Add BodyHashAlgorithm option
This commit is contained in:
parent
8f4f1bb1ec
commit
f96339b30b
@ -9,6 +9,7 @@ package http
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/sha1"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
"errors"
|
"errors"
|
||||||
@ -66,6 +67,9 @@ type Flags struct {
|
|||||||
// ComputeDecodedBodyHash computes the hash later than the default, allowing a user
|
// ComputeDecodedBodyHash computes the hash later than the default, allowing a user
|
||||||
// of the response to recompute a matching hash
|
// of the response to recompute a matching hash
|
||||||
ComputeDecodedBodyHash bool `long:"compute-decoded-body-hash" description:"Compute the BodySHA256 on the decoded BodyText that is returned instead of on the raw bytes"`
|
ComputeDecodedBodyHash bool `long:"compute-decoded-body-hash" description:"Compute the BodySHA256 on the decoded BodyText that is returned instead of on the raw bytes"`
|
||||||
|
|
||||||
|
// BodyHashAlgorithm
|
||||||
|
BodyHashAlgorithm string `long:"body-hash-algorithm" default:"sha256" choice:"sha256" choice:"sha1" description:"Choose algorithm for BodyHash field"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// A Results object is returned by the HTTP module's Scanner.Scan()
|
// A Results object is returned by the HTTP module's Scanner.Scan()
|
||||||
@ -86,6 +90,7 @@ type Module struct {
|
|||||||
// Scanner is the implementation of the zgrab2.Scanner interface.
|
// Scanner is the implementation of the zgrab2.Scanner interface.
|
||||||
type Scanner struct {
|
type Scanner struct {
|
||||||
config *Flags
|
config *Flags
|
||||||
|
hashFn func([]byte) string
|
||||||
}
|
}
|
||||||
|
|
||||||
// scan holds the state for a single scan. This may entail multiple connections.
|
// scan holds the state for a single scan. This may entail multiple connections.
|
||||||
@ -135,6 +140,21 @@ func (s *Scanner) Protocol() string {
|
|||||||
func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error {
|
func (scanner *Scanner) Init(flags zgrab2.ScanFlags) error {
|
||||||
fl, _ := flags.(*Flags)
|
fl, _ := flags.(*Flags)
|
||||||
scanner.config = fl
|
scanner.config = fl
|
||||||
|
|
||||||
|
if fl.BodyHashAlgorithm == "sha1" {
|
||||||
|
scanner.hashFn = func(body []byte) string {
|
||||||
|
raw_hash := sha1.Sum(body)
|
||||||
|
return fmt.Sprintf("sha1:%s", hex.EncodeToString(raw_hash[:]))
|
||||||
|
}
|
||||||
|
} else if fl.BodyHashAlgorithm == "sha256" {
|
||||||
|
scanner.hashFn = func(body []byte) string {
|
||||||
|
raw_hash := sha256.Sum256(body)
|
||||||
|
return fmt.Sprintf("sha256:%s", hex.EncodeToString(raw_hash[:]))
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
log.Panicf("Invalid BodhHashAlgorithm choice made it throug zflags: %s", scanner.config.BodyHashAlgorithm)
|
||||||
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -417,8 +437,7 @@ func (scan *scan) Grab() *zgrab2.ScanError {
|
|||||||
|
|
||||||
if len(scan.results.Response.BodyText) > 0 {
|
if len(scan.results.Response.BodyText) > 0 {
|
||||||
if scan.scanner.config.ComputeDecodedBodyHash {
|
if scan.scanner.config.ComputeDecodedBodyHash {
|
||||||
raw_hash := sha256.Sum256([]byte(scan.results.Response.BodyText))
|
scan.results.Response.BodyHash = scan.scanner.hashFn([]byte(scan.results.Response.BodyText))
|
||||||
scan.results.Response.BodyHash = fmt.Sprintf("sha256:%s", hex.EncodeToString(raw_hash[:]))
|
|
||||||
} else {
|
} else {
|
||||||
m := sha256.New()
|
m := sha256.New()
|
||||||
m.Write(buf.Bytes())
|
m.Write(buf.Bytes())
|
||||||
|
Loading…
Reference in New Issue
Block a user