Add option to specify positive status codes

liamg · Dec 17, 2019 · 5df25d6 · 5df25d6
1 parent 8b8a46e
commit 5df25d6
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/cmd/scout/main.go b/cmd/scout/main.go
@@ -6,6 +6,7 @@ import (
 	"log"
 	"net/url"
 	"os"
+	"strconv"
 	"strings"
 
 	"github.com/liamg/scout/pkg/scan"
@@ -45,7 +46,19 @@ var rootCmd = &cobra.Command{
 		resultChan := make(chan scan.Result)
 		busyChan := make(chan string, 0x400)
 
+		var intStatusCodes []int
+
+		for _, code := range statusCodes {
+			i, err := strconv.Atoi(code)
+			if err != nil {
+				tml.Printf("<bold><red>Error:</red></bold> Invalid status code entered: %s.\n", code)
+				os.Exit(1)
+			}
+			intStatusCodes = append(intStatusCodes, i)
+		}
+
 		options := &scan.Options{
+			PositiveStatusCodes: intStatusCodes,
 			TargetURL:           *parsedURL,
 			ResultChan:          resultChan,
 			BusyChan:            busyChan,
@@ -156,6 +169,7 @@ func clearLine() {
 
 var parallelism = scan.DefaultOptions.Parallelism
 var extensions = scan.DefaultOptions.Extensions
+var statusCodes []string
 var noColours = false
 var wordlistPath string
 var debug bool
@@ -164,13 +178,18 @@ var skipSSLVerification bool
 
 func main() {
 
+	for _, code := range scan.DefaultOptions.PositiveStatusCodes {
+		statusCodes = append(statusCodes, strconv.Itoa(code))
+	}
+
 	rootCmd.Flags().IntVarP(&parallelism, "parallelism", "p", parallelism, "Parallel routines to use for sending requests.")
 	rootCmd.Flags().StringArrayVarP(&extensions, "extensions", "x", extensions, "File extensions to detect.")
 	rootCmd.Flags().BoolVarP(&noColours, "no-colours", "n", noColours, "Disable coloured output.")
 	rootCmd.Flags().StringVarP(&wordlistPath, "wordlist", "w", wordlistPath, "Path to wordlist file. If this is not specified an internal wordlist will be used.")
 	rootCmd.Flags().BoolVarP(&debug, "debug", "d", debug, "Enable debug logging.")
 	rootCmd.Flags().StringVarP(&filename, "filename", "f", filename, "Filename to seek in the directory being searched. Useful when all directories report 404 status.")
 	rootCmd.Flags().BoolVarP(&skipSSLVerification, "skip-ssl-verify", "k", skipSSLVerification, "Skip SSL certificate verification.")
+	rootCmd.Flags().StringArrayVarP(&statusCodes, "status-codes", "s", statusCodes, "HTTP status codes which indicate a positive find.")
 
 	if err := rootCmd.Execute(); err != nil {
 		fmt.Println(err)