func (ce *CoreEngine) checkHead() {
ce.setHeadValues("Referer", "X-Forwarded-For") // init ce.headValues
for k, v := range ce.headValues {
d := decode.NewDecode(v[0])
for i := 0; i < d.Count(); i++ {
ce.scanSql(k, d, i, checkHead)
// ce.scanXss(k, d, i, checkHead)
ce.scanErr(k, d, i, checkHead)
}
ce.headValues[k] = v // repair values
}
ce.resetReqHead(ce.headValues, checkHead)
}
func (ce *CoreEngine) checkCookie() {
ce.setCookieValues() // init ce.cookies
for k, v := range ce.cookies {
d := decode.NewDecode(v[0])
for i := 0; i < d.Count(); i++ {
ce.scanSql(k, d, i, checkCookie)
// ce.scanXss(k, d, i, checkCookie)
ce.scanErr(k, d, i, checkCookie)
}
ce.cookies[k] = v // repair values
}
ce.resetReqHead(ce.cookies, checkCookie)
}
func (ce *CoreEngine) checkUrl() {
ce.urlValues, _ = url.ParseQuery(ce.Req.URL.RawQuery) // init ce.urlValues
for k, v := range ce.urlValues {
d := decode.NewDecode(v[0])
for i := 0; i < d.Count(); i++ {
ce.scanSql(k, d, i, checkUrl)
ce.scanXss(k, d, i, checkUrl)
ce.scanErr(k, d, i, checkUrl)
}
ce.urlValues[k] = v // repair values
}
ce.resetReqHead(ce.urlValues, checkUrl)
}
func (ce *CoreEngine) checkPostXmlJson() {
conTyp := strings.ToLower(ce.Req.Header.Get("Content-Type"))
if strings.Index(conTyp, "text") == 0 ||
strings.Index(conTyp, "json") >= 0 ||
strings.Index(conTyp, "xml") >= 0 {
contentLen := ce.Req.ContentLength
d := decode.NewDecode(string(ce.Body))
for i := 0; i < d.Count(); i++ {
ce.scanSql("", d, i, checkPostXmlJson)
ce.scanXss("", d, i, checkPostXmlJson)
ce.scanErr("", d, i, checkPostXmlJson)
}
ce.Req.ContentLength = contentLen
if ce.Req.Header.Get("Content-Length") != "" {
ce.Req.Header.Set("Content-Length", strconv.Itoa(int(contentLen)))
}
}
}
func (ce *CoreEngine) checkMultipartForm() {
if ce.Req.MultipartForm == nil || len(ce.Req.MultipartForm.Value) == 0 {
return
}
contentLen := ce.Req.ContentLength
for k, v := range ce.Req.MultipartForm.Value {
d := decode.NewDecode(v[0])
for i := 0; i < d.Count(); i++ {
ce.scanSql(k, d, i, checkMultipartForm)
ce.scanXss(k, d, i, checkMultipartForm)
ce.scanErr(k, d, i, checkMultipartForm)
}
ce.Req.MultipartForm.Value[k] = v // repair values
}
ce.Req.ContentLength = contentLen
if ce.Req.Header.Get("Content-Length") != "" {
ce.Req.Header.Set("Content-Length", strconv.Itoa(int(contentLen)))
}
}
func (ce *CoreEngine) scanXss(k string, d *decode.Decode, i int, checkType int) {
_, s, err := d.Get(i)
if err != nil {
log.Println(err)
return
}
for _, sig := range xssSig {
v, err := d.Set(i, s+sig)
if err != nil {
log.Println(err)
return
}
body := ce.setRequest(k, v, checkType)
resp, err := ce.sendRequest()
if err != nil {
continue
}
conTyp := strings.ToLower(resp.Header.Get("Content-Type"))
if strings.Index(conTyp, "text/json") == 0 {
respByte, _ := ioutil.ReadAll(resp.Body)
respString := string(respByte)
json := decode.NewDecode(respString)
for i := 0; i < json.Count(); i++ {
_, s, err = json.Get(i)
if err != nil {
log.Println(err)
continue
}
if strings.Contains(strings.ToLower(s), sig) {
reqc := string(DumpRequestHead(ce.Req))
switch b := body.(type) {
case string:
reqc += b
case []byte:
reqc += string(b)
}
ce.ExportRlt(20001, sig, reqc, respString)
resp.Body.Close()
break
}
}
}
if strings.Index(conTyp, "text/xml") == 0 {
respByte, _ := ioutil.ReadAll(resp.Body)
respString := string(respByte)
xml := decode.NewDecode(respString)
for i := 0; i < xml.Count(); i++ {
_, s, err := xml.Get(i)
if err != nil {
log.Println(err)
continue
}
if strings.Contains(strings.ToLower(s), sig) {
reqc := string(DumpRequestHead(ce.Req))
switch b := body.(type) {
case string:
reqc += b
case []byte:
reqc += string(b)
}
ce.ExportRlt(20002, sig, reqc, respString)
resp.Body.Close()
break
}
}
}
if strings.Index(conTyp, "text/html") == 0 {
var line []byte
xss := false
bsig := []byte(sig)
q := NewQueue(5, false)
b := bufio.NewReader(resp.Body)
for {
line, _ = b.ReadBytes('\n')
if len(line) == 0 {
break
}
q.Push(line)
if bytes.Contains(bytes.ToLower(line), bsig) {
xss = true
break
}
}
if xss {
if last1, _ := b.ReadBytes('\n'); len(last1) != 0 {
q.Push(last1)
}
if last2, _ := b.ReadBytes('\n'); len(last2) != 0 {
q.Push(last2)
}
result := make([]byte, 0, q.Len()*len(line))
for i := 0; i < q.Len(); i++ {
result = append(result, q.Poll().([]byte)...)
}
reqc := string(DumpRequestHead(ce.Req))
switch b := body.(type) {
case string:
reqc += b
case []byte:
reqc += string(b)
}
ce.ExportRlt(20000, sig, reqc, string(result))
resp.Body.Close()
break
}
}
resp.Body.Close()
} // for xssSig
}