Update v4.6.1

j3ssie · Oct 21, 2023 · a753dec · a753dec
1 parent 40ebdc2
commit a753dec
Show file tree

Hide file tree

Showing 8 changed files with 86 additions and 9 deletions.
diff --git a/cmd/root.go b/cmd/root.go
@@ -70,6 +70,7 @@ func init() {
 	RootCmd.PersistentFlags().StringVarP(&options.ScanID, "sid", "s", "", "Scan ID to continue the scan without create new scan record")
 	RootCmd.PersistentFlags().BoolVarP(&options.Resume, "resume", "R", false, "Enable Resume mode to skip modules that have already been finished")
 	RootCmd.PersistentFlags().BoolVar(&options.Debug, "debug", false, "Enable Debug output")
+	RootCmd.PersistentFlags().BoolVarP(&options.Verbose, "verbose", "v", false, "Enable verbose output")
 	RootCmd.PersistentFlags().BoolVarP(&options.Quite, "quite", "q", false, "Show only essential information")
 	RootCmd.PersistentFlags().BoolVar(&options.FullHelp, "hh", false, "Show full help message")
 	RootCmd.PersistentFlags().BoolVar(&options.WildCardCheck, "ww", false, "Check for wildcard target")

diff --git a/cmd/usage.go b/cmd/usage.go
@@ -70,6 +70,9 @@ func ScanExmaples() string {
 	h += color.HiBlueString("\n  ## Start the scan with chunk inputs to review the output way more much faster\n")
 	h += "  osmedeus scan --chunk --chunk-parts 20 -f cidr -t list-of-100-cidr.txt\n"
 
+	h += color.HiBlueString("\n  ## Update the vulnerability database to the latest before starting the scan\n")
+	h += "  osmedeus scan --update-vuln -f urls -t list-of-100-cidr.txt\n"
+
 	h += color.HiBlueString("\n  ## Continuously run the scan on a target right after it finished\n")
 	h += "  osmedeus utils cron --for --cmd 'osmedeus scan -t example.com'\n"
 
@@ -128,6 +131,7 @@ func UtilsUsage() string {
 	h += color.HiBlueString("  ## Workflow utilities\n")
 	h += "  osmedeus workflow list \n"
 	h += "  osmedeus workflow view -f general\n"
+	h += "  osmedeus workflow view -v -f general\n"
 	h += "\n"
 
 	h += color.HiBlueString("  ## Tmux utilities\n")

diff --git a/cmd/workflow.go b/cmd/workflow.go
@@ -161,10 +161,13 @@ func viewWorkflow(workflowName string) error {
 			skippingFlags = append(skippingFlags, fmt.Sprintf("%v=%v", key, value))
 		}
 
-		if strings.Contains(key, "thread") || strings.Contains(key, "Thread") {
-			value = color.HiYellowString(value)
-			ThreadsFlags = append(ThreadsFlags, fmt.Sprintf("%v=%v", key, value))
+		if options.Verbose {
+			if strings.Contains(key, "thread") || strings.Contains(key, "Thread") {
+				value = color.HiYellowString(value)
+				ThreadsFlags = append(ThreadsFlags, fmt.Sprintf("%v=%v", key, value))
+			}
 		}
+
 	}
 
 	workflowInfo := fmt.Sprintf("Name: %v", color.HiCyanString(parsedFlow.Name)) + ", " + fmt.Sprintf("Total Steps: %v", color.HiCyanString("%v", totalSteps)) + ", " + fmt.Sprintf("Total Modules: %v", color.HiCyanString("%v", totalModules))
@@ -183,9 +186,11 @@ func viewWorkflow(workflowName string) error {
 		"Skippable Parameters", strings.Join(skippingFlags, ", "),
 	})
 
-	content = append(content, []string{
-		"Speed Control Parameters", strings.Join(ThreadsFlags, ", "),
-	})
+	if options.Verbose {
+		content = append(content, []string{
+			"Speed Control Parameters", strings.Join(ThreadsFlags, ", "),
+		})
+	}
 
 	if parsedFlow.Usage != "" {
 		content = append(content, []string{

diff --git a/core/reference.go b/core/reference.go
@@ -43,6 +43,7 @@ const (
 	CastToInt         = "CastToInt"
 	StripSlash        = "StripSlash"
 	Printf            = "Printf"
+	Warnf             = "Warnf"
 	Cat               = "Cat"
 	SortU             = "SortU"
 	SplitFile         = "SplitFile"

diff --git a/core/runner.go b/core/runner.go
@@ -264,7 +264,6 @@ func (r *Runner) ResolveRoutine() {
 	var routines []libs.Routine
 
 	for _, rawRoutine := range r.Routines {
-
 		var routine libs.Routine
 		for _, module := range rawRoutine.ParsedModules {
 			module = ResolveReports(module, r.Params)
@@ -300,6 +299,65 @@ func (r *Runner) ResolveRoutine() {
 		routines = append(routines, routine)
 	}
 	r.Routines = routines
+
+	// print some info about the routine
+	var totalSteps, totalModules int
+	parameters := make(map[string]string)
+	for k, v := range r.Params {
+		parameters[k] = v
+	}
+
+	for _, routine := range r.Routines {
+		// loop through all modules to get the parameters
+		for _, module := range routine.ParsedModules {
+			for _, param := range module.Params {
+				for k, v := range param {
+					_, exist := parameters[k]
+					if module.ForceParams && exist {
+						continue
+					}
+					parameters[k] = v
+				}
+			}
+			totalSteps += len(module.Steps)
+			totalModules++
+		}
+	}
+
+	var toggleFlags, skippingFlags, ThreadsFlags []string
+	for key, value := range parameters {
+		colorKey := color.HiMagentaString(key)
+
+		if value == "true" {
+			value = color.GreenString(value)
+		} else if value == "false" {
+			value = color.RedString(value)
+		}
+
+		if strings.HasPrefix(key, "enable") {
+			toggleFlags = append(toggleFlags, fmt.Sprintf("%v=%v", colorKey, value))
+		}
+
+		if strings.HasPrefix(key, "skip") {
+			skippingFlags = append(skippingFlags, fmt.Sprintf("%v=%v", colorKey, value))
+		}
+
+		if r.Opt.Verbose {
+			if strings.Contains(key, "thread") || strings.Contains(key, "Thread") {
+				value = color.HiYellowString(value)
+				ThreadsFlags = append(ThreadsFlags, fmt.Sprintf("%v=%v", colorKey, value))
+			}
+		}
+
+	}
+
+	if len(toggleFlags) > 0 || len(skippingFlags) > 0 {
+		utils.InforF("🔘 Toggleable and Skippable Parameters that being use: %v, %v", strings.Join(toggleFlags, ", "), strings.Join(skippingFlags, ", "))
+		if r.Opt.Verbose {
+			utils.InforF("🚀 Speed Control that being use: %v", strings.Join(ThreadsFlags, ", "))
+		}
+		utils.InforF("💡 You can skip/enable some parater to speed up the scan or get more result. See more with the usage %v", color.HiBlueString("osmedeus workflow view -v -f %v", r.RoutineName))
+	}
 }
 
 func (r *Runner) Start() {

diff --git a/core/runtime.go b/core/runtime.go
@@ -229,7 +229,14 @@ func (r *Runner) LoadScripts() string {
 
 	// Printf simply print a string to console
 	vm.Set(Printf, func(call otto.FunctionCall) otto.Value {
-		fmt.Printf("%v\n", color.HiCyanString(call.Argument(0).String()))
+		utils.InforF(" %v", color.HiWhiteString(call.Argument(0).String()))
+		returnValue, _ := otto.ToValue(true)
+		return returnValue
+	})
+
+	// Warnf simply print a string to console
+	vm.Set(Warnf, func(call otto.FunctionCall) otto.Value {
+		utils.InforF(" %v", color.HiRedString(call.Argument(0).String()))
 		returnValue, _ := otto.ToValue(true)
 		return returnValue
 	})

diff --git a/core/update.go b/core/update.go
@@ -247,7 +247,7 @@ func Update(opt libs.Options) {
 }
 
 func UpdateVuln(opt libs.Options) {
-	utils.InforF("Updating Vulnerability Database only")
+	utils.InforF("Updating Vulnerability Database to the latest version")
 
 	// update nuclei templates
 	utils.DebugF("Updating Nuclei Templates")

diff --git a/utils/log.go b/utils/log.go
@@ -59,6 +59,7 @@ func InitLog(options *libs.Options) {
 
 	if options.Debug == true {
 		logger.SetLevel(logrus.DebugLevel)
+		options.Verbose = true
 	} else if options.Verbose == true {
 		logger.SetLevel(logrus.ErrorLevel)
 	} else if options.Quite == true {