Documentation
¶
Overview ¶
Package http contains the zgrab2 Module implementation for HTTP(S).
The Flags can be configured to perform a specific Method (e.g. "GET") on the specified Path (e.g. "/"). If UseHTTPS is true, the scanner uses TLS for the initial request. The Result contains the final HTTP response following each response in the redirect chain.
Index ¶
- Variables
- func RegisterModule()
- type Flags
- type Module
- type RedirectToIP
- type Results
- type Scanner
- func (scanner *Scanner) GetDialerGroupConfig() *zgrab2.DialerGroupConfig
- func (scanner *Scanner) GetName() string
- func (scanner *Scanner) GetScanMetadata() any
- func (scanner *Scanner) GetTrigger() string
- func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error
- func (scanner *Scanner) InitPerSender(senderID int) error
- func (scanner *Scanner) Protocol() string
- func (scanner *Scanner) Scan(ctx context.Context, dialGroup *zgrab2.DialerGroup, target *zgrab2.ScanTarget) (zgrab2.ScanStatus, any, error)
Constants ¶
This section is empty.
Variables ¶
var ( // ErrTooManyRedirects is returned when the number of HTTP redirects exceeds // MaxRedirects. ErrTooManyRedirects = errors.New("too many redirects") ErrDoNotRedirect = errors.New("no redirects configured") )
Functions ¶
func RegisterModule ¶
func RegisterModule()
RegisterModule is called by modules/http.go to register this module with the zgrab2 framework.
Types ¶
type Flags ¶
type Flags struct {
zgrab2.BaseFlags `group:"Basic Options"`
zgrab2.TLSFlags `group:"TLS Options"`
Method string `long:"method" default:"GET" description:"Set HTTP request method type"`
Endpoint string `long:"endpoint" default:"/" description:"Send an HTTP request to an endpoint"`
FailHTTPToHTTPS bool `long:"fail-http-to-https" description:"Trigger retry-https logic on known HTTP/400 protocol mismatch responses"`
UserAgent string `long:"user-agent" default:"Mozilla/5.0 zgrab/0.x" description:"Set a custom user agent"`
RetryHTTPS bool `long:"retry-https" description:"If the initial request fails, reconnect and try with HTTPS."`
MaxSize int `long:"max-size" default:"256" description:"Max kilobytes to read in response to an HTTP request"`
MaxRedirects int `long:"max-redirects" default:"0" description:"Max number of redirects to follow"`
// UseHTTPS causes the first request to be over TLS, without requiring a
// redirect to HTTPS. It does not change the port used for the connection.
UseHTTPS bool `long:"use-https" description:"Perform an HTTPS connection on the initial host"`
// RedirectsSucceed causes the ErrTooManRedirects error to be suppressed
RedirectsSucceed bool `long:"redirects-succeed" description:"Redirects are always a success, even if max-redirects is exceeded"`
// Set arbitrary HTTP headers
CustomHeadersNames string `long:"custom-headers-names" description:"CSV of custom HTTP headers to send to server"`
CustomHeadersValues string `` /* 138-byte string literal not displayed */
CustomHeadersDelimiter string `long:"custom-headers-delimiter" description:"Delimiter for customer header name/value CSVs"`
// Set HTTP Request body
RequestBody string `long:"request-body" description:"HTTP request body to send to server"`
RequestBodyHex string `long:"request-body-hex" description:"HTTP request body to send to server"`
SkipHost bool `long:"skip-host" description:"Skip encoding the Host header"`
// ComputeDecodedBodyHashAlgorithm enables computing the body hash later than the default,
// using the specified algorithm, allowing a user of the response to recompute a matching hash
ComputeDecodedBodyHashAlgorithm string `long:"compute-decoded-body-hash-algorithm" choice:"sha256,sha1" description:"Choose algorithm for BodyHash field"`
// WithBodyLength enables adding the body_size field to the Response
WithBodyLength bool `` /* 130-byte string literal not displayed */
// Extract the raw header as it is on the wire
RawHeaders bool `long:"raw-headers" description:"Extract raw response up through headers"`
NoHTTP11 bool `` /* 338-byte string literal not displayed */
NoHTTP2 bool `` /* 289-byte string literal not displayed */
}
Flags holds the command-line configuration for the HTTP scan module. Populated by the framework.
TODO: Custom headers?
type Module ¶
type Module struct {
}
Module is an implementation of the zgrab2.Module interface.
func (*Module) Description ¶ added in v0.1.3
Description returns an overview of this module.
func (*Module) NewScanner ¶
NewScanner returns a new instance Scanner instance.
type RedirectToIP ¶ added in v0.2.0
type Results ¶
type Results struct {
// Result is the final HTTP response in the RedirectResponseChain
Response *http.Response `json:"response,omitempty"`
// RedirectResponseChain is non-empty is the scanner follows a redirect.
// It contains all redirect response prior to the final response.
RedirectResponseChain []*http.Response `json:"redirect_response_chain,omitempty"`
NamesToIPs []RedirectToIP `json:"redirects_to_resolved_ips,omitempty"`
}
A Results object is returned by the HTTP module's Scanner.Scan() implementation.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner is the implementation of the zgrab2.Scanner interface.
func (*Scanner) GetDialerGroupConfig ¶ added in v0.2.0
func (scanner *Scanner) GetDialerGroupConfig() *zgrab2.DialerGroupConfig
func (*Scanner) GetScanMetadata ¶ added in v1.0.0
GetScanMetadata returns any metadata on the scan itself from this module.
func (*Scanner) GetTrigger ¶
GetTrigger returns the Trigger defined in the Flags.
func (*Scanner) InitPerSender ¶
InitPerSender does nothing in this module.
func (*Scanner) Scan ¶
func (scanner *Scanner) Scan(ctx context.Context, dialGroup *zgrab2.DialerGroup, target *zgrab2.ScanTarget) (zgrab2.ScanStatus, any, error)
Scan implements the zgrab2.Scanner interface and performs the full scan of the target. If the scanner is configured to follow redirects, this may entail multiple TCP connections to hosts other than target.
Source Files