resolved #444 allowing users to select a network interface

owasp-amass · Aug 30, 2020 · f5c3960 · f5c3960
1 parent b84da2d
commit f5c3960
Show file tree

Hide file tree

Showing 11 changed files with 149 additions and 54 deletions.
diff --git a/cmd/amass/enum.go b/cmd/amass/enum.go
@@ -13,6 +13,7 @@ import (
 	"io/ioutil"
 	"log"
 	"math/rand"
+	"net"
 	"os"
 	"os/signal"
 	"path/filepath"
@@ -49,6 +50,7 @@ type enumArgs struct {
 	Domains           stringset.Set
 	Excluded          stringset.Set
 	Included          stringset.Set
+	Interface         string
 	MaxDNSQueries     int
 	MinForRecursive   int
 	Names             stringset.Set
@@ -101,6 +103,7 @@ func defineEnumArgumentFlags(enumFlags *flag.FlagSet, args *enumArgs) {
 	enumFlags.Var(&args.Domains, "d", "Domain names separated by commas (can be used multiple times)")
 	enumFlags.Var(&args.Excluded, "exclude", "Data source names separated by commas to be excluded")
 	enumFlags.Var(&args.Included, "include", "Data source names separated by commas to be included")
+	enumFlags.StringVar(&args.Interface, "i", "", "Provide the network interface to send the traffic through")
 	enumFlags.IntVar(&args.MaxDNSQueries, "max-dns-queries", 0, "Maximum number of concurrent DNS queries")
 	enumFlags.IntVar(&args.MinForRecursive, "min-for-recursive", 1, "Subdomain labels seen before recursive brute forcing")
 	enumFlags.Var(&args.Ports, "p", "Ports separated by commas (default: 443)")
@@ -173,7 +176,7 @@ func runEnumCommand(clArgs []string) {
 		os.Exit(1)
 	}
 	defer sys.Shutdown()
-	sys.SetDataSources(datasrcs.GetAllSources(sys))
+	sys.SetDataSources(datasrcs.GetAllSources(sys, true))
 	// Expand data source category names into the associated source names
 	cfg.SourceFilter.Sources = expandCategoryNames(cfg.SourceFilter.Sources, generateCategoryMap(sys))
 
@@ -280,6 +283,17 @@ func argsAndConfig(clArgs []string) (*config.Config, *enumArgs) {
 		return nil, &args
 	}
 
+	if args.Interface != "" {
+		iface, err := net.InterfaceByName(args.Interface)
+		if err != nil || iface == nil {
+			fmt.Fprint(color.Output, format.InterfaceInfo())
+			os.Exit(1)
+		}
+		if err := assignNetInterface(iface); err != nil {
+			r.Fprintf(color.Error, "%v\n", err)
+			os.Exit(1)
+		}
+	}
 	if args.Options.NoColor {
 		color.NoColor = true
 	}
@@ -334,8 +348,8 @@ func argsAndConfig(clArgs []string) (*config.Config, *enumArgs) {
 
 	// Check if the user has requested the data source names
 	if args.Options.ListSources {
-		for _, info := range GetAllSourceInfo(cfg) {
-			g.Println(info)
+		for _, line := range GetAllSourceInfo(cfg) {
+			fmt.Fprintln(color.Output, line)
 		}
 		return nil, &args
 	}

diff --git a/cmd/amass/main.go b/cmd/amass/main.go
@@ -27,6 +27,7 @@ import (
 	"errors"
 	"flag"
 	"fmt"
+	"net"
 	"os"
 	"path"
 	"sort"
@@ -38,7 +39,7 @@ import (
 	"github.com/OWASP/Amass/v3/eventbus"
 	"github.com/OWASP/Amass/v3/format"
 	"github.com/OWASP/Amass/v3/graph"
-	"github.com/OWASP/Amass/v3/net"
+	amassnet "github.com/OWASP/Amass/v3/net"
 	"github.com/OWASP/Amass/v3/requests"
 	"github.com/OWASP/Amass/v3/stringfilter"
 	"github.com/OWASP/Amass/v3/systems"
@@ -134,7 +135,7 @@ func main() {
 	}
 }
 
-// GetAllSourceInfo returns the names of all Amass data sources.
+// GetAllSourceInfo returns the output for the 'list' flag.
 func GetAllSourceInfo(cfg *config.Config) []string {
 	var names []string
 
@@ -146,10 +147,21 @@ func GetAllSourceInfo(cfg *config.Config) []string {
 	if err != nil {
 		return names
 	}
-	sys.SetDataSources(datasrcs.GetAllSources(sys))
+	sys.SetDataSources(datasrcs.GetAllSources(sys, false))
+
+	names = append(names, fmt.Sprintf("%-35s%-35s%s", blue("Data Source"), blue("| Type"), blue("| Available")))
+	var line string
+	for i := 0; i < 8; i++ {
+		line += blue("----------")
+	}
+	names = append(names, line)
 
 	for _, src := range sys.DataSources() {
-		names = append(names, fmt.Sprintf("%-20s\t%s", src.String(), src.Type()))
+		var avail string
+		if src.CheckConfig() == nil {
+			avail = "*"
+		}
+		names = append(names, fmt.Sprintf("%-35s  %-35s  %s", green(src.String()), yellow(src.Type()), yellow(avail)))
 	}
 
 	sys.Shutdown()
@@ -238,9 +250,10 @@ func orderedEvents(events []string, db *graph.Graph) ([]string, []time.Time, []t
 
 		e1, l1 := db.EventDateRange(events[i])
 		e2, l2 := db.EventDateRange(events[j])
-		if l1.After(l2) || e2.Before(e1) {
+		if l2.After(l1) || e1.Before(e2) {
 			less = true
 		}
+
 		return less
 	})
 
@@ -287,8 +300,14 @@ func memGraphForScope(domains []string, from *graph.Graph) (*graph.Graph, error)
 		return nil, errors.New("Failed to create the in-memory graph database")
 	}
 
+	var err error
 	// Migrate the event data into the in-memory graph database
-	if err := from.MigrateEventsInScope(db, domains); err != nil {
+	if len(domains) == 0 {
+		err = from.MigrateEvents(db)
+	} else {
+		err = from.MigrateEventsInScope(db, domains)
+	}
+	if err != nil {
 		return nil, fmt.Errorf("Failed to move the data into the in-memory graph database: %v", err)
 	}
 
@@ -297,7 +316,7 @@ func memGraphForScope(domains []string, from *graph.Graph) (*graph.Graph, error)
 
 func getEventOutput(uuids []string, db *graph.Graph) []*requests.Output {
 	var output []*requests.Output
-	cache := net.NewASNCache()
+	cache := amassnet.NewASNCache()
 	filter := stringfilter.NewStringFilter()
 
 	for i := len(uuids) - 1; i >= 0; i-- {
@@ -324,7 +343,7 @@ func domainNameInScope(name string, scope []string) bool {
 }
 
 func healASInfo(uuids []string, db *graph.Graph) bool {
-	cache := net.NewASNCache()
+	cache := amassnet.NewASNCache()
 	db.ASNCacheFill(cache)
 
 	cfg := config.NewConfig()
@@ -333,7 +352,7 @@ func healASInfo(uuids []string, db *graph.Graph) bool {
 	if err != nil {
 		return false
 	}
-	sys.SetDataSources(datasrcs.GetAllSources(sys))
+	sys.SetDataSources(datasrcs.GetAllSources(sys, true))
 	defer sys.Shutdown()
 
 	bus := eventbus.NewEventBus()
@@ -370,3 +389,30 @@ func healASInfo(uuids []string, db *graph.Graph) bool {
 
 	return updated
 }
+
+func assignNetInterface(iface *net.Interface) error {
+	addrs, err := iface.Addrs()
+	if err != nil {
+		return fmt.Errorf("Network interface '%s' has no assigned addresses", iface.Name)
+	}
+
+	var best net.Addr
+	for _, addr := range addrs {
+		if a, ok := addr.(*net.IPNet); ok {
+			if best == nil {
+				best = a
+			}
+			if amassnet.IsIPv4(a.IP) {
+				best = a
+				break
+			}
+		}
+	}
+
+	if best == nil {
+		return fmt.Errorf("Network interface '%s' does not have assigned IP addresses", iface.Name)
+	}
+
+	amassnet.LocalAddr = best
+	return nil
+}
diff --git a/datasrcs/dnsdumpster.go b/datasrcs/dnsdumpster.go
@@ -7,7 +7,6 @@ import (
 	"context"
 	"fmt"
 	"io/ioutil"
-	"net"
 	"net/http"
 	"net/url"
 	"regexp"
@@ -114,13 +113,6 @@ func (d *DNSDumpster) postForm(ctx context.Context, token, domain string) (strin
 		return "", fmt.Errorf("%s failed to obtain the EventBus from Context", d.String())
 	}
 
-	dial := net.Dialer{}
-	client := &http.Client{
-		Transport: &http.Transport{
-			DialContext:         dial.DialContext,
-			TLSHandshakeTimeout: 10 * time.Second,
-		},
-	}
 	params := url.Values{
 		"csrfmiddlewaretoken": {token},
 		"targetip":            {domain},
@@ -147,7 +139,7 @@ func (d *DNSDumpster) postForm(ctx context.Context, token, domain string) (strin
 	req.Header.Set("Referer", "https://dnsdumpster.com")
 	req.Header.Set("X-CSRF-Token", token)
 
-	resp, err := client.Do(req)
+	resp, err := amasshttp.DefaultClient.Do(req)
 	if err != nil {
 		bus.Publish(requests.LogTopic, eventbus.PriorityHigh,
 			fmt.Sprintf("%s: The POST request failed: %v", d.String(), err))

diff --git a/datasrcs/radb.go b/datasrcs/radb.go
@@ -8,12 +8,12 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"net"
 	"strconv"
 	"strings"
 	"time"
 
 	"github.com/OWASP/Amass/v3/eventbus"
+	amassnet "github.com/OWASP/Amass/v3/net"
 	"github.com/OWASP/Amass/v3/net/http"
 	"github.com/OWASP/Amass/v3/requests"
 	"github.com/OWASP/Amass/v3/resolvers"
@@ -343,8 +343,7 @@ func (r *RADb) ipToASN(ctx context.Context, cidr string) int {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 
-	d := net.Dialer{}
-	conn, err := d.DialContext(ctx, "tcp", r.addr+":43")
+	conn, err := amassnet.DialContext(ctx, "tcp", r.addr+":43")
 	if err != nil {
 		bus.Publish(requests.LogTopic, eventbus.PriorityHigh, fmt.Sprintf("%s: %v", r.String(), err))
 		return 0

diff --git a/datasrcs/shadowserver.go b/datasrcs/shadowserver.go
@@ -205,8 +205,7 @@ func (s *ShadowServer) netblocks(ctx context.Context, asn int) stringset.Set {
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 
-	d := net.Dialer{}
-	conn, err := d.DialContext(ctx, "tcp", s.addr+":43")
+	conn, err := amassnet.DialContext(ctx, "tcp", s.addr+":43")
 	if err != nil {
 		bus.Publish(requests.LogTopic, eventbus.PriorityHigh, fmt.Sprintf("%s: %v", s.String(), err))
 		return netblocks

diff --git a/format/print.go b/format/print.go
@@ -6,10 +6,11 @@ package format
 import (
 	"fmt"
 	"io"
+	"net"
 	"strconv"
 	"strings"
 
-	"github.com/OWASP/Amass/v3/net"
+	amassnet "github.com/OWASP/Amass/v3/net"
 	"github.com/OWASP/Amass/v3/requests"
 	"github.com/fatih/color"
 )
@@ -198,7 +199,7 @@ func censorString(input string, start, end int) string {
 // OutputLineParts returns the parts of a line to be printed for a requests.Output.
 func OutputLineParts(out *requests.Output, src, addrs, demo bool) (source, name, ips string) {
 	if src {
-		source = fmt.Sprintf("%-18s", "["+out.Source+"] ")
+		source = fmt.Sprintf("%-18s", "["+out.Sources[0]+"] ")
 	}
 	if addrs {
 		for i, a := range out.Addresses {
@@ -230,12 +231,40 @@ func DesiredAddrTypes(addrs []requests.AddressInfo, ipv4, ipv6 bool) []requests.
 
 	var keep []requests.AddressInfo
 	for _, addr := range addrs {
-		if net.IsIPv4(addr.Address) && !ipv4 {
+		if amassnet.IsIPv4(addr.Address) && !ipv4 {
 			continue
-		} else if net.IsIPv6(addr.Address) && !ipv6 {
+		} else if amassnet.IsIPv6(addr.Address) && !ipv6 {
 			continue
 		}
 		keep = append(keep, addr)
 	}
 	return keep
 }
+
+// InterfaceInfo returns network interface information specific to the current host.
+func InterfaceInfo() string {
+	var output string
+
+	if ifaces, err := net.Interfaces(); err == nil {
+		for _, i := range ifaces {
+			addrs, err := i.Addrs()
+			if err != nil {
+				continue
+			}
+			output += fmt.Sprintf("%s%s%s\n", blue(i.Name+": "), green("flags="), yellow("<"+strings.ToUpper(i.Flags.String()+">")))
+			if i.HardwareAddr.String() != "" {
+				output += fmt.Sprintf("\t%s%s\n", green("ether: "), yellow(i.HardwareAddr.String()))
+			}
+			for _, addr := range addrs {
+				inet := "inet"
+				if a, ok := addr.(*net.IPNet); ok && amassnet.IsIPv6(a.IP) {
+					inet += "6"
+				}
+				inet += ": "
+				output += fmt.Sprintf("\t%s%s\n", green(inet), yellow(addr.String()))
+			}
+		}
+	}
+
+	return output
+}