Release v1.2 (#9)

Release v1.2

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rustbuster"
-version = "1.1.0"
+version = "1.2.0"
 authors = ["phra <greensoncio@gmail.com>", "ps1dr3x <michele@federici.tech>"]
 edition = "2018"
 
@@ -13,10 +13,11 @@ hyper-tls = "^0.3.2"
 native-tls = "^0.2.3"
 serde = { version = "^1.0.91", features = ["derive"] }
 serde_json = "^1.0.39"
-indicatif = "0.11.0"
-chrono = "0.4.6"
+indicatif = "^0.11.0"
+chrono = "^0.4.6"
+terminal_size = "^0.1.8"
 
 [dependencies.clap]
-version = "2.33"
+version = "^2.33"
 default-features = false
 features = [ "suggestions", "color" ]

README.md

@@ -6,6 +6,17 @@ DirBuster for Rust
 
 ## Usage
 
+There are three modules currently implemented:
+
+1. Dirbuster (default)  
+`rustbuster -m dir -u http://localhost:3000/ -w examples/wordlist -e php`
+
+1. Dnsbuster  
+`rustbuster -m dns -u google.com -w examples/wordlist`
+
+1. Vhostbuster  
+`rustbuster -m vhost -u http://localhost:3000/ -w examples/wordlist -d test.local -x "Hello"`
+
 ```shell
 
          _     _                 _         _           _        _                 _         _           _           _     
@@ -20,7 +31,7 @@ DirBuster for Rust
 / / /  \ \ \/ / /____\/ /\ \/___/ / /_/ /     / / /__________/ / /____\/ /\ \/___/ / /_/ /     / / /_______/ / /  \ \ \   
 \/_/    \_\/\/_________/  \_____\/  \_\/      \/_____________\/_________/  \_____\/  \_\/      \/__________\/_/    \_\/   
 
-~ rustbuster v. 1.0.0 ~ by phra & ps1dr3x ~
+~ rustbuster v. 1.2.0 ~ by phra & ps1dr3x ~
 
 USAGE:
     rustbuster [FLAGS] [OPTIONS] --url <url> --wordlist <wordlist>
@@ -36,18 +47,19 @@ FLAGS:
     -v, --verbose               Sets the level of verbosity
 
 OPTIONS:
+    -d, --domain <domain>                                Uses the specified domain
     -e, --extensions <extensions>                        Sets the extensions [default: ]
     -b, --http-body <http-body>                          Uses the specified HTTP method [default: ]
     -H, --http-header <http-header>...                   Appends the specified HTTP header
     -X, --http-method <http-method>                      Uses the specified HTTP method [default: GET]
     -S, --ignore-status-codes <ignore-status-codes>      Sets the list of status codes to ignore [default: 404]
+    -x, --ignore-string <ignore-string>...               Ignores results with specified string in vhost mode
     -s, --include-status-codes <include-status-codes>    Sets the list of status codes to include [default: ]
-    -m, --mode <mode>                                    Sets the mode of operation (dir, dns, vhost) [default: dir]
+    -m, --mode <mode>                                    Sets the mode of operation (dir, dns, fuzz) [default: dir]
     -o, --output <output>                                Saves the results in the specified file [default: ]
     -t, --threads <threads>                              Sets the amount of concurrent requests [default: 10]
     -u, --url <url>                                      Sets the target URL
     -a, --user-agent <user-agent>                        Uses the specified User-Agent [default: rustbuster]
     -w, --wordlist <wordlist>                            Sets the wordlist
 
-
 ```

examples/.gitignore

@@ -0,0 +1,2 @@
+node_modules
+package-lock.json

examples/vhosts-server.js

@@ -0,0 +1,18 @@
+var express = require("express");
+var app = express();
+
+var DEFAULT = "Hello World!";
+var vhosts = ["1.test.local", "10.test.local", "15.test.local"];
+
+app.all("/*", function (req, res) {
+    if (vhosts.some(x => x === req.hostname)) {
+        return res.send(req.hostname);
+    }
+
+    res.send("Hello World!");
+});
+
+app.listen(3000, function () {
+    console.log("Example app listening on port 3000!");
+});
+

examples/wordlist

@@ -21,3 +21,6 @@
 19
 20
 www
+src
+target
+LICENSE

src/banner.rs

@@ -15,8 +15,15 @@ pub fn generate() -> String {
 / / /  \\ \\ \\/ / /____\\/ /\\ \\/___/ / /_/ /     / / /__________/ / /____\\/ /\\ \\/___/ / /_/ /     / / /_______/ / /  \\ \\ \\   
 \\/_/    \\_\\/\\/_________/  \\_____\\/  \\_\\/      \\/_____________\\/_________/  \\_____\\/  \\_\\/      \\/__________\\/_/    \\_\\/   
 
-~ rustbuster v. {} ~ by phra & ps1dr3x ~
-", VERSION)
+")
+}
+
+pub fn copyright() -> String {
+    format!(
+        "~ rustbuster v{} ~ by phra & ps1dr3x ~
+",
+        VERSION
+    )
 }
 
 pub fn configuration(mode: &str, url: &str, threads: &str, wordlist: &str) -> String {

src/dirbuster/mod.rs

@@ -44,7 +44,8 @@ fn make_request_future(
         request_builder.header(header_tuple.0.as_str(), header_tuple.1.as_str());
     }
 
-    let request = request_builder.header("User-Agent", &config.user_agent[..])
+    let request = request_builder
+        .header("User-Agent", &config.user_agent[..])
         .method(&config.http_method[..])
         .uri(&url)
         .header("Host", url.host().unwrap())
@@ -57,7 +58,14 @@ fn make_request_future(
             let status = res.status();
             target.status = status.to_string();
             if status.is_redirection() {
-                target.extra = Some(res.headers().get("Location").unwrap().to_str().unwrap().to_owned());
+                target.extra = Some(
+                    res.headers()
+                        .get("Location")
+                        .unwrap()
+                        .to_str()
+                        .unwrap()
+                        .to_owned(),
+                );
             }
 
             tx.send(target).unwrap();

src/dirbuster/utils.rs

@@ -1,7 +1,4 @@
-use std::{
-    fs, fs::File, path::Path, str,
-    io::Write
-};
+use std::{fs, fs::File, io::Write, path::Path, str};
 
 use super::result_processor::SingleDirScanResult;
 
@@ -13,7 +10,8 @@ pub fn build_urls(
 ) -> Vec<hyper::Uri> {
     debug!("building urls");
     let mut urls: Vec<hyper::Uri> = Vec::new();
-    let wordlist = fs::read_to_string(wordlist_path).expect("Something went wrong reading the wordlist file");
+    let wordlist =
+        fs::read_to_string(wordlist_path).expect("Something went wrong reading the wordlist file");
     let urls_iter = wordlist
         .lines()
         .filter(|word| !word.starts_with('#') && !word.starts_with(' '))
@@ -94,6 +92,6 @@ pub fn save_dir_results(path: &str, results: &Vec<SingleDirScanResult>) {
 pub fn split_http_headers(header: &str) -> (String, String) {
     let index = header.find(':').unwrap_or(0);
     let header_name = header[..index].to_owned();
-    let header_value = header[index+2..].to_owned();
+    let header_value = header[index + 2..].to_owned();
     (header_name, header_value)
 }

src/dnsbuster/mod.rs

@@ -1,7 +1,7 @@
 use futures::{future, Future, Stream};
 use hyper::rt;
 
-use std::{sync::mpsc::Sender, net::ToSocketAddrs};
+use std::{net::ToSocketAddrs, sync::mpsc::Sender};
 
 pub mod result_processor;
 pub mod utils;
@@ -10,12 +10,12 @@ use result_processor::SingleDnsScanResult;
 
 #[derive(Debug, Clone)]
 pub struct DnsConfig {
-    pub n_threads: usize
+    pub n_threads: usize,
 }
 
 fn make_request_future(
     tx: Sender<SingleDnsScanResult>,
-    domain: String
+    domain: String,
 ) -> impl Future<Item = (), Error = ()> {
     future::lazy(move || {
         match domain.to_socket_addrs() {

src/dnsbuster/utils.rs

@@ -1,10 +1,11 @@
-use std::{fs, path, io::Write};
+use std::{fs, io::Write, path};
 
 use super::result_processor::SingleDnsScanResult;
 
 pub fn build_domains(wordlist_path: &str, url: &str) -> Vec<String> {
     debug!("building urls");
-    fs::read_to_string(wordlist_path).expect("Something went wrong reading the wordlist file")
+    fs::read_to_string(wordlist_path)
+        .expect("Something went wrong reading the wordlist file")
         .lines()
         .filter(|word| !word.starts_with('#') && !word.starts_with(' '))
         .map(|word| format!("{}.{}:80", word, url))