Documentation
¶
Overview ¶
Package http contains the zgrab2 Module implementation for HTTP(S).
The Flags can be configured to perform a specific Method (e.g. "GET") on the specified Path (e.g. "/"). If UseHTTPS is true, the scanner uses TLS for the initial request. The Result contains the final HTTP response following each response in the redirect chain.
Index ¶
- Variables
- func RegisterModule()
- type Flags
- type Module
- type Results
- type Scanner
- func (scanner *Scanner) GetName() string
- func (scanner *Scanner) GetTrigger() string
- func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error
- func (scanner *Scanner) InitPerSender(senderID int) error
- func (scanner *Scanner) Protocol() string
- func (scanner *Scanner) Scan(t zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)
Constants ¶
This section is empty.
Variables ¶
var ( // ErrRedirLocalhost is returned when an HTTP redirect points to localhost, // unless FollowLocalhostRedirects is set. ErrRedirLocalhost = errors.New("Redirecting to localhost") // ErrTooManyRedirects is returned when the number of HTTP redirects exceeds // MaxRedirects. ErrTooManyRedirects = errors.New("Too many redirects") )
Functions ¶
func RegisterModule ¶
func RegisterModule()
RegisterModule is called by modules/http.go to register this module with the zgrab2 framework.
Types ¶
type Flags ¶
type Flags struct {
zgrab2.BaseFlags
zgrab2.TLSFlags
Method string `long:"method" default:"GET" description:"Set HTTP request method type"`
Endpoint string `long:"endpoint" default:"/" description:"Send an HTTP request to an endpoint"`
FailHTTPToHTTPS bool `long:"fail-http-to-https" description:"Trigger retry-https logic on known HTTP/400 protocol mismatch responses"`
UserAgent string `long:"user-agent" default:"Mozilla/5.0 zgrab/0.x" description:"Set a custom user agent"`
RetryHTTPS bool `long:"retry-https" description:"If the initial request fails, reconnect and try with HTTPS."`
MaxSize int `long:"max-size" default:"256" description:"Max kilobytes to read in response to an HTTP request"`
MaxRedirects int `long:"max-redirects" default:"0" description:"Max number of redirects to follow"`
// FollowLocalhostRedirects overrides the default behavior to return
// ErrRedirLocalhost whenever a redirect points to localhost.
FollowLocalhostRedirects bool `long:"follow-localhost-redirects" description:"Follow HTTP redirects to localhost"`
// UseHTTPS causes the first request to be over TLS, without requiring a
// redirect to HTTPS. It does not change the port used for the connection.
UseHTTPS bool `long:"use-https" description:"Perform an HTTPS connection on the initial host"`
// RedirectsSucceed causes the ErrTooManRedirects error to be suppressed
RedirectsSucceed bool `long:"redirects-succeed" description:"Redirects are always a success, even if max-redirects is exceeded"`
// Set arbitrary HTTP headers
CustomHeadersNames string `long:"custom-headers-names" description:"CSV of custom HTTP headers to send to server"`
CustomHeadersValues string `` /* 138-byte string literal not displayed */
CustomHeadersDelimiter string `long:"custom-headers-delimiter" description:"Delimiter for customer header name/value CSVs"`
// Set HTTP Request body
RequestBody string `long:"request-body" description:"HTTP request body to send to server"`
RequestBodyHex string `long:"request-body-hex" description:"HTTP request body to send to server"`
OverrideSH bool `long:"override-sig-hash" description:"Override the default SignatureAndHashes TLS option with more expansive default"`
// ComputeDecodedBodyHashAlgorithm enables computing the body hash later than the default,
// using the specified algorithm, allowing a user of the response to recompute a matching hash
ComputeDecodedBodyHashAlgorithm string `long:"compute-decoded-body-hash-algorithm" choice:"sha256" choice:"sha1" description:"Choose algorithm for BodyHash field"`
// WithBodyLength enables adding the body_size field to the Response
WithBodyLength bool `long:"with-body-size" description:"Enable the body_size attribute, for how many bytes actually read"`
// Extract the raw header as it is on the wire
RawHeaders bool `long:"raw-headers" description:"Extract raw response up through headers"`
}
Flags holds the command-line configuration for the HTTP scan module. Populated by the framework.
TODO: Custom headers?
type Module ¶
type Module struct {
}
Module is an implementation of the zgrab2.Module interface.
func (*Module) Description ¶ added in v0.1.3
Description returns an overview of this module.
func (*Module) NewFlags ¶
func (module *Module) NewFlags() interface{}
NewFlags returns an empty Flags object.
func (*Module) NewScanner ¶
NewScanner returns a new instance Scanner instance.
type Results ¶
type Results struct {
// Result is the final HTTP response in the RedirectResponseChain
Response *http.Response `json:"response,omitempty"`
// RedirectResponseChain is non-empty is the scanner follows a redirect.
// It contains all redirect response prior to the final response.
RedirectResponseChain []*http.Response `json:"redirect_response_chain,omitempty"`
}
A Results object is returned by the HTTP module's Scanner.Scan() implementation.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner is the implementation of the zgrab2.Scanner interface.
func (*Scanner) GetTrigger ¶
GetTrigger returns the Trigger defined in the Flags.
func (*Scanner) InitPerSender ¶
InitPerSender does nothing in this module.
func (*Scanner) Scan ¶
func (scanner *Scanner) Scan(t zgrab2.ScanTarget) (zgrab2.ScanStatus, interface{}, error)
Scan implements the zgrab2.Scanner interface and performs the full scan of the target. If the scanner is configured to follow redirects, this may entail multiple TCP connections to hosts other than target.
Source Files