Merge pull request #15 from Auror007/master

Added custom header and User-agent field.
KathanP19 · Mar 24, 2021 · be48fa4 · be48fa4
2 parents 6c9ec64 + 7c539eb
commit be48fa4
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 53 deletions.
diff --git a/go.mod b/go.mod
@@ -1,12 +1,3 @@
 module github.com/KathanP19/Gxss
 
 go 1.15
-
-require (
-	github.com/elazarl/goproxy v0.0.0-20201021153353-00ad82a08272 // indirect
-	github.com/parnurzeal/gorequest v0.2.16
-	github.com/pkg/errors v0.9.1 // indirect
-	github.com/smartystreets/goconvey v1.6.4 // indirect
-	golang.org/x/net v0.0.0-20201027133719-8eef5233e2a1 // indirect
-	moul.io/http2curl v1.0.0 // indirect
-)
diff --git a/go.sum b/go.sum
@@ -1,32 +0,0 @@
-github.com/elazarl/goproxy v0.0.0-20201021153353-00ad82a08272 h1:Am81SElhR3XCQBunTisljzNkNese2T1FiV8jP79+dqg=
-github.com/elazarl/goproxy v0.0.0-20201021153353-00ad82a08272/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
-github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2 h1:dWB6v3RcOy03t/bUadywsbyrQwCqZeNIEX6M1OtSZOM=
-github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8=
-github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
-github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
-github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
-github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
-github.com/parnurzeal/gorequest v0.2.16 h1:T/5x+/4BT+nj+3eSknXmCTnEVGSzFzPGdpqmUVVZXHQ=
-github.com/parnurzeal/gorequest v0.2.16/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE=
-github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
-github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc=
-github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM=
-github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
-github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s=
-github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20201027133719-8eef5233e2a1 h1:IEhJ99VWSYpHIxjlbu3DQyHegGPnQYAv0IaCX9KHyG0=
-golang.org/x/net v0.0.0-20201027133719-8eef5233e2a1/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-moul.io/http2curl v1.0.0 h1:6XwpyZOYsgZJrU8exnG87ncVkU1FVCcTRpwzOkTDUi8=
-moul.io/http2curl v1.0.0/go.mod h1:f6cULg+e4Md/oW1cYmwW4IWQOVl2lGbmCNGOHvzX2kE=

diff --git a/main.go b/main.go
@@ -5,24 +5,40 @@ import (
 	"crypto/tls"
 	"flag"
 	"fmt"
+	"io/ioutil"
 	"log"
 	"net/http"
+	"net/http/httputil"
 	"net/url"
 	"os"
 	"regexp"
+	"strings"
 	"sync"
 	"time"
-
-	"github.com/parnurzeal/gorequest"
 )
 
 var (
-	concurrency int
-	verbose     bool
-	outputFile  string
-	payload     string
+	concurrency   int
+	verbose       bool
+	outputFile    string
+	payload       string
+	useragent     string
+	customHeaders string
 )
 
+type customh []string
+
+func (m *customh) String() string {
+	return "This is custom flag for getting custom headers."
+}
+
+func (m *customh) Set(value string) error {
+	*m = append(*m, value)
+	return nil
+}
+
+var custhead customh
+
 func banner() {
 	fmt.Println(`                  
  _____ __ __ _____ _____ 
@@ -39,6 +55,9 @@ func main() {
 	flag.BoolVar(&verbose, "v", false, "Verbose mode")
 	flag.StringVar(&payload, "p", "Gxss", "Payload you want to Send to Check Refelection")
 	flag.StringVar(&outputFile, "o", "", "Save Result to OuputFile")
+	flag.StringVar(&useragent, "u", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Ge    cko) Chrome/86.0.4240.111 Safari/537.36", "Set Custom User agent.Default is Mozilla")
+	flag.Var(&custhead, "h", "")
+
 	flag.Parse()
 
 	if verbose == true {
@@ -144,12 +163,40 @@ func checkreflection(link string) {
 	}
 }
 
-func requestfunc(u string) (resp gorequest.Response, body string, errs []error) {
+//removed gorequest for more granular access to setting headers.
+
+func requestfunc(u string) (resp *http.Response, body string, errs []error) {
+	http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
+	client := &http.Client{
+		CheckRedirect: redirectPolicyFunc,
+	}
+
+	req, err := http.NewRequest("GET", u, nil)
+	req.Header.Add("User-Agent", useragent)
+
+	//splitting headers and values by using : as separator
+	for _, v := range custhead {
+		s := strings.SplitN(v, ":", 2)
+		req.Header.Add(s[0], s[1])
+	}
 
-	resp, body, errs = gorequest.New().Get(u).TLSClientConfig(&tls.Config{InsecureSkipVerify: true}).
-		RedirectPolicy(func(req gorequest.Request, via []gorequest.Request) error { return http.ErrUseLastResponse }).
-		Set("User-Agent", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36").
-		End()
+	//Converting request dump to string for verbose mode
+	requestDump, err := httputil.DumpRequest(req, true)
+	if err != nil {
+		fmt.Println(err)
+	}
+	if verbose == true {
+		fmt.Println(string(requestDump))
+	}
+	resp, err = client.Do(req)
+	bodyBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		log.Fatal(err)
+	}
+	bodyString := string(bodyBytes)
+	return resp, bodyString, errs
+}
 
-	return resp, body, errs
+func redirectPolicyFunc(req *http.Request, via []*http.Request) error {
+	return http.ErrUseLastResponse
 }