diff --git a/lib/Engine/Fuzzer.pm b/lib/Engine/Fuzzer.pm index 057f903..e103eed 100755 --- a/lib/Engine/Fuzzer.pm +++ b/lib/Engine/Fuzzer.pm @@ -5,7 +5,7 @@ package Engine::Fuzzer { use Mojo::UserAgent; sub new { - my ($self, $timeout, $headers, $skipssl) = @_; + my ($self, $timeout, $headers, $skipssl, $content) = @_; my $userAgent = Mojo::UserAgent -> new() -> request_timeout($timeout) -> insecure($skipssl); @@ -33,6 +33,7 @@ package Engine::Fuzzer { "URL" => $endpoint, "Code" => $response -> code(), "Response" => $response -> message(), + "Content" => $response -> body(), "Length" => $response -> headers() -> content_length() || "0" }; diff --git a/lib/Engine/FuzzerThread.pm b/lib/Engine/FuzzerThread.pm index 05ffe6b..72d7aaf 100644 --- a/lib/Engine/FuzzerThread.pm +++ b/lib/Engine/FuzzerThread.pm @@ -9,7 +9,7 @@ package Engine::FuzzerThread { my ( $self, $queue, $target, $methods, $agent, $headers, $accept, $timeout, $return, $payload, $json, $delay, $exclude, $skipssl, - $length, $dir_callback + $length, $content, $dir_callback ) = @_; my @verbs = split (/,/, $methods); @@ -46,16 +46,16 @@ package Engine::FuzzerThread { next if grep(/^$status$/, @invalid_codes) || ($return && !grep(/^$status$/, @valid_codes)); next if $length && !($cmp -> ($result -> {Length})); - - my $printable = $json ? $format -> encode($result) : sprintf( + + my $message = $json ? $format -> encode($result) : sprintf( "Code: %d | URL: %s | Method: %s | Response: %s | Length: %s", $status, $result -> {URL}, $result -> {Method}, $result -> {Response} || "?", $result -> {Length} ); - print $printable, "\n"; - sleep($delay); + print $message, "\n" if !$content || $result -> {Content} =~ m/$content/; + sleep($delay); $found = 1; } } diff --git a/lib/Engine/Orchestrator.pm b/lib/Engine/Orchestrator.pm index 534b733..6434fba 100644 --- a/lib/Engine/Orchestrator.pm +++ b/lib/Engine/Orchestrator.pm @@ -20,10 +20,10 @@ package Engine::Orchestrator { next } - # - my $fh = $list -> [0]; + + my $filehandle = $list -> [0]; - chomp(my $line = <$fh>); + chomp(my $line = <$filehandle>); $wordlist_queue -> enqueue($line); } @@ -59,9 +59,9 @@ package Engine::Orchestrator { my ($self, $target, %options) = @_; my @current = map { - open(my $fh, "<$_") || die "$0: Can't open $_: $!"; + open(my $filehandle, "<$_") || die "$0: Can't open $_: $!"; - $fh + $filehandle } glob($options{wordlist}); $wordlist_queue = Thread::Queue -> new(); @@ -84,6 +84,7 @@ package Engine::Orchestrator { $options{exclude}, $options{skipssl}, $options{length}, + $options{content}, \&add_target ); } diff --git a/lib/Functions/Helper.pm b/lib/Functions/Helper.pm index 649c151..42ffa1a 100755 --- a/lib/Functions/Helper.pm +++ b/lib/Functions/Helper.pm @@ -24,7 +24,8 @@ package Functions::Helper { \r\t-j, --json Display the results in JSON format \r\t-W, --workflow Pass a YML file with a fuzzing workflow \r\t-S, --skip-ssl Ignore SSL verification - \r\t-l, --length Filter by content response length + \r\t-l, --length Filter by the length of content response + \r\t-c, --content Filter by a string based on the content response \r\t-h, --help See this screen\n\n"; return 0; diff --git a/nozaki.pl b/nozaki.pl index 4615689..f4b4193 100755 --- a/nozaki.pl +++ b/nozaki.pl @@ -13,6 +13,7 @@ sub main { my ($workflow, $plugin, @targets); + my %options = ( accept => "*/*", wordlist => "wordlists/default.txt", @@ -42,6 +43,7 @@ sub main { "S|skip-ssl" => \$options{skipssl}, "l|length=s" => \$options{length}, "p|plugin=s" => \$options{plugin}, + "c|content=s" => \$options{content} ); return Functions::Helper -> new() unless @targets;