From efad9d70cda7882525f35567c99e422d7a7925b6 Mon Sep 17 00:00:00 2001 From: Liam Galvin Date: Tue, 17 Dec 2019 20:36:32 +0000 Subject: [PATCH] Add option to skip ssl cert verification --- cmd/scout/main.go | 2 ++ pkg/scan/options.go | 1 + pkg/scan/scanner.go | 13 ++++++++++--- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/cmd/scout/main.go b/cmd/scout/main.go index d8832b3..6169ace 100644 --- a/cmd/scout/main.go +++ b/cmd/scout/main.go @@ -159,6 +159,7 @@ var noColours = false var wordlistPath string var debug bool var filename string +var skipSSLVerification bool func main() { @@ -168,6 +169,7 @@ func main() { rootCmd.Flags().StringVarP(&wordlistPath, "wordlist", "w", wordlistPath, "Path to wordlist file. If this is not specified an internal wordlist will be used.") rootCmd.Flags().BoolVarP(&debug, "debug", "d", debug, "Enable debug logging.") rootCmd.Flags().StringVarP(&filename, "filename", "f", filename, "Filename to seek in the directory being searched. Useful when all directories report 404 status.") + rootCmd.Flags().BoolVarP(&skipSSLVerification, "skip-ssl-verify", "k", skipSSLVerification, "Skip SSL certificate verification.") if err := rootCmd.Execute(); err != nil { fmt.Println(err) diff --git a/pkg/scan/options.go b/pkg/scan/options.go index c227b90..9de4587 100644 --- a/pkg/scan/options.go +++ b/pkg/scan/options.go @@ -20,6 +20,7 @@ type Options struct { Wordlist wordlist.Wordlist Extensions []string Filename string + SkipSSLVerification bool } type Result struct { diff --git a/pkg/scan/scanner.go b/pkg/scan/scanner.go index f6de81a..6bd8d89 100644 --- a/pkg/scan/scanner.go +++ b/pkg/scan/scanner.go @@ -1,6 +1,7 @@ package scan import ( + "crypto/tls" "io" "io/ioutil" "net/http" @@ -24,11 +25,17 @@ func NewScanner(opt *Options) *Scanner { opt.Inherit() + client := &http.Client{ + Timeout: opt.Timeout, + } + + if opt.SkipSSLVerification { + client.Transport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} + } + return &Scanner{ options: opt, - client: &http.Client{ - Timeout: opt.Timeout, - }, + client: client, } }