Add favicon hash check

README.md

@@ -1,17 +1,45 @@
 goverview
 =========
-goverview - Get overview about list of URLs
+goverview - Get an overview of the list of URLs
 
 ## Installation
 
 ```
 GO111MODULE=on go get github.com/j3ssie/goverview
 ```
 
+## Demo
+
+[![asciicast](https://asciinema.org/a/432045.svg)](https://asciinema.org/a/432045)
+
 ## Example Commands
 
 ```shell
-goverview - Overview about list of URLs - beta v0.5 by @j3ssiejjj
+# Only get summary
+cat http_lists.txt | goverview probe -N -c 50 | tee only-overview.txt
+
+# Get summary content and store raw response without screenshot
+cat http_lists.txt | goverview probe -M -c 50 -o overview  cat http_lists.txt | goverview probe -c 20 -M --json
+
+# Pass all urls to proxy with real browser
+cat list_of_urls.txt | goverview screen --proxy http://127.0.0.1:8080
+
+# Do screenshot and store JSON Output
+cat http_lists.txt | goverview screen -c 5 --json
+
+# Do screenshot based on success HTTP site
+cat overview/target.com-http-overview.txt | jq -r '. | select(.status=="200") | .url' | goverview screen -c 5 -o overview -S overview/target.com-screen.txt
+
+# Do screenshot and generated report
+cat http-shopee.io.txt| goverview screen --json -o /tmp/screenshot/
+goverview report -o /tmp/screenshot/
+
+```
+
+## Usage
+
+```shell
+goverview - Get an overview of the list of URLs - beta v1.0.0 by @j3ssiejjj
 
 Usage:
   goverview [command]
@@ -57,25 +85,6 @@ Checksum Content Level:
   2 - Check for all structure of HTML tag + src in <script> <img> <a> tag
   5 - Entire HTTP response
 
-Examples:
-  # Only get summary
-  cat http_lists.txt | goverview probe -N -c 50 | tee only-overview.txt
-
-  # Get summary content and store raw response without screenshot
-  cat http_lists.txt | goverview probe -c 20 -M --json
-
-  # Pass all urls to proxy with real browser
-  cat list_of_urls.txt | goverview screen --proxy http://127.0.0.1:8080
-
-  # Do screenshot and store JSON Output
-  cat http_lists.txt | goverview screen -c 5 --json
-
-  # Do screenshot based on success HTTP site
-  cat overview/target.com-http-overview.txt | jq -r '. | select(.status=="200") | .url' | goverview screen -c 5 -o overview -S overview/target.com-screen.txt
-
-  # Do screenshot and generated report
-  cat http-shopee.io.txt| goverview screen --json -o /tmp/screenshot/
-  goverview report -o /tmp/screenshot/
 ```
 
 ## License

cmd/probe.go

@@ -23,7 +23,7 @@ func init() {
 	}
 	probeCmd.Flags().BoolVarP(&options.SaveReponse, "save-response", "M", false, "Save HTTP response")
 	probeCmd.Flags().BoolVarP(&options.Probe.OnlySummary, "no-output", "N", false, "Only store summary file")
-	probeCmd.Flags().BoolVar(&options.Probe.WordsSummary, "words", false, "Get words from ")
+	probeCmd.Flags().BoolVar(&options.Probe.WordsSummary, "words", false, "Get words from response too")
 	RootCmd.AddCommand(probeCmd)
 }
 
@@ -46,51 +46,14 @@ func runProbe(_ *cobra.Command, _ []string) error {
 		out := core.Sending(options, job, client)
 		if out != "" {
 			fmt.Println(out)
-			if options.Probe.OnlySummary || !options.NoOutput {
+			if !options.Probe.OnlySummary {
 				core.AppendTo(options.ContentFile, out)
 			}
-			// only print output but not store it into a file
-			//utils.InforF("[checksum] %v - %v", job, out)
 		}
 
 	}, ants.WithPreAlloc(true))
 	defer p.Release()
 
-	//
-	//jobs := make(chan string, options.Concurrency)
-	//
-	//client := core.BuildClient(options)
-	//if !options.SkipProbe {
-	//	// do probing
-	//	for i := 0; i < options.Concurrency; i++ {
-	//		wg.Add(1)
-	//		go func() {
-	//			defer wg.Done()
-	//			for job := range jobs {
-	//				// parsing Burp base64 to a URL
-	//				if options.InputAsBurp {
-	//					job = core.ParseBurpRequest(job)
-	//				}
-	//				if job == "" {
-	//					continue
-	//				}
-	//				utils.InforF("[probing] %v", job)
-	//				out := core.CalcCheckSum(options, job, client)
-	//				if out != "" {
-	//					// only print output but not store it into a file
-	//					if options.NoOutput {
-	//						fmt.Println(out)
-	//						continue
-	//					}
-	//
-	//					utils.InforF("[checksum] %v - %v", job, out)
-	//					core.AppendTo(options.ContentFile, out)
-	//				}
-	//			}
-	//		}()
-	//	}
-	//}
-
 	for _, raw := range inputs {
 		wg.Add(1)
 		err := p.Invoke(raw)
@@ -110,7 +73,7 @@ func prepareOutput() {
 		os.Exit(-1)
 	}
 
-	if options.NoOutput {
+	if options.Probe.OnlySummary {
 		options.SaveRedirectURL = true
 		options.Output = ""
 		return

cmd/root.go

@@ -16,7 +16,7 @@ var inputs []string
 var RootCmd = &cobra.Command{
 	Use:   "goverview",
 	Short: "goverview",
-	Long:  fmt.Sprintf("goverview - Get overview about list of URLs - %v by %v", libs.VERSION, libs.AUTHOR),
+	Long:  fmt.Sprintf("goverview - Get an overview of the list of URLs - %v by %v", libs.VERSION, libs.AUTHOR),
 }
 
 // Execute main function
@@ -95,7 +95,7 @@ func initConfig() {
 
 // HelpMessage print help message
 func HelpMessage(cmd *cobra.Command, _ []string) {
-	h := fmt.Sprintf("goverview - Overview about list of URLs - %v by %v\n\n", libs.VERSION, libs.AUTHOR)
+	h := fmt.Sprintf("goverview - Get an overview of the list of URLs - %v by %v\n\n", libs.VERSION, libs.AUTHOR)
 	h += cmd.UsageString()
 
 	h += "\n\nChecksum Content Level:\n"
@@ -106,16 +106,17 @@ func HelpMessage(cmd *cobra.Command, _ []string) {
 
 	h += "\n\nExamples:\n"
 	h += "  # Only get summary \n"
-	h += "  cat http_lists.txt | goverview probe -N -c 50 | tee only-overview.txt\n\n"
-	h += "  # Get summary content and store raw response without screenshot \n"
+	h += "  cat http_lists.txt | goverview probe -N -c 50 --json | tee only-overview.txt\n\n"
 
+	h += "  # Get summary content and store raw response without screenshot \n"
 	h += "  cat http_lists.txt | goverview probe -c 20 -M --json\n\n"
-	h += "  # Pass all urls to proxy with real browser\n"
 
+	h += "  # Pass all urls to proxy with real browser\n"
 	h += "  cat list_of_urls.txt | goverview screen --proxy http://127.0.0.1:8080 \n\n"
-	h += "  # Do screenshot and store JSON Output\n"
 
+	h += "  # Do screenshot and store JSON Output\n"
 	h += "  cat http_lists.txt | goverview screen -c 5 --json\n\n"
+
 	h += "  # Do screenshot based on success HTTP site \n"
 	h += "  cat overview/target.com-http-overview.txt | jq -r '. | select(.status==\"200\") | .url' | goverview screen -c 5 -o overview -S overview/target.com-screen.txt\n\n"
 

core/checksum.go

@@ -14,7 +14,7 @@ import (
 	jsoniter "github.com/json-iterator/go"
 )
 
-// Overview overview struct
+// Overview overview data
 type Overview struct {
 	URL           string `json:"url"`
 	Title         string `json:"title"`
@@ -24,6 +24,8 @@ type Overview struct {
 	ResponseTime  string `json:"time"`
 	ContentLength string `json:"length"`
 	Redirect      string `json:"redirect"`
+	Headers       string `json:"headers"`
+	Favicon       string `json:"favicon"`
 }
 
 // PrintOverview print probe string
@@ -77,6 +79,7 @@ func CalcCheckSum(options libs.Options, url string, res libs.Response) Overview
 
 	// store response
 	content := res.BeautifyHeader
+	overview.Headers = res.BeautifyHeader
 	if options.SaveReponse {
 		content += "\n\n" + res.Body
 	}
@@ -143,7 +146,7 @@ func CalcCheckSum(options libs.Options, url string, res libs.Response) Overview
 	return overview
 }
 
-// Sending sending request and calculate checksum
+// Sending send request and calculate checksum
 func Sending(options libs.Options, url string, client *resty.Client) string {
 
 	res, err := JustSend(options, url, client)
@@ -153,7 +156,13 @@ func Sending(options libs.Options, url string, client *resty.Client) string {
 		utils.ErrorF("Error sending: %v", url)
 		return ""
 	}
+
 	overview := CalcCheckSum(options, url, res)
+	favIconHashed := GetFavHash(url)
+	if favIconHashed != "" {
+		overview.Favicon = favIconHashed
+	}
+
 	return PrintOverview(options, overview)
 }
 

core/checksum_test.go

@@ -1,22 +1,16 @@
 package core
 
-import (
-	"fmt"
-	"github.com/j3ssie/goverview/libs"
-	"testing"
-)
-
-func TestCalcCheckSum(t *testing.T) {
-	var options libs.Options
-	options.Level = 5
-	url := "http://httpbin.org/anything?q=123&id=11"
-	client := BuildClient(options)
-	result := CalcCheckSum(options, url, client)
-	fmt.Printf("Level %v ->  Hash: %v \n", options.Level, result)
-	if result == "" {
-		t.Errorf("Error CalcCheckSum")
-	}
-}
+//func TestCalcCheckSum(t *testing.T) {
+//	var options libs.Options
+//	options.Level = 5
+//	url := "http://httpbin.org/anything?q=123&id=11"
+//	client := BuildClient(options)
+//	result := CalcCheckSum(options, url, client)
+//	fmt.Printf("Level %v ->  Hash: %v \n", options.Level, result)
+//	if result == "" {
+//		t.Errorf("Error CalcCheckSum")
+//	}
+//}
 
 //
 //func TestCalcCheckSum0(t *testing.T) {

core/favicon.go

@@ -0,0 +1,85 @@
+package core
+
+import (
+	"bytes"
+	"crypto/tls"
+	"encoding/base64"
+	"fmt"
+	"github.com/j3ssie/goverview/utils"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"net/url"
+	"time"
+
+	"github.com/twmb/murmur3"
+)
+
+func GetFavHash(URL string) string {
+	u, err := url.Parse(URL)
+	if err != nil {
+		return ""
+	}
+	hashURL := fmt.Sprintf("%v://%v/favicon.ico", u.Scheme, u.Host)
+	utils.DebugF("Get favicon at %v", hashURL)
+	data := BigResponseReq(hashURL)
+	if data == "" {
+		return ""
+	}
+	hashedFav := Mmh3Hash32(StandBase64([]byte(data)))
+	return hashedFav
+}
+
+func Mmh3Hash32(raw []byte) string {
+	h32 := murmur3.New32()
+	_, err := h32.Write(raw)
+	if err != nil {
+		return ""
+	}
+	return fmt.Sprintf("%d", int32(h32.Sum32()))
+}
+
+// StandBase64 base64 from bytes
+func StandBase64(data []byte) []byte {
+	raw := base64.StdEncoding.EncodeToString(data)
+	var buffer bytes.Buffer
+	for i := 0; i < len(raw); i++ {
+		ch := raw[i]
+		buffer.WriteByte(ch)
+		if (i+1)%76 == 0 {
+			buffer.WriteByte('\n')
+		}
+	}
+	buffer.WriteByte('\n')
+	return buffer.Bytes()
+}
+
+func BigResponseReq(baseUrl string) string {
+	client := &http.Client{
+		Timeout: time.Duration(10*3) * time.Second,
+		Transport: &http.Transport{
+			DialContext: (&net.Dialer{
+				Timeout: time.Second * 60,
+			}).DialContext,
+			MaxIdleConns:        1000,
+			MaxIdleConnsPerHost: 500,
+			MaxConnsPerHost:     500,
+			TLSClientConfig:     &tls.Config{InsecureSkipVerify: true, Renegotiation: tls.RenegotiateOnceAsClient},
+		},
+		CheckRedirect: func(req *http.Request, via []*http.Request) error { return http.ErrUseLastResponse },
+	}
+
+	req, _ := http.NewRequest("GET", baseUrl, nil)
+	req.Header.Add("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36")
+	resp, err := client.Do(req)
+	if err != nil {
+		return ""
+	}
+	defer resp.Body.Close()
+
+	content, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return ""
+	}
+	return string(content)
+}

core/favicon_test.go

@@ -0,0 +1,11 @@
+package core
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestGenFavHash(t *testing.T) {
+	data := GetFavHash("https://1.1.1.212/favicon.ico")
+	fmt.Println(data)
+}