0.4.39: statistc improvements

Maximilian Hildebrand · Maximilian Hildebrand · commit 20311ac46998 · 2021-09-02T09:30:24.000+02:00
diff --git a/pkg/recon.go b/pkg/recon.go
@@ -31,6 +31,11 @@ var (
 
 	boolFalsePos bool
 	boolFalseNeg bool
+
+	cb_method    bool
+	cb_cookie    bool
+	cb_parameter bool
+	cb_header    bool
 )
 
 const misshitdif = 30
@@ -122,6 +127,11 @@ func CheckCache(stat string) (CacheStruct, []error) {
 		cachebuster = map[string]int{}
 	}
 
+	cb_method = false
+	cb_cookie = false
+	cb_parameter = false
+	cb_header = false
+
 	boolFalseNeg = false
 	boolFalsePos = false
 
@@ -201,19 +211,19 @@ func CheckCache(stat string) (CacheStruct, []error) {
 		//}
 
 		totalCachebusters := "comb_"
-		if cache.CBisCookie {
-			addCachebusterMap("total_cookies")
-			totalCachebusters += "cookie"
-		}
-		if cache.CBisHTTPMethod {
+		if cb_method {
 			addCachebusterMap("total_httpmethods")
 			totalCachebusters += "httpmethod"
 		}
-		if cache.CBisHeader {
+		if cb_cookie {
+			addCachebusterMap("total_cookies")
+			totalCachebusters += "cookie"
+		}
+		if cb_header {
 			addCachebusterMap("total_headers")
 			totalCachebusters += "header"
 		}
-		if cache.CBisParameter {
+		if cb_parameter {
 			addCachebusterMap("total_parameters")
 			totalCachebusters += "parameter"
 		}
@@ -405,6 +415,7 @@ func cachebusterCookie(cache *CacheStruct) []error {
 			cache.CBisHeader = false
 			cache.CBisParameter = false
 			cache.CBName = Config.Website.Cookies[i].Name
+			cb_cookie = true
 			addHitMissIndicatorMap("time")
 			addCachebusterMap("cookie_" + Config.Website.Cookies[i].Name)
 
@@ -518,6 +529,7 @@ func cachebusterCookie(cache *CacheStruct) []error {
 					cache.CBisHeader = false
 					cache.CBisParameter = false
 					cache.CBName = Config.Website.Cookies[i].Name
+					cb_cookie = true
 					addCachebusterMap("cookie_" + Config.Website.Cookies[i].Name)
 
 					msg := fmt.Sprintf("%s was successful (Cookie)\n", identifier)
@@ -616,6 +628,7 @@ func cachebusterHeader(cache *CacheStruct) []error {
 			cache.CBisHTTPMethod = false
 			cache.CBisParameter = false
 			cache.CBName = header
+			cb_header = true
 			addHitMissIndicatorMap("time")
 			addCachebusterMap("header_" + header)
 
@@ -735,6 +748,7 @@ func cachebusterHeader(cache *CacheStruct) []error {
 					cache.CBisHTTPMethod = false
 					cache.CBisParameter = false
 					cache.CBName = header
+					cb_header = true
 					addCachebusterMap("header_" + header)
 
 					msg := fmt.Sprintf("%s was successful (Header)\n", identifier)
@@ -812,6 +826,7 @@ func cachebusterParameter(cache *CacheStruct) error {
 		cache.CBisCookie = false
 		cache.CBisHTTPMethod = false
 		cache.CBName = Config.CacheBuster
+		cb_parameter = true
 		addHitMissIndicatorMap("time")
 		addCachebusterMap(Config.CacheBuster)
 
@@ -912,6 +927,7 @@ func cachebusterParameter(cache *CacheStruct) error {
 				cache.CBisCookie = false
 				cache.CBisHTTPMethod = false
 				cache.CBName = Config.CacheBuster
+				cb_parameter = true
 				addCachebusterMap(Config.CacheBuster)
 
 				msg := fmt.Sprintf("%s was successful (Parameter)\n", identifier)
@@ -1010,6 +1026,7 @@ func cachebusterHTTPMethod(cache *CacheStruct) []error {
 			cache.CBisHeader = false
 			cache.CBisCookie = false
 			cache.CBName = method
+			cb_method = true
 			addHitMissIndicatorMap("time")
 			addCachebusterMap("method_" + method)
 
@@ -1110,6 +1127,7 @@ func cachebusterHTTPMethod(cache *CacheStruct) []error {
 					cache.CBisHeader = false
 					cache.CBisCookie = false
 					cache.CBName = method
+					cb_method = true
 					addCachebusterMap("method_" + method)
 
 					msg := fmt.Sprintf("%s was successful (HTTP Method)\n", identifier)
diff --git a/pkg/requests.go b/pkg/requests.go
@@ -287,6 +287,8 @@ func firstRequest(rp requestParams) ([]byte, int, reportRequest, http.Header, er
 
 	repRequest.URL = req.URL.String()
 
+	//TODO: Also use dumped request/response of 2nd request
+
 	return body, resp.StatusCode, repRequest, resp.Header.Clone(), nil
 }
 
diff --git a/web-cache-vulnerability-scanner.go b/web-cache-vulnerability-scanner.go
@@ -37,7 +37,7 @@ $Env:GOOS = "linux"; $Env:GOARCH = "amd64"; go build
 $Env:GOOS = ""; $Env:GOARCH = ""; go build
 */
 
-const version = "0.4.38"
+const version = "0.4.39"
 
 var (
 	currentDate      string

Original file line number	Diff line number	Diff line change
`@@ -287,6 +287,8 @@ func firstRequest(rp requestParams) ([]byte, int, reportRequest, http.Header, er`
`287`	`287`
`288`	`288`	`repRequest.URL = req.URL.String()`
`289`	`289`
	`290`	`+ //TODO: Also use dumped request/response of 2nd request`
	`291`	`+`
`290`	`292`	`return body, resp.StatusCode, repRequest, resp.Header.Clone(), nil`
`291`	`293`	`}`
`292`	`294`