From 8ffe1bd64eb5bdfba0b0b4a76c5386f02e324b10 Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Mon, 26 Apr 2021 23:04:12 +0300 Subject: [PATCH] Add a cli flag to disable interactive mode (#436) --- CHANGELOG.md | 1 + README.md | 82 ++++++++++++++++++++------------------- ffufrc.example | 1 + help.go | 2 +- main.go | 15 ++++--- pkg/ffuf/config.go | 2 + pkg/ffuf/optionsparser.go | 3 ++ 7 files changed, 59 insertions(+), 47 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4bf6cc1..8b94f8e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,7 @@ ## Changelog - master - New + - Added a CLI flag to disable the interactive mode - Changed - Fixed the way the "size" is calculated, it should match content-length now - Fixed an issue with header canonicalization when a keyword was just a part of the header name diff --git a/README.md b/README.md index 30d287d..86a4e27 100644 --- a/README.md +++ b/README.md @@ -158,7 +158,7 @@ parameter. To define the test case for ffuf, use the keyword `FUZZ` anywhere in the URL (`-u`), headers (`-H`), or POST data (`-d`). ``` -Fuzz Faster U Fool - v1.2.0-git +Fuzz Faster U Fool - v1.3.0-dev HTTP OPTIONS: -H Header `"Name: Value"`, separated by colon. Multiple -H flags are accepted. @@ -176,53 +176,55 @@ HTTP OPTIONS: -x Proxy URL (SOCKS5 or HTTP). For example: http://127.0.0.1:8080 or socks5://127.0.0.1:8080 GENERAL OPTIONS: - -V Show version information. (default: false) - -ac Automatically calibrate filtering options (default: false) - -acc Custom auto-calibration string. Can be used multiple times. Implies -ac - -c Colorize output. (default: false) - -config Load configuration from a file - -maxtime Maximum running time in seconds for entire process. (default: 0) - -maxtime-job Maximum running time in seconds per job. (default: 0) - -p Seconds of `delay` between requests, or a range of random delay. For example "0.1" or "0.1-2.0" - -rate Rate of requests per second (default: 0) - -s Do not print additional information (silent mode) (default: false) - -sa Stop on all error cases. Implies -sf and -se. (default: false) - -se Stop on spurious errors (default: false) - -sf Stop when > 95% of responses return 403 Forbidden (default: false) - -t Number of concurrent threads. (default: 40) - -v Verbose output, printing full URL and redirect location (if any) with the results. (default: false) + -V Show version information. (default: false) + -ac Automatically calibrate filtering options (default: false) + -acc Custom auto-calibration string. Can be used multiple times. Implies -ac + -c Colorize output. (default: false) + -config Load configuration from a file + -maxtime Maximum running time in seconds for entire process. (default: 0) + -maxtime-job Maximum running time in seconds per job. (default: 0) + -noninteractive Disable the interactive console functionality (default: false) + -p Seconds of `delay` between requests, or a range of random delay. For example "0.1" or "0.1-2.0" + -rate Rate of requests per second (default: 0) + -s Do not print additional information (silent mode) (default: false) + -sa Stop on all error cases. Implies -sf and -se. (default: false) + -se Stop on spurious errors (default: false) + -sf Stop when > 95% of responses return 403 Forbidden (default: false) + -t Number of concurrent threads. (default: 40) + -v Verbose output, printing full URL and redirect location (if any) with the results. (default: false) MATCHER OPTIONS: - -mc Match HTTP status codes, or "all" for everything. (default: 200,204,301,302,307,401,403,405) - -ml Match amount of lines in response - -mr Match regexp - -ms Match HTTP response size - -mw Match amount of words in response + -mc Match HTTP status codes, or "all" for everything. (default: 200,204,301,302,307,401,403,405) + -ml Match amount of lines in response + -mr Match regexp + -ms Match HTTP response size + -mw Match amount of words in response FILTER OPTIONS: - -fc Filter HTTP status codes from response. Comma separated list of codes and ranges - -fl Filter by amount of lines in response. Comma separated list of line counts and ranges - -fr Filter regexp - -fs Filter HTTP response size. Comma separated list of sizes and ranges - -fw Filter by amount of words in response. Comma separated list of word counts and ranges + -fc Filter HTTP status codes from response. Comma separated list of codes and ranges + -fl Filter by amount of lines in response. Comma separated list of line counts and ranges + -fr Filter regexp + -fs Filter HTTP response size. Comma separated list of sizes and ranges + -fw Filter by amount of words in response. Comma separated list of word counts and ranges INPUT OPTIONS: - -D DirSearch wordlist compatibility mode. Used in conjunction with -e flag. (default: false) - -e Comma separated list of extensions. Extends FUZZ keyword. - -ic Ignore wordlist comments (default: false) - -input-cmd Command producing the input. --input-num is required when using this input method. Overrides -w. - -input-num Number of inputs to test. Used in conjunction with --input-cmd. (default: 100) - -mode Multi-wordlist operation mode. Available modes: clusterbomb, pitchfork (default: clusterbomb) - -request File containing the raw http request - -request-proto Protocol to use along with raw request (default: https) - -w Wordlist file path and (optional) keyword separated by colon. eg. '/path/to/wordlist:KEYWORD' + -D DirSearch wordlist compatibility mode. Used in conjunction with -e flag. (default: false) + -e Comma separated list of extensions. Extends FUZZ keyword. + -ic Ignore wordlist comments (default: false) + -input-cmd Command producing the input. --input-num is required when using this input method. Overrides -w. + -input-num Number of inputs to test. Used in conjunction with --input-cmd. (default: 100) + -input-shell Shell to be used for running command + -mode Multi-wordlist operation mode. Available modes: clusterbomb, pitchfork (default: clusterbomb) + -request File containing the raw http request + -request-proto Protocol to use along with raw request (default: https) + -w Wordlist file path and (optional) keyword separated by colon. eg. '/path/to/wordlist:KEYWORD' OUTPUT OPTIONS: - -debug-log Write all of the internal logging to the specified file. - -o Write output to file - -od Directory path to store matched results to. - -of Output file format. Available formats: json, ejson, html, md, csv, ecsv (or, 'all' for all formats) (default: json) - -or Don't create the output file if we don't have results + -debug-log Write all of the internal logging to the specified file. + -o Write output to file + -od Directory path to store matched results to. + -of Output file format. Available formats: json, ejson, html, md, csv, ecsv (or, 'all' for all formats) (default: json) + -or Don't create the output file if we don't have results (default: false) EXAMPLE USAGE: Fuzz file paths from wordlist.txt, match all responses but filter out those with content-size 42. diff --git a/ffufrc.example b/ffufrc.example index c14f84e..964fabb 100644 --- a/ffufrc.example +++ b/ffufrc.example @@ -31,6 +31,7 @@ delay = "" maxtime = 0 maxtimejob = 0 + noninteractive = false quiet = false rate = 0 stopon403 = false diff --git a/help.go b/help.go index cfa9b08..74f2d4d 100644 --- a/help.go +++ b/help.go @@ -61,7 +61,7 @@ func Usage() { Description: "", Flags: make([]UsageFlag, 0), Hidden: false, - ExpectedFlags: []string{"ac", "acc", "c", "config", "maxtime", "maxtime-job", "p", "rate", "s", "sa", "se", "sf", "t", "v", "V"}, + ExpectedFlags: []string{"ac", "acc", "c", "config", "maxtime", "maxtime-job", "noninteractive", "p", "rate", "s", "sa", "se", "sf", "t", "v", "V"}, } u_compat := UsageSection{ Name: "COMPATIBILITY OPTIONS", diff --git a/main.go b/main.go index 2e197d5..7da9b8c 100644 --- a/main.go +++ b/main.go @@ -61,6 +61,7 @@ func ParseFlags(opts *ffuf.ConfigOptions) *ffuf.ConfigOptions { flag.BoolVar(&opts.Output.OutputCreateEmptyFile, "or", opts.Output.OutputCreateEmptyFile, "Don't create the output file if we don't have results") flag.BoolVar(&opts.General.AutoCalibration, "ac", opts.General.AutoCalibration, "Automatically calibrate filtering options") flag.BoolVar(&opts.General.Colors, "c", opts.General.Colors, "Colorize output.") + flag.BoolVar(&opts.General.Noninteractive, "noninteractive", opts.General.Noninteractive, "Disable the interactive console functionality") flag.BoolVar(&opts.General.Quiet, "s", opts.General.Quiet, "Do not print additional information (silent mode)") flag.BoolVar(&opts.General.ShowVersion, "V", opts.General.ShowVersion, "Show version information.") flag.BoolVar(&opts.General.StopOn403, "sf", opts.General.StopOn403, "Stop when > 95% of responses return 403 Forbidden") @@ -198,12 +199,14 @@ func main() { fmt.Fprintf(os.Stderr, "Error in autocalibration, exiting: %s\n", err) os.Exit(1) } - go func() { - err := interactive.Handle(job) - if err != nil { - log.Printf("Error while trying to initialize interactive session: %s", err) - } - }() + if !conf.Noninteractive { + go func() { + err := interactive.Handle(job) + if err != nil { + log.Printf("Error while trying to initialize interactive session: %s", err) + } + }() + } // Job handles waiting for goroutines to complete itself job.Start() diff --git a/pkg/ffuf/config.go b/pkg/ffuf/config.go index 39db943..1b7fe58 100644 --- a/pkg/ffuf/config.go +++ b/pkg/ffuf/config.go @@ -30,6 +30,7 @@ type Config struct { MaxTime int `json:"maxtime"` MaxTimeJob int `json:"maxtime_job"` Method string `json:"method"` + Noninteractive bool `json:"noninteractive"` OutputDirectory string `json:"outputdirectory"` OutputFile string `json:"outputfile"` OutputFormat string `json:"outputformat"` @@ -79,6 +80,7 @@ func NewConfig(ctx context.Context, cancel context.CancelFunc) Config { conf.MaxTime = 0 conf.MaxTimeJob = 0 conf.Method = "GET" + conf.Noninteractive = false conf.ProgressFrequency = 125 conf.ProxyURL = "" conf.Quiet = false diff --git a/pkg/ffuf/optionsparser.go b/pkg/ffuf/optionsparser.go index 562c1e8..c603413 100644 --- a/pkg/ffuf/optionsparser.go +++ b/pkg/ffuf/optionsparser.go @@ -49,6 +49,7 @@ type GeneralOptions struct { Delay string MaxTime int MaxTimeJob int + Noninteractive bool Quiet bool Rate int ShowVersion bool `toml:"-"` @@ -109,6 +110,7 @@ func NewConfigOptions() *ConfigOptions { c.General.Delay = "" c.General.MaxTime = 0 c.General.MaxTimeJob = 0 + c.General.Noninteractive = false c.General.Quiet = false c.General.Rate = 0 c.General.ShowVersion = false @@ -395,6 +397,7 @@ func ConfigFromOptions(parseOpts *ConfigOptions, ctx context.Context, cancel con conf.Timeout = parseOpts.HTTP.Timeout conf.MaxTime = parseOpts.General.MaxTime conf.MaxTimeJob = parseOpts.General.MaxTimeJob + conf.Noninteractive = parseOpts.General.Noninteractive conf.Verbose = parseOpts.General.Verbose // Handle copy as curl situation where POST method is implied by --data flag. If method is set to anything but GET, NOOP