This is the first version of the beta please feel free to contribute or request features
Код:
package main
import (
"bufio"
"context"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/http/cookiejar"
"os"
"regexp"
"strings"
"time"
"github.com/PuerkitoBio/goquery"
"github.com/chromedp/chromedp"
)
func main() {
fmt.Println(`
_____ _____ _____
____|\ \ / /|___ ___|\ \
| | \ \ / /| | / /\ \
| |______/|\____\| | | | | |
| |----'\ | | |/ |___ | |__| |
| |_____/ \|___/ / || .--. |
| | / /| || | | |
|____| xss.pro |_____|/____/||____| |____|
| | | | | || | | |
|____| |_____|____|/ |____| |____|
)/ \(2024)/ \( )/
' ' ' ' '
`)
fmt.Print("SITELIST FILEPATH: ")
reader := bufio.NewReader(os.Stdin)
filepath, _ := reader.ReadString('\n')
filepath = strings.TrimSpace(filepath)
urls, err := readURLsFromFile(filepath)
if err != nil {
fmt.Println("Error reading file:", err)
return
}
for _, url := range urls {
analyzeSite(url)
}
}
func readURLsFromFile(filepath string) ([]string, error) {
file, err := os.Open(filepath)
if err != nil {
return nil, err
}
defer file.Close()
var urls []string
scanner := bufio.NewScanner(file)
for scanner.Scan() {
url := strings.TrimSpace(scanner.Text())
if url != "" && strings.HasPrefix(url, "http") {
urls = append(urls, url)
}
}
return urls, scanner.Err()
}
func analyzeSite(url string) {
fmt.Println("\nAnalyzing:", url)
html, err := fetchHTML(url)
if err != nil {
fmt.Println("Error fetching HTML:", err)
return
}
formElements, rememberMeElementsHTML, loginButtons, jsRememberMeElements := inspectElements(url, html)
printElements("Likely Login Form Elements:", formElements)
printElements("Potential 'Remember Me' Indicators (From HTML):", rememberMeElementsHTML)
printElements("Likely Login Buttons:", loginButtons)
cookies := analyzeCookies(url)
printCookies(cookies)
printElements("Potential 'Remember Me' Indicators (From JavaScript/DOM - After Interactions):", jsRememberMeElements)
}
func fetchHTML(url string) ([]byte, error) {
resp, err := http.Get(url)
if err != nil {
return nil, err
}
defer resp.Body.Close()
return ioutil.ReadAll(resp.Body)
}
func inspectElements(url string, html []byte) ([]string, []string, []string, []string) {
doc, err := goquery.NewDocumentFromReader(strings.NewReader(string(html)))
if err != nil {
return nil, nil, nil, nil
}
var formElements, rememberMeElementsHTML, loginButtons, jsRememberMeElements []string
patterns := []*regexp.Regexp{
regexp.MustCompile(`(?i)trust this (?:computer|device)`),
regexp.MustCompile(`(?i)remember (?:this (?:computer|device)|me)`),
regexp.MustCompile(`(?i)(?:keep me (?:logged in|signed in)|stay signed in)`),
regexp.MustCompile(`(?i)log in automatically`),
regexp.MustCompile(`(?i)save (?:password|credentials|login)`),
}
doc.Find("form").Each(func(i int, s *goquery.Selection) {
formElements = append(formElements, s.Text())
})
doc.Find("input[type='checkbox'], input[type='radio']").Each(func(i int, s *goquery.Selection) {
label := s.Parent().Find("label").Text()
for _, pattern := range patterns {
if pattern.MatchString(strings.ToLower(label)) {
rememberMeElementsHTML = append(rememberMeElementsHTML, label)
break
}
}
})
doc.Find("button").Each(func(i int, s *goquery.Selection) {
text := s.Text()
if strings.Contains(strings.ToLower(text), "login") || strings.Contains(strings.ToLower(text), "sign in") {
loginButtons = append(loginButtons, text)
}
})
jsRememberMeElements = analyzeJavaScript(url, patterns)
return formElements, rememberMeElementsHTML, loginButtons, jsRememberMeElements
}
func analyzeCookies(url string) []*http.Cookie {
jar, err := cookiejar.New(nil)
if err != nil {
log.Fatal(err)
}
client := &http.Client{Jar: jar}
resp, err := client.Get(url)
if err != nil {
log.Fatal(err)
}
defer resp.Body.Close()
var cookies []*http.Cookie
for _, cookie := range jar.Cookies(resp.Request.URL) {
cookies = append(cookies, cookie)
}
return cookies
}
func analyzeJavaScript(url string, patterns []*regexp.Regexp) []string {
ctx, cancel := chromedp. NewContext(context. Background())
defer cancel()
ctx, cancel = context. WithTimeout(ctx, 30*time. Second)
defer cancel()
var jsElements string
err := chromedp. Run(ctx,
chromedp. Navigate(url),
chromedp. WaitVisible(`body`, chromedp. ByQuery),
chromedp. Click(`input[type="checkbox"], input[type="radio"]`, chromedp. ByQuery),
chromedp. Click(`button[type="submit"]`, chromedp. ByQuery),
chromedp. OuterHTML("html", &jsElements),
)
if err != nil {
fmt. Println("Error analyzing JavaScript:", err)
return nil
}
domElements := strings. Split(jsElements, "\n")
var rememberMeElements []string
for _, element := range domElements {
for _, pattern := range patterns {
if pattern. MatchString(strings. ToLower(element)) {
rememberMeElements = append(rememberMeElements, element)
break
}
}
}
return rememberMeElements
}
func printElements(label string, elements []string) {
if len(elements) > 0 {
fmt. Println("\n", label)
for _, element := range elements {
fmt. Println(element)
}
}
}
func printCookies(cookies []*http. Cookie) {
if len(cookies) > 0 {
fmt. Println("\nCookies:")
for _, cookie := range cookies {
fmt. Printf("%s: %s\n", cookie. Name, cookie. Value)
}
} else {
fmt. Println("\nNo cookies found.")
}
}