kayos/zgrab2
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Add BodyHashAlgorithm option

Browse Source
This commit is contained in:
Tim Schumacher 2020-09-17 11:31:31 -04:00
parent 8f4f1bb1ec
commit f96339b30b
1 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
modules/http/scanner.go
View File

@ -9,6 +9,7 @@ package http
import ( import (
"bytes" "bytes"
"context" "context"
"crypto/sha1"
"crypto/sha256" "crypto/sha256"
"encoding/hex" "encoding/hex"
"errors" "errors"
@ -66,6 +67,9 @@ type Flags struct {
// ComputeDecodedBodyHash computes the hash later than the default, allowing a user // ComputeDecodedBodyHash computes the hash later than the default, allowing a user
// of the response to recompute a matching hash // of the response to recompute a matching hash
ComputeDecodedBodyHash bool `long:"compute-decoded-body-hash" description:"Compute the BodySHA256 on the decoded BodyText that is returned instead of on the raw bytes"` ComputeDecodedBodyHash bool `long:"compute-decoded-body-hash" description:"Compute the BodySHA256 on the decoded BodyText that is returned instead of on the raw bytes"`
// BodyHashAlgorithm
BodyHashAlgorithm string `long:"body-hash-algorithm" default:"sha256" choice:"sha256" choice:"sha1" description:"Choose algorithm for BodyHash field"`
} }
// A Results object is returned by the HTTP module's Scanner.Scan() // A Results object is returned by the HTTP module's Scanner.Scan()
@ -86,6 +90,7 @@ type Module struct {
// Scanner is the implementation of the zgrab2.Scanner interface. // Scanner is the implementation of the zgrab2.Scanner interface.
type Scanner struct { type Scanner struct {
config *Flags config *Flags
hashFn func([]byte) string
} }
// scan holds the state for a single scan. This may entail multiple connections. // scan holds the state for a single scan. This may entail multiple connections.
@ -135,6 +140,21 @@ func (s *Scanner) Protocol() string {
func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error { func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error {
fl, _ := flags.(*Flags) fl, _ := flags.(*Flags)
scanner.config = fl scanner.config = fl
if fl.BodyHashAlgorithm == "sha1" {
scanner.hashFn = func(body []byte) string {
raw_hash := sha1.Sum(body)
return fmt.Sprintf("sha1:%s", hex.EncodeToString(raw_hash[:]))
}
} else if fl.BodyHashAlgorithm == "sha256" {
scanner.hashFn = func(body []byte) string {
raw_hash := sha256.Sum256(body)
return fmt.Sprintf("sha256:%s", hex.EncodeToString(raw_hash[:]))
}
} else {
log.Panicf("Invalid BodhHashAlgorithm choice made it throug zflags: %s", scanner.config.BodyHashAlgorithm)
}
return nil return nil
} }
@ -417,8 +437,7 @@ func (scan *scan) Grab() *zgrab2.ScanError {
if len(scan.results.Response.BodyText) > 0 { if len(scan.results.Response.BodyText) > 0 {
if scan.scanner.config.ComputeDecodedBodyHash { if scan.scanner.config.ComputeDecodedBodyHash {
raw_hash := sha256.Sum256([]byte(scan.results.Response.BodyText)) scan.results.Response.BodyHash = scan.scanner.hashFn([]byte(scan.results.Response.BodyText))
scan.results.Response.BodyHash = fmt.Sprintf("sha256:%s", hex.EncodeToString(raw_hash[:]))
} else { } else {
m := sha256.New() m := sha256.New()
m.Write(buf.Bytes()) m.Write(buf.Bytes())