header support random str

Author: bufsnake

README.md

@@ -90,6 +90,10 @@ Usage of ./httpx:
 ▶ ./httpx -output TEST.db -server # 启动服务并访问 http://127.0.0.1:9100/
 ```
 
+```bash
+▶ ./httpx -targets domains.txt -header "Host: {{RAND}}.dnslog.cn" # 对应header的fuzz，搭配代理工具获取请求包，查询RAND字段
+```
+
 ## 逻辑查询
 
 📢: 正常查询字符串时，必须添加""
@@ -155,3 +159,4 @@ body
 - [ ] 常见信息提取 github.com/mingrammer/commonregex
 - [x] 二维码识别、APK链接提取(需-get-path)
 - [ ] http2 detect
+- [ ] 功能整合: JSFinder

cmd/httpx/main.go

@@ -16,6 +16,7 @@ import (
 	"github.com/chromedp/cdproto/fetch"
 	"github.com/gin-gonic/gin"
 	"io/fs"
+	"math/rand"
 	"net/http"
 	"net/url"
 	"os"
@@ -44,6 +45,7 @@ func init() {
 		os.Exit(1)
 	}
 	_ = syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rLimit)
+	rand.Seed(time.Now().UnixNano())
 }
 
 //go:embed website
@@ -99,7 +101,7 @@ func main() {
 	flag.BoolVar(&conf.Rebuild, "rebuild", false, "rebuild data table")
 	flag.BoolVar(&conf.Server, "server", false, "read the database by starting the web service")
 
-	flag.Var(&conf.Header, "header", "specify request header, example:\n-header 'Content-Type: application/json' -header 'Bypass: 127.0.0.1'")
+	flag.Var(&conf.Header, "header", "specify request header, example:\n-header 'Content-Type: application/json' -header 'Bypass: 127.0.0.1'\n-header 'Host: {{RAND}}.dnslog.cn'")
 	flag.StringVar(&conf.Method, "method", "GET", "request method, example:\n-method GET")
 	flag.StringVar(&conf.Data, "data", "", "request body data, example:\n-data 'test=test'")
 	flag.Parse()

config/blacklists.go

@@ -13,12 +13,12 @@ var OutOfRange = []string{
 	"example.com",
 	"qq.com",
 	"wechat.com",
-    "zhihu.com",
-    "aliyun.",
-    "apple.",
-    "apache.org",
-    "googlevideo.com",
-    "google.cn",
-    ".google",
-    "npmjs.org",
+	"zhihu.com",
+	"aliyun.",
+	"apple.",
+	"apache.org",
+	"googlevideo.com",
+	"google.cn",
+	".google",
+	"npmjs.org",
 }

pkg/requests/request.go

@@ -79,6 +79,7 @@ func (r *request) Run() error {
 	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 	req.Header.Set("Connection", "close")
 	for i := 0; i < len(r.conf.Headers); i++ {
+		r.conf.Headers[i].Value = strings.ReplaceAll(r.conf.Headers[i].Value, "{{RAND}}", utils.RandString(10))
 		if strings.ToUpper(r.conf.Headers[i].Name) == "HOST" {
 			req.Host = r.conf.Headers[i].Value
 			continue

pkg/screenshot/screenshot.go

@@ -222,7 +222,7 @@ func (c *chrome) listen(ctx context.Context, lock *sync.Mutex, request map[strin
 		case *fetch.EventRequestPaused:
 			// Add Headers
 			// Can Not Set Host Header
-			if len(c.conf_.Headers) == 0 || !c.conf_.IsExist(e.Request.URL) {
+			if len(c.conf_.Headers) == 0 || !c.conf_.IsExist(strings.Trim(e.Request.URL, "/")) {
 				go func() {
 					err := fetch.ContinueRequest(e.RequestID).Do(cdp.WithExecutor(ctx, chromedp.FromContext(ctx).Target))
 					if err != nil {
@@ -231,11 +231,19 @@ func (c *chrome) listen(ctx context.Context, lock *sync.Mutex, request map[strin
 				}()
 			} else {
 				go func() {
+					headers := make([]*fetch.HeaderEntry, 0)
+					for i := 0; i < len(c.conf_.Headers); i++ {
+						if strings.ToUpper(c.conf_.Headers[i].Name) == "HOST" {
+							continue
+						}
+						c.conf_.Headers[i].Value = strings.ReplaceAll(c.conf_.Headers[i].Value, "{{RAND}}", utils.RandString(10))
+						headers = append(headers, c.conf_.Headers[i])
+					}
 					err := fetch.ContinueRequest(e.RequestID).
 						WithURL(e.Request.URL).
 						WithMethod(c.conf_.Method).
 						WithPostData(base64.StdEncoding.EncodeToString([]byte(c.conf_.Data))). // If set, overrides the post data in the request. (Encoded as a base64 string when passed over JSON)
-						WithHeaders(c.conf_.Headers).
+						WithHeaders(headers).
 						Do(cdp.WithExecutor(ctx, chromedp.FromContext(ctx).Target))
 					if err != nil {
 						c.l.Error(err)