Merge features for 2.0.1

OJ · OJ · commit c361d774a3a3 · 2018-08-30T09:07:27.000+10:00
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-Gobuster v2.0.0 (OJ Reeves @TheColonial)
+Gobuster v2.0.1 (OJ Reeves @TheColonial)
 ========================================
 
 Gobuster is a tool used to brute-force:
@@ -112,7 +112,7 @@ Default options looks like this:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dir
 [+] Url/Domain   : https://buffered.io/
@@ -136,7 +136,7 @@ Default options with status codes disabled looks like this:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -n
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dir
 [+] Url/Domain   : https://buffered.io/
@@ -161,7 +161,7 @@ Verbose output looks like this:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -v
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dir
 [+] Url/Domain   : https://buffered.io/
@@ -188,7 +188,7 @@ Example showing content length:
 $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -l
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dir
 [+] Url/Domain   : https://buffered.io/
@@ -228,7 +228,7 @@ Normal sample run goes like this:
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dns
 [+] Url/Domain   : google.com
@@ -264,7 +264,7 @@ Show IP sample run goes like this:
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com -i
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dns
 [+] Url/Domain   : google.com
@@ -300,7 +300,7 @@ Base domain validation warning when the base domain fails to resolve. This is a
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u yp.to -i
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dns
 [+] Url/Domain   : yp.to
@@ -320,7 +320,7 @@ Wildcard DNS is also detected properly:
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io        
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dns
 [+] Url/Domain   : 0.0.1.xip.io
@@ -340,7 +340,7 @@ If the user wants to force processing of a domain that has wildcard entries, use
 $ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io -fw
 
 =====================================================
-Gobuster v2.0.0              OJ Reeves (@TheColonial)
+Gobuster v2.0.1              OJ Reeves (@TheColonial)
 =====================================================
 [+] Mode         : dns
 [+] Url/Domain   : 0.0.1.xip.io
diff --git a/gobusterdns/gobusterdns.go b/gobusterdns/gobusterdns.go
@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"fmt"
 	"log"
-	"net"
 	"strings"
 
 	"github.com/OJ/gobuster/libgobuster"
@@ -18,7 +17,7 @@ type GobusterDNS struct{}
 func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error {
 	// Resolve a subdomain sthat probably shouldn't exist
 	guid := uuid.New()
-	wildcardIps, err := net.LookupHost(fmt.Sprintf("%s.%s", guid, g.Opts.URL))
+	wildcardIps, err := g.DNSLookup(fmt.Sprintf("%s.%s", guid, g.Opts.URL))
 	if err == nil {
 		g.IsWildcard = true
 		g.WildcardIps.AddRange(wildcardIps)
@@ -30,7 +29,7 @@ func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error {
 
 	if !g.Opts.Quiet {
 		// Provide a warning if the base domain doesn't resolve (in case of typo)
-		_, err = net.LookupHost(g.Opts.URL)
+		_, err = g.DNSLookup(g.Opts.URL)
 		if err != nil {
 			// Not an error, just a warning. Eg. `yp.to` doesn't resolve, but `cr.py.to` does!
 			log.Printf("[-] Unable to validate base domain: %s", g.Opts.URL)
@@ -43,7 +42,7 @@ func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error {
 // Process is the process implementation of gobusterdns
 func (d GobusterDNS) Process(g *libgobuster.Gobuster, word string) ([]libgobuster.Result, error) {
 	subdomain := fmt.Sprintf("%s.%s", word, g.Opts.URL)
-	ips, err := net.LookupHost(subdomain)
+	ips, err := g.DNSLookup(subdomain)
 	var ret []libgobuster.Result
 	if err == nil {
 		if !g.IsWildcard || !g.WildcardIps.ContainsAny(ips) {
@@ -53,7 +52,7 @@ func (d GobusterDNS) Process(g *libgobuster.Gobuster, word string) ([]libgobuste
 			if g.Opts.ShowIPs {
 				result.Extra = strings.Join(ips, ", ")
 			} else if g.Opts.ShowCNAME {
-				cname, err := net.LookupCNAME(subdomain)
+				cname, err := g.DNSLookupCname(subdomain)
 				if err == nil {
 					result.Extra = cname
 				}
diff --git a/libgobuster/libgobuster.go b/libgobuster/libgobuster.go
@@ -5,14 +5,15 @@ import (
 	"bytes"
 	"context"
 	"fmt"
+	"net"
 	"os"
 	"strings"
 	"sync"
 )
 
 const (
 	// VERSION contains the current gobuster version
-	VERSION = "2.0.0"
+	VERSION = "2.0.1"
 )
 
 // SetupFunc is the "setup" function prototype for implementations
@@ -111,10 +112,19 @@ func (g *Gobuster) ClearProgress() {
 // GetRequest issues a GET request to the target and returns
 // the status code, length and an error
 func (g *Gobuster) GetRequest(url string) (*int, *int64, error) {
-	g.incrementRequests()
 	return g.http.makeRequest(url, g.Opts.Cookies)
 }
 
+// DNSLookup looks up a domain via system default DNS servers
+func (g *Gobuster) DNSLookup(domain string) ([]string, error) {
+	return net.LookupHost(domain)
+}
+
+// DNSLookupCname looks up a CNAME record via system default DNS servers
+func (g *Gobuster) DNSLookupCname(domain string) (string, error) {
+	return net.LookupCNAME(domain)
+}
+
 func (g *Gobuster) worker(wordChan <-chan string, wg *sync.WaitGroup) {
 	defer wg.Done()
 	for {
@@ -126,6 +136,7 @@ func (g *Gobuster) worker(wordChan <-chan string, wg *sync.WaitGroup) {
 			if !ok {
 				return
 			}
+			g.incrementRequests()
 			// Mode-specific processing
 			res, err := g.plugin.Process(g, word)
 			if err != nil {
@@ -157,10 +168,6 @@ func (g *Gobuster) getWordlist() (*bufio.Scanner, error) {
 		return nil, fmt.Errorf("failed to get number of lines: %v", err)
 	}
 
-	// mutiply by extensions to get the total number of requests
-	if len(g.Opts.ExtensionsParsed.Set) > 0 {
-		lines = lines + (lines * len(g.Opts.ExtensionsParsed.Set))
-	}
 	g.requestsExpected = lines
 	g.requestsIssued = 0
 
