merge: phase 14-04 register wiring
This commit is contained in:
salvacybersec
@@ -1,12 +1,21 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
<<<<<<< HEAD
|
||||
"bufio"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
=======
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
>>>>>>> worktree-agent-adad8c10
|
||||
"time"
|
||||
|
||||
"golang.org/x/time/rate"
|
||||
@@ -15,6 +24,7 @@ import (
|
||||
"github.com/salvacybersec/keyhunter/pkg/recon"
|
||||
)
|
||||
|
||||
<<<<<<< HEAD
|
||||
// CommonCrawlSource implements recon.ReconSource against the CommonCrawl
|
||||
// Index Server API. It queries index.commoncrawl.org for pages matching
|
||||
// provider keywords in the CC index.
|
||||
@@ -57,6 +67,41 @@ func (s *CommonCrawlSource) Sweep(ctx context.Context, _ string, out chan<- reco
|
||||
idx := s.IndexName
|
||||
if idx == "" {
|
||||
idx = "CC-MAIN-2024-10"
|
||||
=======
|
||||
// CommonCrawlSource searches the Common Crawl index for web pages that may
|
||||
// contain leaked API keys. Common Crawl archives petabytes of web content;
|
||||
// its CDX API allows searching by URL pattern to find pages that historically
|
||||
// exposed secrets.
|
||||
type CommonCrawlSource struct {
|
||||
BaseURL string
|
||||
Registry *providers.Registry
|
||||
Limiters *recon.LimiterRegistry
|
||||
Client *Client
|
||||
}
|
||||
|
||||
var _ recon.ReconSource = (*CommonCrawlSource)(nil)
|
||||
|
||||
func (s *CommonCrawlSource) Name() string { return "commoncrawl" }
|
||||
func (s *CommonCrawlSource) RateLimit() rate.Limit { return rate.Every(5 * time.Second) }
|
||||
func (s *CommonCrawlSource) Burst() int { return 1 }
|
||||
func (s *CommonCrawlSource) RespectsRobots() bool { return true }
|
||||
func (s *CommonCrawlSource) Enabled(_ recon.Config) bool { return true }
|
||||
|
||||
// ccIndexResult represents a single Common Crawl CDX index record.
|
||||
type ccIndexResult struct {
|
||||
URL string `json:"url"`
|
||||
Timestamp string `json:"timestamp"`
|
||||
Status string `json:"status"`
|
||||
Filename string `json:"filename"`
|
||||
Length string `json:"length"`
|
||||
Offset string `json:"offset"`
|
||||
}
|
||||
|
||||
func (s *CommonCrawlSource) Sweep(ctx context.Context, _ string, out chan<- recon.Finding) error {
|
||||
base := s.BaseURL
|
||||
if base == "" {
|
||||
base = "https://index.commoncrawl.org/CC-MAIN-2024-10-index"
|
||||
>>>>>>> worktree-agent-adad8c10
|
||||
}
|
||||
client := s.Client
|
||||
if client == nil {
|
||||
@@ -79,17 +124,26 @@ func (s *CommonCrawlSource) Sweep(ctx context.Context, _ string, out chan<- reco
|
||||
}
|
||||
}
|
||||
|
||||
<<<<<<< HEAD
|
||||
// CC Index API: output=json returns NDJSON, limit=50 bounds the response.
|
||||
endpoint := fmt.Sprintf("%s/%s-index?url=*&output=json&limit=50&filter=status:200&query=%s",
|
||||
base, idx, url.QueryEscape(q))
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodGet, endpoint, nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("commoncrawl: build req: %w", err)
|
||||
=======
|
||||
// CDX API: search for URLs matching the query.
|
||||
searchURL := fmt.Sprintf("%s?url=*%s*&output=json&limit=10", base, q)
|
||||
req, err := http.NewRequestWithContext(ctx, http.MethodGet, searchURL, nil)
|
||||
if err != nil {
|
||||
continue
|
||||
>>>>>>> worktree-agent-adad8c10
|
||||
}
|
||||
req.Header.Set("Accept", "application/json")
|
||||
|
||||
resp, err := client.Do(ctx, req)
|
||||
if err != nil {
|
||||
<<<<<<< HEAD
|
||||
// Non-fatal: skip this keyword on transient errors.
|
||||
continue
|
||||
}
|
||||
@@ -112,10 +166,43 @@ func (s *CommonCrawlSource) Sweep(ctx context.Context, _ string, out chan<- reco
|
||||
f := recon.Finding{
|
||||
ProviderName: "",
|
||||
Source: rec.URL,
|
||||
=======
|
||||
continue
|
||||
}
|
||||
|
||||
body, err := io.ReadAll(io.LimitReader(resp.Body, 128*1024))
|
||||
_ = resp.Body.Close()
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
|
||||
// Common Crawl returns NDJSON (newline-delimited JSON).
|
||||
// Parse each line as a separate JSON object.
|
||||
var results []ccIndexResult
|
||||
dec := json.NewDecoder(bytes.NewReader(body))
|
||||
for dec.More() {
|
||||
var r ccIndexResult
|
||||
if err := dec.Decode(&r); err != nil {
|
||||
break
|
||||
}
|
||||
results = append(results, r)
|
||||
}
|
||||
|
||||
for _, r := range results {
|
||||
if err := ctx.Err(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Each indexed URL is a potential leak location; emit as finding.
|
||||
out <- recon.Finding{
|
||||
ProviderName: q,
|
||||
Source: r.URL,
|
||||
>>>>>>> worktree-agent-adad8c10
|
||||
SourceType: "recon:commoncrawl",
|
||||
Confidence: "low",
|
||||
DetectedAt: time.Now(),
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
select {
|
||||
case out <- f:
|
||||
case <-ctx.Done():
|
||||
@@ -136,3 +223,9 @@ type ccIndexRecord struct {
|
||||
Timestamp string `json:"timestamp"`
|
||||
Status string `json:"status"`
|
||||
}
|
||||
=======
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
>>>>>>> worktree-agent-adad8c10
|
||||
|
||||
Reference in New Issue
Block a user