Skip to content
This repository has been archived by the owner on Aug 4, 2024. It is now read-only.

Adding proxy support! #18

Merged
merged 3 commits into from
Nov 27, 2021
Merged

Adding proxy support! #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a90411f
Adding proxy support!
LuskaBol Sep 22, 2021
de326c7
Adding Post Method Support
LuskaBol Sep 24, 2021
56f0b2d
Adding some error handling
LuskaBol Sep 24, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ https://example.com/?p=first&q=Gxss
# TODO

- [ ] Add Post Method Support.
- [ ] Add Proxy Support.
- [x] Add Proxy Support.
- [x] Add an option for user to add there own headers
- [x] Add an option for User-Agent

Expand Down
75 changes: 57 additions & 18 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package main

import (
"bufio"
"bytes"
"crypto/tls"
"flag"
"fmt"
Expand All @@ -18,12 +19,14 @@ import (
)

var (
concurrency int
verbose bool
outputFile string
payload string
useragent string
customHeaders string
concurrency int
verbose bool
outputFile string
payload string
useragent string
proxy string
requestData string
method string
)

type customh []string
Expand Down Expand Up @@ -55,12 +58,14 @@ func main() {
flag.BoolVar(&verbose, "v", false, "Verbose mode")
flag.StringVar(&payload, "p", "Gxss", "Payload you want to Send to Check Reflection")
flag.StringVar(&outputFile, "o", "", "Save Result to OutputFile")
flag.StringVar(&requestData, "d", "", "Request data for POST based reflection testing")
flag.StringVar(&proxy, "x", "", "Proxy URL. Example: http://127.0.0.1:8080")
flag.StringVar(&useragent, "u", "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36", "Set Custom User agent. Default is Mozilla")
flag.Var(&custhead, "h", "Set Custom Header.")

flag.Parse()

if verbose == true {
if verbose {
banner()
}

Expand All @@ -78,7 +83,7 @@ func main() {
for i := 0; i < concurrency; i++ {
wg.Add(1)
go func() {
testref(payload, verbose, outputFile)
testref(payload, verbose, outputFile, requestData)
wg.Done()
}()
wg.Wait()
Expand All @@ -90,7 +95,7 @@ func main() {
for i := 0; i < concurrency; i++ {
wg.Add(1)
go func() {
testref(payload, verbose, outputFile)
testref(payload, verbose, outputFile, requestData)
wg.Done()
}()
wg.Wait()
Expand All @@ -99,12 +104,12 @@ func main() {
} else {
flag.PrintDefaults()
}
if verbose == true {
if verbose {
fmt.Println("\nFinished Checking, Thank you for using Gxss.")
}
}

func testref(payload string, verbose bool, outputFile string) {
func testref(payload string, verbose bool, outputFile string, requestData string) {
time.Sleep(500 * time.Microsecond)
scanner := bufio.NewScanner(os.Stdin)
for scanner.Scan() {
Expand All @@ -126,23 +131,41 @@ func checkreflection(link string) {
u = v
}

if verbose == true {
if verbose {
fmt.Println("[+] Testing URL : " + link)
}
q, err := url.ParseQuery(u.RawQuery)
if err != nil {
fmt.Printf("Error is %e", err)
}

if requestData != "" {
method = "POST"
q, err = url.ParseQuery(requestData)
} else {
method = "GET"
}

if err != nil {
fmt.Println(err)
}

for key, value := range q {
var tm string = value[0]
q.Set(key, payload)
u.RawQuery = q.Encode()
_, body, _ := requestfunc(u.String())
if method == "GET" {
u.RawQuery = q.Encode()
}
if method == "POST" {
requestData = q.Encode()
}
_, body, _ := requestfunc(u.String(), requestData, method)

re := regexp.MustCompile(payload)
match := re.FindStringSubmatch(body)

if match != nil {
if verbose == true {
if verbose {
fmt.Printf("Url : %q\n", u)
fmt.Printf("Reflected Param : %q\n", key)
} else {
Expand All @@ -165,15 +188,31 @@ func checkreflection(link string) {

//removed gorequest for more granular access to setting headers.

func requestfunc(u string) (resp *http.Response, body string, errs []error) {
func requestfunc(u string, requestData string, method string) (resp *http.Response, body string, errs []error) {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}

if proxy != "" {
proxyUrl, err := url.Parse(proxy)
http.DefaultTransport = &http.Transport{Proxy: http.ProxyURL(proxyUrl)}
if err != nil {
fmt.Println(err)
}
}

client := &http.Client{
CheckRedirect: redirectPolicyFunc,
}

req, err := http.NewRequest("GET", u, nil)
req, err := http.NewRequest(method, u, bytes.NewBufferString(requestData))
req.Header.Add("User-Agent", useragent)

if err != nil {
fmt.Println(err)
}

if method == "POST" {
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
}
//splitting headers and values by using : as separator
for _, v := range custhead {
s := strings.SplitN(v, ":", 2)
Expand All @@ -185,7 +224,7 @@ func requestfunc(u string) (resp *http.Response, body string, errs []error) {
if err != nil {
fmt.Println(err)
}
if verbose == true {
if verbose {
fmt.Println(string(requestDump))
}
resp, err = client.Do(req)
Expand Down