From 25974023951ef509d83245d783a0430e9646ed65 Mon Sep 17 00:00:00 2001 From: pimps Date: Tue, 14 Feb 2023 11:57:49 +1100 Subject: [PATCH 1/2] Adding ability to print full http requests This commit adds the ability to print full HTTP request in canary. This is useful for multiple reasons. To be able to use the new functionality just add a new line in the .env file `FULL_HTTP_REQUEST=true`. --- libknary/http.go | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/libknary/http.go b/libknary/http.go index 41a8614..9831155 100644 --- a/libknary/http.go +++ b/libknary/http.go @@ -247,12 +247,19 @@ func handleRequest(conn net.Conn) bool { } if cookie != "" { - msg = fmt.Sprintf("%s\n```Query: %s\n%s\n%s\nFrom: %s", host, query, userAgent, cookie, fromIP) - + if os.Getenv("FULL_HTTP_REQUEST") != "" { + msg = fmt.Sprintf("%s\n```Query: %s\n%s\n%s\nFrom: %s\n\n---------- FULL REQUEST ----------\n%s\n----------------------------------", host, query, userAgent, cookie, fromIP, response) + } else { + msg = fmt.Sprintf("%s\n```Query: %s\n%s\n%s\nFrom: %s", host, query, userAgent, cookie, fromIP) + } } else { - msg = fmt.Sprintf("%s\n```Query: %s\n%s\nFrom: %s", host, query, userAgent, fromIP) - + if os.Getenv("FULL_HTTP_REQUEST") != "" { + msg = fmt.Sprintf("%s\n```Query: %s\n%s\nFrom: %s\n\n---------- FULL REQUEST ----------\n%s\n----------------------------------", host, query, userAgent, fromIP, response) + } else { + msg = fmt.Sprintf("%s\n```Query: %s\n%s\nFrom: %s", host, query, userAgent, fromIP) + } } + go sendMsg(msg + "```") if os.Getenv("DEBUG") == "true" { logger("INFO", fromIP+" - "+host) From ecf02d12391076a6894243c2f369bc32508e60ce Mon Sep 17 00:00:00 2001 From: sudosammy Date: Thu, 16 Feb 2023 21:54:55 +0800 Subject: [PATCH 2/2] add FULL_HTTP_REQUEST support & --help --- VERSION | 2 +- examples/README.md | 1 + main.go | 10 +++++++++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index a423d42..8a0feb9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.4.2 \ No newline at end of file +3.4.3 \ No newline at end of file diff --git a/examples/README.md b/examples/README.md index a68fadb..bcf548f 100644 --- a/examples/README.md +++ b/examples/README.md @@ -30,6 +30,7 @@ If you are running Burp Collaborator on the same server as knary, you will need * `BURP_INT_IP` __Optional__ The internal IP address that Burp Collaborator is bound to. In most cases this will be `127.0.0.1` (which is the default); however, if you run knary in Docker you may need to set this to the Burp Collaborator IP address reachable from within the knary container ## Optional Configurations +* `FULL_HTTP_REQUEST` Set to `true` to display the full request made to knary, otherwise use the default mininal set * `TLS_*` (CRT/KEY). If you're not using the `LETS_ENCRYPT` configuration use these environment variables to configure the location of your certificate and private key for accepting TLS (HTTPS) requests. Example input `TLS_KEY=certs/knary.key` * `DEBUG` Enable/Disable displaying incoming requests in the terminal and some additional info. Default disabled (true/false) * `ALLOWLIST_STRICT` Set to `true` to prevent fuzzy matching on allowlist items and only alert on exact matches diff --git a/main.go b/main.go index 1e0eae3..4d463ae 100644 --- a/main.go +++ b/main.go @@ -5,6 +5,7 @@ import ( "github.com/joho/godotenv" "github.com/miekg/dns" + "flag" "fmt" "log" "os" @@ -14,12 +15,19 @@ import ( ) const ( - VERSION = "3.4.2" + VERSION = "3.4.3" GITHUB = "https://github.com/sudosammy/knary" GITHUBVERSION = "https://raw.githubusercontent.com/sudosammy/knary/master/VERSION" ) func main() { + var help = flag.Bool("help", false, "Show help") + flag.Parse() + if *help { + libknary.Printy("Find all configuration options and example .env files here: "+GITHUB+"/tree/master/examples", 3) + os.Exit(0) + } + // load enviro variables err := godotenv.Load() if os.Getenv("CANARY_DOMAIN") == "" {