd.Flags().IntSliceVarP(&fileCmdOptions.Ports, "port", "p", []int{80, 443}, "Ports on targets to scan. Supports multiple --port flags")
fileCmd.Flags().BoolVar(&fileCmdOptions.PortsSmall, "ports-small", false, "Include a small ports list when scanning targets")
fileCmd.Flags().BoolVar(&fileCmdOptions.PortsMedium, "ports-medium", false, "Include a medium ports list when scanning targets")
fileCmd.Flags().BoolVar(&fileCmdOptions.PortsLarge, "ports-large", false, "Include a large ports list when scanning targets")
}