From 950a9e8c8f146aa60e5d3d735a6b0d865a5c6763 Mon Sep 17 00:00:00 2001
From: Joona Hoikkala <joohoi@users.noreply.github.com>
Date: Sat, 6 Apr 2019 18:54:27 +0300
Subject: [PATCH] Fix verifytls (#22)

* Fix wording and make tls verify more intuitive

* Fix README.md
---
 README.md            | 2 +-
 main.go              | 2 +-
 pkg/ffuf/config.go   | 4 ++--
 pkg/runner/simple.go | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 8c31c96..608a1de 100644
--- a/README.md
+++ b/README.md
@@ -86,7 +86,7 @@ To define the test case for ffuf, use the keyword `FUZZ` anywhere in the URL (`-
     	Filter HTTP response size
   -fw string
     	Filter by amount of words in response
-  -k	Skip TLS identity verification (insecure)
+  -k	TLS identity verification
   -mc string
     	Match HTTP status codes from respose (default "200,204,301,302,307,401,403")
   -mr string
diff --git a/main.go b/main.go
index 8163f56..551ac2e 100644
--- a/main.go
+++ b/main.go
@@ -52,7 +52,7 @@ func main() {
 	flag.Var(&opts.headers, "H", "Header `\"Name: Value\"`, separated by colon. Multiple -H flags are accepted.")
 	flag.StringVar(&conf.Url, "u", "", "Target URL")
 	flag.StringVar(&conf.Wordlist, "w", "", "Wordlist path")
-	flag.BoolVar(&conf.TLSSkipVerify, "k", true, "Skip TLS identity verification (insecure)")
+	flag.BoolVar(&conf.TLSVerify, "k", false, "TLS identity verification")
 	flag.StringVar(&opts.delay, "p", "", "Seconds of `delay` between requests, or a range of random delay. For example \"0.1\" or \"0.1-2.0\"")
 	flag.StringVar(&opts.filterStatus, "fc", "", "Filter HTTP status codes from response")
 	flag.StringVar(&opts.filterSize, "fs", "", "Filter HTTP response size")
diff --git a/pkg/ffuf/config.go b/pkg/ffuf/config.go
index 0c37f05..71f18f8 100644
--- a/pkg/ffuf/config.go
+++ b/pkg/ffuf/config.go
@@ -20,7 +20,7 @@ type Config struct {
 	FuzzHeaders     map[string]string
 	Method          string
 	Url             string
-	TLSSkipVerify   bool
+	TLSVerify       bool
 	Data            string
 	Quiet           bool
 	Colors          bool
@@ -47,7 +47,7 @@ func NewConfig(ctx context.Context) Config {
 	conf.FuzzHeaders = make(map[string]string)
 	conf.Method = "GET"
 	conf.Url = ""
-	conf.TLSSkipVerify = true
+	conf.TLSVerify = false
 	conf.Data = ""
 	conf.Quiet = false
 	conf.StopOn403 = false
diff --git a/pkg/runner/simple.go b/pkg/runner/simple.go
index 79ab5e5..1c95dcb 100644
--- a/pkg/runner/simple.go
+++ b/pkg/runner/simple.go
@@ -35,7 +35,7 @@ func NewSimpleRunner(conf *ffuf.Config) ffuf.RunnerProvider {
 			MaxIdleConnsPerHost: 500,
 			MaxConnsPerHost:     500,
 			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: conf.TLSSkipVerify,
+				InsecureSkipVerify: !conf.TLSVerify,
 			},
 		}}