@@ -2,6 +2,7 @@ package main
22
33import (
44 "bufio"
5+ "crypto/tls"
56 "fmt"
67 "net/http"
78 "net/url"
@@ -53,14 +54,15 @@ var output logger
5354var au aurora.Aurora
5455
5556func main () {
56- urlArg := flag .String ("url" , "" , "The url to get the javascript sources from" )
57+ urlArg := flag .String ("url" , "U " , "The url to get the javascript sources from" )
5758 outputFileArg := flag .String ("output" , "" , "Output file to save the results to" )
5859 inputFileArg := flag .String ("input" , "" , "Input file with urls" )
5960 resolveArg := flag .Bool ("resolve" , false , "Output only existing files" )
6061 completeArg := flag .Bool ("complete" , false , "Complete the url. e.g. append the domain to the path" )
6162 verboseArg := flag .Bool ("verbose" , false , "Display info of what is going on" )
6263 noColorsArg := flag .Bool ("nocolors" , false , "Enable or disable colors" )
6364 HeaderArg := flag .StringArrayP ("header" , "H" , nil , "Any HTTP headers(-H \" Authorization:Bearer token\" )" )
65+ insecureArg := flag .Bool ("insecure" , false , "Check the SSL security checks. Use when the certificate is expired or invalid" )
6466 flag .Parse ()
6567
6668 au = aurora .NewAurora (! * noColorsArg )
@@ -120,7 +122,7 @@ func main() {
120122 var sourcesBak []string
121123 var completedSuccessfully = true
122124 output .Log ("[+] Getting sources from " + e )
123- sources , err := getScriptSrc (e , * HeaderArg )
125+ sources , err := getScriptSrc (e , * HeaderArg , * insecureArg )
124126 if err != nil {
125127 output .Error ("[!] Couldn't get sources from " + e , err )
126128 }
@@ -188,7 +190,7 @@ func saveToFile(sources []string, path string) error {
188190 return w .Flush ()
189191}
190192
191- func getScriptSrc (url string , headers []string ) ([]string , error ) {
193+ func getScriptSrc (url string , headers []string , insecure bool ) ([]string , error ) {
192194 // Request the HTML page.
193195 req , err := http .NewRequest ("GET" , url , nil )
194196 if err != nil {
@@ -203,7 +205,20 @@ func getScriptSrc(url string, headers []string) ([]string, error) {
203205 }
204206 }
205207
206- client := new (http.Client )
208+ tr := & http.Transport {
209+ TLSClientConfig : & tls.Config {InsecureSkipVerify : false },
210+ }
211+
212+ var client = & http.Client {
213+ Transport : tr ,
214+ }
215+
216+ if insecure {
217+ client .Transport = & http.Transport {
218+ TLSClientConfig : & tls.Config {InsecureSkipVerify : true },
219+ }
220+ }
221+
207222 res , err := client .Do (req )
208223 if err != nil {
209224 return []string {}, err
0 commit comments