sensepost
vhosts support
Hi, it seems I'm not alone who wants this feature:
- https://github.com/sensepost/gowitness/issues/189
- https://github.com/sensepost/gowitness/issues/192
Basically it checks whether input urls for scan file mode ends with ##<ipaddr> and utilizes host-resolver-rules and host-rules chrome flags (https://github.com/chromedp/chromedp/issues/985#issuecomment-1008362284)
##<ipaddr> is cutted from the end before passed into chromedp.Navigate
example usage:
echo -ne 'http://example.com/\nhttp://example.com:80/##127.0.0.1\nhttps://example.com/##94.142.255.18\n' | ./build/gowitness-3.0.5-linux-amd64 scan file -f - -D --screenshot-skip-save --write-screenshots --write-db --write-stdout --write-db-uri sqlite://gowitness.sqlite3
example output:
I've been wondering about the implementation here and I think we should instead of asking users to prepare files by adding a suffix for resolver information for each entry, rather have a command line option for this. I'm thinking something along the lines of resolver-override=example.com:127.0.0.1 (allowed to be specified multiple times ofc) or similar.
This obviously removes the ability to have per input file entry overrides like this PR gives, (I'm not sure about a use case where the same domain will need to have different resolution's), but makes parsing simpler while also making it compatible with any reader.
Anyone have thoughts?
