mirror of
https://github.com/davidallendj/magellan.git
synced 2025-12-20 11:37:01 -07:00
04e1fb26c9
* feat: initial implementation of command split * feat: update collect and new send cmd * chore: cleanup unused code * chore: refactored getting username * chore: more refactoring and cleanup * feat: update send cmd implementation * chore: changed/updated example config * chore: made cmd more consistent and added formatting * refactor: removed --host flag from scan * chore: cleaned up and fixed issue with client * chore: cleaned up CLI flags in collect cmd * feat: updated crawl to include managers and output YAML optionally * refactor: updated and improved send implementation * refactor: minor improvements * refactor: added util func to check for empty slices * fix: issue with reading from stdin * refactor: added scheme trimming function for URIs * refactor: changed host arg back to positional * refactor: removed unused vars and added --output-dir flag * fix: make -f for secrets persistent * refactor: removed --host flag and request in collect * refactor: changed --output flag to --output-file * fix: updated flags for collect * fix: typo in crawler error * fix: dir being created when outputDir not set * fix: reading stdin and data args * fix: made output using -v and -o consistent * readme: added info about command split * updated changelog adding missing version entries * chore: updated example to use host as positional arg * fix: issue with reading --data arg * fix: remove unused import from collect pkg Signed-off-by: Devon Bautista <devonb@lanl.gov> --------- Signed-off-by: David Allen <16520934+davidallendj@users.noreply.github.com> Signed-off-by: Devon Bautista <devonb@lanl.gov> Co-authored-by: Devon Bautista <devonb@lanl.gov>
124 lines
3.5 KiB
Go
124 lines
3.5 KiB
Go
package url
|
|
|
|
import (
|
|
"fmt"
|
|
"net/url"
|
|
"strings"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
func Sanitize(uri string) (string, error) {
|
|
// URL sanitanization for host argument
|
|
parsedURI, err := url.ParseRequestURI(uri)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to parse URI: %w", err)
|
|
}
|
|
// Remove any trailing slashes
|
|
parsedURI.Path = strings.TrimSuffix(parsedURI.Path, "/")
|
|
// Collapse any doubled slashes
|
|
parsedURI.Path = strings.ReplaceAll(parsedURI.Path, "//", "/")
|
|
return parsedURI.String(), nil
|
|
}
|
|
|
|
func TrimScheme(uri string) string {
|
|
const prefix = "https://"
|
|
if strings.Contains(uri, prefix) {
|
|
return strings.TrimPrefix(uri, prefix)
|
|
}
|
|
return uri
|
|
}
|
|
|
|
// FormatHosts() takes a list of hosts and ports and builds full URLs in the
|
|
// form of scheme://host:port. If no scheme is provided, it will use "https" by
|
|
// default.
|
|
//
|
|
// Returns a 2D string slice where each slice contains URL host strings for each
|
|
// port. The intention is to have all of the URLs for a single host combined into
|
|
// a single slice to initiate one goroutine per host, but making request to multiple
|
|
// ports.
|
|
func FormatHosts(hosts []string, ports []int, scheme string, verbose bool) [][]string {
|
|
// format each positional arg as a complete URL
|
|
var formattedHosts [][]string
|
|
for _, host := range hosts {
|
|
uri, err := url.ParseRequestURI(host)
|
|
if err != nil {
|
|
if verbose {
|
|
log.Warn().Msgf("invalid URI parsed: %s", host)
|
|
}
|
|
continue
|
|
}
|
|
|
|
// check if scheme is set, if not set it with flag or default value ('https' if flag is not set)
|
|
if uri.Scheme == "" {
|
|
if scheme != "" {
|
|
uri.Scheme = scheme
|
|
} else {
|
|
// hardcoded assumption
|
|
uri.Scheme = "https"
|
|
}
|
|
}
|
|
|
|
// tidy up slashes and update arg with new value
|
|
uri.Path = strings.TrimSuffix(uri.Path, "/")
|
|
uri.Path = strings.ReplaceAll(uri.Path, "//", "/")
|
|
|
|
// for hosts with unspecified ports, add ports to scan from flag
|
|
if uri.Port() == "" {
|
|
var tmp []string
|
|
for _, port := range ports {
|
|
uri.Host += fmt.Sprintf(":%d", port)
|
|
tmp = append(tmp, uri.String())
|
|
}
|
|
formattedHosts = append(formattedHosts, tmp)
|
|
} else {
|
|
formattedHosts = append(formattedHosts, []string{uri.String()})
|
|
}
|
|
|
|
}
|
|
return formattedHosts
|
|
}
|
|
|
|
// FormatIPs() takes a list of IP addresses and ports and builds full URLs in the
|
|
// form of scheme://host:port. If no scheme is provided, it will use "https" by
|
|
// default.
|
|
//
|
|
// Returns a 2D string slice where each slice contains URL host strings for each
|
|
// port. The intention is to have all of the URLs for a single host combined into
|
|
// a single slice to initiate one goroutine per host, but making request to multiple
|
|
// ports.
|
|
func FormatIPs(ips []string, ports []int, scheme string, verbose bool) [][]string {
|
|
// format each positional arg as a complete URL
|
|
var formattedHosts [][]string
|
|
for _, ip := range ips {
|
|
if scheme == "" {
|
|
scheme = "https"
|
|
}
|
|
// make an entirely new object since we're expecting just IPs
|
|
uri := &url.URL{
|
|
Scheme: scheme,
|
|
Host: ip,
|
|
}
|
|
|
|
// tidy up slashes and update arg with new value
|
|
uri.Path = strings.ReplaceAll(uri.Path, "//", "/")
|
|
uri.Path = strings.TrimSuffix(uri.Path, "/")
|
|
|
|
// for hosts with unspecified ports, add ports to scan from flag
|
|
if uri.Port() == "" {
|
|
if len(ports) == 0 {
|
|
ports = append(ports, 443)
|
|
}
|
|
var tmp []string
|
|
for _, port := range ports {
|
|
uri.Host += fmt.Sprintf(":%d", port)
|
|
tmp = append(tmp, uri.String())
|
|
}
|
|
formattedHosts = append(formattedHosts, tmp)
|
|
} else {
|
|
formattedHosts = append(formattedHosts, []string{uri.String()})
|
|
}
|
|
|
|
}
|
|
return formattedHosts
|
|
}
|