forked from tomnomnom/qsreplace
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
101 lines (88 loc) · 2.19 KB
/
main.go
File metadata and controls
101 lines (88 loc) · 2.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package main
import (
"bufio"
"bytes"
"flag"
"fmt"
"net/url"
"os"
"sort"
"strings"
)
func addParam(u *url.URL, value string, appendMode bool) {
seen := make(map[string]bool)
// Go's maps aren't ordered, but we want to use all the param names
// as part of the key to output only unique requests. To do that, put
// them into a slice and then sort it.
pp := make([]string, 0)
for p, _ := range u.Query() {
pp = append(pp, p)
}
sort.Strings(pp)
key := fmt.Sprintf("%s%s?%s", u.Hostname(), u.EscapedPath(), strings.Join(pp, "&"))
// Only output each host + path + params combination once
if _, exists := seen[key]; exists {
return
}
seen[key] = true
qs := url.Values{}
for param, vv := range u.Query() {
if appendMode {
qs.Set(param, vv[0]+value)
} else {
qs.Set(param, value)
}
}
u.RawQuery = qs.Encode()
fmt.Printf("%s\n", u)
}
func main() {
var appendMode bool
var bothMode bool
var wordlist string
flag.BoolVar(&appendMode, "a", false, "Append the value instead of replacing it")
flag.BoolVar(&bothMode, "b", false, "Replace the value once and append it once for each url")
flag.StringVar(&wordlist, "w", "", "Wordlist to use")
flag.Parse()
var data []byte
if wordlist != "" {
var err error
data, err = os.ReadFile(wordlist)
if err != nil {
fmt.Fprintf(os.Stderr, "failed to read wordlist %s [%s]\n", wordlist, err)
os.Exit(1)
}
}
// read URLs on stdin, then replace the values in the query string
// with some user-provided value
sc := bufio.NewScanner(os.Stdin)
for sc.Scan() {
u, err := url.Parse(sc.Text())
if err != nil {
fmt.Fprintf(os.Stderr, "failed to parse url %s [%s]\n", sc.Text(), err)
continue
}
if len(u.Query()) == 0 {
// skip URLs with no query string
continue
}
if data != nil {
split := bytes.Split(bytes.ReplaceAll(data, []byte("\r\n"), []byte("\n")), []byte("\n"))
for _, v := range split {
if bothMode {
addParam(u, string(v), true)
addParam(u, string(v), false)
continue
}
addParam(u, string(v), appendMode)
}
} else {
if bothMode {
addParam(u, flag.Arg(0), true)
addParam(u, flag.Arg(0), false)
} else {
addParam(u, flag.Arg(0), appendMode)
}
}
}
}