added progress bar, removed bloating outputs, restuctured the data st…

…ructures

go.mod

@@ -1,3 +1,24 @@
 module github.com/DarthCucumber/gofuzz
 
 go 1.13
+
+require (
+	github.com/cheggaaa/pb v2.0.7+incompatible
+	github.com/cheggaaa/pb/v3 v3.0.7
+	github.com/fatih/color v1.10.0 // indirect
+	github.com/gosuri/uilive v0.0.4 // indirect
+	github.com/gosuri/uiprogress v0.0.1
+	github.com/kless/term v0.0.0-20161130133337-e551c64f56c0 // indirect
+	github.com/mattn/go-runewidth v0.0.10 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/sethgrid/curse v0.0.0-20181231162520-d4ee583ebf0f // indirect
+	github.com/sethgrid/multibar v0.0.0-20160417171508-4bf4cf7b87d6
+	github.com/tredoe/term v0.0.0-20161130133337-e551c64f56c0 // indirect
+	golang.org/x/sys v0.0.0-20210324051608-47abb6519492 // indirect
+	gopkg.in/VividCortex/ewma.v1 v1.1.1 // indirect
+	gopkg.in/cheggaaa/pb.v2 v2.0.7 // indirect
+	gopkg.in/fatih/color.v1 v1.7.0 // indirect
+	gopkg.in/mattn/go-colorable.v0 v0.1.0 // indirect
+	gopkg.in/mattn/go-isatty.v0 v0.0.4 // indirect
+	gopkg.in/mattn/go-runewidth.v0 v0.0.4 // indirect
+)

go.sum

@@ -0,0 +1,55 @@
+github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM=
+github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
+github.com/cheggaaa/pb v2.0.7+incompatible h1:gLKifR1UkZ/kLkda5gC0K6c8g+jU2sINPtBeOiNlMhU=
+github.com/cheggaaa/pb v2.0.7+incompatible/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s=
+github.com/cheggaaa/pb/v3 v3.0.7 h1:58wduqwoqpsklsCZ7NZ5dsrCqPWv2t0+p85FcBds6XY=
+github.com/cheggaaa/pb/v3 v3.0.7/go.mod h1:X1L61/+36nz9bjIsrDU52qHKOQukUQe2Ge+YvGuquCw=
+github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=
+github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
+github.com/fatih/color v1.10.0 h1:s36xzo75JdqLaaWoiEHk767eHiwo0598uUxyfiPkDsg=
+github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
+github.com/gosuri/uilive v0.0.4 h1:hUEBpQDj8D8jXgtCdBu7sWsy5sbW/5GhuO8KBwJ2jyY=
+github.com/gosuri/uilive v0.0.4/go.mod h1:V/epo5LjjlDE5RJUcqx8dbw+zc93y5Ya3yg8tfZ74VI=
+github.com/gosuri/uiprogress v0.0.1 h1:0kpv/XY/qTmFWl/SkaJykZXrBBzwwadmW8fRb7RJSxw=
+github.com/gosuri/uiprogress v0.0.1/go.mod h1:C1RTYn4Sc7iEyf6j8ft5dyoZ4212h8G1ol9QQluh5+0=
+github.com/kless/term v0.0.0-20161130133337-e551c64f56c0 h1:urSxQgTe6jlMLp7SBqS9kScNOFrkumkEPd5wkEqR4zo=
+github.com/kless/term v0.0.0-20161130133337-e551c64f56c0/go.mod h1:QHlPrsvQ38EZ3avQaGw+V049LEqMXGn/Q7///G4rlPw=
+github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
+github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
+github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/mattn/go-runewidth v0.0.7 h1:Ei8KR0497xHyKJPAv59M1dkC+rOZCMBJ+t3fZ+twI54=
+github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
+github.com/mattn/go-runewidth v0.0.10 h1:CoZ3S2P7pvtP45xOtBw+/mDL2z0RKI576gSkzRRpdGg=
+github.com/mattn/go-runewidth v0.0.10/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk=
+github.com/rivo/uniseg v0.1.0 h1:+2KBaVoUmb9XzDsrx/Ct0W/EYOSFf/nWTauy++DprtY=
+github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/sethgrid/curse v0.0.0-20181231162520-d4ee583ebf0f h1:5sRN2QRb4WELQTjDA0RxH6fDHsqU8DvmSxOVQrFE5EU=
+github.com/sethgrid/curse v0.0.0-20181231162520-d4ee583ebf0f/go.mod h1:AcGQtZEPLvE/ypI3mXUA5nzST17BmzYJJy/n5HXoFTA=
+github.com/sethgrid/multibar v0.0.0-20160417171508-4bf4cf7b87d6 h1:9Pmh5TyN2ZWSH9wKPaQyNYogv1+69yxWj3DedOAf4dM=
+github.com/sethgrid/multibar v0.0.0-20160417171508-4bf4cf7b87d6/go.mod h1:GWQxwO7VuGL/OCtq0TtIt8adwFk1iSB0eo65VG5i0iA=
+github.com/tredoe/term v0.0.0-20161130133337-e551c64f56c0 h1:62GgUset6v9/OOwgp6G9G0T85xd1tSrxuJb6B32wfC0=
+github.com/tredoe/term v0.0.0-20161130133337-e551c64f56c0/go.mod h1:KgcOI1tnP8CSXsT+9RJU/CYuGBjeJAXbhyG8ufn21jQ=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42 h1:vEOn+mP2zCOVzKckCZy6YsCtDblrpj/w7B9nxGNELpg=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210324051608-47abb6519492 h1:Paq34FxTluEPvVyayQqMPgHm+vTOrIifmcYxFBx9TLg=
+golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+gopkg.in/VividCortex/ewma.v1 v1.1.1 h1:tWHEKkKq802K/JT9RiqGCBU5fW3raAPnJGTE9ostZvg=
+gopkg.in/VividCortex/ewma.v1 v1.1.1/go.mod h1:TekXuFipeiHWiAlO1+wSS23vTcyFau5u3rxXUSXj710=
+gopkg.in/cheggaaa/pb.v2 v2.0.7 h1:beaAg8eacCdMQS9Y7obFEtkY7gQl0uZ6Zayb3ry41VY=
+gopkg.in/cheggaaa/pb.v2 v2.0.7/go.mod h1:0CiZ1p8pvtxBlQpLXkHuUTpdJ1shm3OqCF1QugkjHL4=
+gopkg.in/fatih/color.v1 v1.7.0 h1:bYGjb+HezBM6j/QmgBfgm1adxHpzzrss6bj4r9ROppk=
+gopkg.in/fatih/color.v1 v1.7.0/go.mod h1:P7yosIhqIl/sX8J8UypY5M+dDpD2KmyfP5IRs5v/fo0=
+gopkg.in/mattn/go-colorable.v0 v0.1.0 h1:WYuADWvfvYC07fm8ygYB3LMcsc5CunpxfMGKawHkAos=
+gopkg.in/mattn/go-colorable.v0 v0.1.0/go.mod h1:BVJlBXzARQxdi3nZo6f6bnl5yR20/tOL6p+V0KejgSY=
+gopkg.in/mattn/go-isatty.v0 v0.0.4 h1:NtS1rQGQr4IaFWBGz4Cz4BhB///gyys4gDVtKA7hIsc=
+gopkg.in/mattn/go-isatty.v0 v0.0.4/go.mod h1:wt691ab7g0X4ilKZNmMII3egK0bTxl37fEn/Fwbd8gc=
+gopkg.in/mattn/go-runewidth.v0 v0.0.4 h1:r0P71TnzQDlNIcizCqvPSSANoFa3WVGtcNJf3TWurcY=
+gopkg.in/mattn/go-runewidth.v0 v0.0.4/go.mod h1:BmXejnxvhwdaATwiJbB1vZ2dtXkQKZGu9yLFCZb4msQ=

main.go

@@ -12,8 +12,13 @@ import (
 
 func main() {
 	var options data.Options
-	var wg sync.WaitGroup
-	var metaData data.SessionData
+	var fuzzWorker sync.WaitGroup
+	var session data.SessionData
+
+	var parsedNum data.FuzzData
+	var parsedAscii data.FuzzData
+	var parsedChar data.FuzzData
+	var parsedInput data.FuzzData
 
 	flag.BoolVar(&options.ShowHelp, "h", false, "shows usage details")
 	flag.StringVar(&options.TargetUrl, "u", "", "takes in URL for fuzzing")
@@ -24,6 +29,7 @@ func main() {
 	flag.StringVar(&options.InputFile, "f", "", "file path to list of fuzz data")
 	flag.StringVar(&options.ExportType, "e", "txt", "data format in which the result will be stored in the output file")
 	flag.StringVar(&options.Method, "m", "HEAD", "Request method [HEAD/GET/POST]")
+	flag.IntVar(&options.Timeout, "t", 2000, "takes in timout for each requests in milliseconds. (Default: 2000 ms or 2 s)")
 	flag.StringVar(&options.Exclude, "ex", "", "takes in status code separated by commas to be excluded from display result, however everything is included in the result files")
 	flag.Parse()
 
@@ -44,111 +50,48 @@ func main() {
 	}
 
 	//parse target url
-	metaData.ParsedUrl = options.ParseUrl()
+	session.ParsedUrl = options.ParseUrl()
+	//set timeout
+	session.Timeout = options.Timeout
 	//check for valid export type(-e)
-	metaData.ExportType = options.SetExportType()
+	session.ExportType = options.SetExportType()
 	//check for valid request method(-m)
-	metaData.Method = options.SetRequestMethod()
-	//set of status code to be excluded from the results
-	metaData.ExcludeStatus = options.ExcludeStatusCode()
+	session.Method = options.SetRequestMethod()
+	//set status code to be excluded from the results
+	session.ExcludeStatus = options.ExcludeStatusCode()
 
-	//parse option data
-	metaData.ParsedNum = options.ParseNumRange()
-	metaData.ParsedAscii = options.ParseAsciiRange()
-	metaData.ParsedChar = options.ParseCharList()
-	metaData.ParsedFileInput = options.ReadFuzzFile()
+	//parse option data and store 'em
+	parsedNum.InputData = options.ParseNumRange()
+	parsedAscii.InputData = options.ParseAsciiRange()
+	parsedChar.InputData = options.ParseCharList()
+	parsedInput.InputData = options.ReadFuzzFile()
 
 	//if no data exists for fuzzing then throw error
-	if metaData.IsEmpty() {
-		utils.ShowError("No fuzz data provided for fuzzing")
-		os.Exit(0)
+	if len(parsedInput.InputData) == 0 && len(parsedNum.InputData) == 0 && len(parsedAscii.InputData) == 0 && len(parsedChar.InputData) == 0 {
+		utils.ShowError("No fuzzing data provided")
+		utils.ShowInfo("Use -h option to display usage menu")
 	}
 
 	//function to create output folder
-	metaData.OutDir = options.SetOutputDir()
-	//initializing result map
-	metaData.NumRes = make(map[string][]string)
-	metaData.AsciiRes = make(map[string][]string)
-	metaData.CharRes = make(map[string][]string)
-	metaData.InputRes = make(map[string][]string)
-
-	//channel to get result from go routine
-	c := make(chan []string)
-	//TODO: any improvements to this?
-	//fuzzing part
-	if len(metaData.ParsedNum) != 0 {
-		utils.ShowInfo("Fuzzing Numeric List")
-		//iterate over provided data
-		for _, u := range metaData.ParsedNum {
-			wg.Add(1)
-			go utils.Fuzz(metaData.ParsedUrl, u, metaData.Method, c, &wg)
-			res := <-c
-			//res[0]:statuscode, res[1]:fuzzing data, res[2]:result URL
-			//check if status code included in
-			//exclude list
-			if !metaData.ContainsCode(res[0]) {
-				metaData.NumRes[res[0]] = append(metaData.NumRes[res[0]], res[1])
-				fmt.Printf("[%s] %s\n", res[0], res[2])
-			}
-		}
-	}
-	wg.Wait()
-	if len(metaData.ParsedAscii) != 0 {
-		utils.ShowInfo("Fuzzing ASCII List")
-		//iterate over provided data
-		for _, u := range metaData.ParsedAscii {
-			wg.Add(1)
-			go utils.Fuzz(metaData.ParsedUrl, u, metaData.Method, c, &wg)
-			res := <-c
-			//res[0]:statuscode, res[1]:fuzzing data, res[2]:result URL
-			//check if status code included in
-			//exclude list
-			if !metaData.ContainsCode(res[0]) {
-				metaData.AsciiRes[res[0]] = append(metaData.AsciiRes[res[0]], res[1])
-				fmt.Printf("[%s] %s\n", res[0], res[2])
-			}
-		}
-	}
-	wg.Wait()
-	if len(metaData.ParsedChar) != 0 {
-		utils.ShowInfo("Fuzzing Character List")
-		//iterate over provided data
-		for _, u := range metaData.ParsedChar {
-			wg.Add(1)
-			go utils.Fuzz(metaData.ParsedUrl, u, metaData.Method, c, &wg)
-			res := <-c
-			//res[0]:statuscode, res[1]:fuzzing data, res[2]:result URL
-			//check if status code included in
-			//exclude list
-			if !metaData.ContainsCode(res[0]) {
-				metaData.CharRes[res[0]] = append(metaData.CharRes[res[0]], res[1])
-				fmt.Printf("[%s] %s\n", res[0], res[2])
-			}
-		}
-	}
-	wg.Wait()
-	if len(metaData.ParsedFileInput) != 0 {
-		utils.ShowInfo("Fuzzing User Input")
-		//iterate over provided data
-		for _, u := range metaData.ParsedFileInput {
-			wg.Add(1)
-			go utils.Fuzz(metaData.ParsedUrl, u, metaData.Method, c, &wg)
-			res := <-c
-			//res[0]:statuscode, res[1]:fuzzing data, res[2]:result URL
-			//check if status code included in
-			//exclude list
-			if !metaData.ContainsCode(res[0]) {
-				metaData.InputRes[res[0]] = append(metaData.InputRes[res[0]], res[1])
-				fmt.Printf("[%s] %s\n", res[0], res[2])
-			}
-		}
-	}
-	//wait and close the data
-	wg.Wait()
-	close(c)
-
-	utils.ShowSuccess("Fuzzing done...")
-	//Export
-	utils.ShowInfo("Exporting results...")
-	metaData.ExportData()
+	session.OutDir = options.SetOutputDir()
+	//setting metaData to each entity
+	parsedNum.MetaData = session
+	parsedAscii.MetaData = session
+	parsedChar.MetaData = session
+	parsedInput.MetaData = session
+
+	//begin the fuzzing process
+	fuzzWorker.Add(4)
+
+	go parsedNum.BeginFuzzing(&fuzzWorker, "numeric")
+	go parsedAscii.BeginFuzzing(&fuzzWorker, "ascii")
+	go parsedChar.BeginFuzzing(&fuzzWorker, "character")
+	go parsedInput.BeginFuzzing(&fuzzWorker, "file data")
+
+	fuzzWorker.Wait()
+	utils.ShowSuccess("Fuzzing Complete!")
+	// fmt.Printf("%+v\n", parsedNum.Result)
+	// fmt.Printf("%+v\n", parsedAscii.Result)
+	// fmt.Printf("%+v\n", parsedChar.Result)
+	// fmt.Printf("%+v\n", parsedInput.Result)
 }

pkg/data/options.go

@@ -26,6 +26,7 @@ type Options struct {
 	ExportType string
 	Host       string
 	Exclude    string
+	Timeout    int
 }
 
 //exclude status code functionality