I am trying to run nikto -h {url} on kali. My nikto -h command works fine, but when I add an URL, nothing is output.
I am not sure if it is the process or something else.
How can I see the output directly rather than buffering and displaying it?
package main
import (
"bytes"
"fmt"
"log"
"os/exec"
// "strings"
)
func main() {
cmd := exec.Command("nikto","-h","google.com")
// cmd.Stdin = strings.NewReader("some input")
var out bytes.Buffer
cmd.Stdout = &out
err := cmd.Run()
if err != nil {
log.Fatal(err)
}
}
As #Adrian suggested in the comments, using os.Stdout works
package main
import (
"log"
"os"
"os/exec"
)
func main() {
cmd := exec.Command("ls", "-l")
cmd.Stdout = os.Stdout
err := cmd.Run()
if err != nil {
log.Fatal(err)
}
}
Related
I am trying to convert raw byte strings into UUIDs in my program as follows:
Case1:
package main
import (
"fmt"
"strconv"
"github.com/google/uuid"
)
func main() {
s := `"\220\254\0021\265\235O~\244\326\216\"\227c\245\002"`
s2, err := strconv.Unquote(s)
if err != nil {
panic(err)
}
by := []byte(s2)
u, err := uuid.FromBytes(by)
if err != nil {
panic(err)
}
fmt.Println(u.String())
}
output:
90ac0231-b59d-4f7e-a4d6-8e229763a502
Case2:
package main
import (
"fmt"
"strconv"
"github.com/google/uuid"
)
func main() {
s := `"\235\273\'\021\003\261#\022\226\275o\265\322\002\211\263"`
s2, err := strconv.Unquote(s)
if err != nil {
panic(err)
}
by := []byte(s2)
u, err := uuid.FromBytes(by)
if err != nil {
panic(err)
}
fmt.Println(u.String())
}
output:
panic: invalid syntax
goroutine 1 [running]:
main.main()
/tmp/sandbox1756881518/prog.go:14 +0x149
Program exited.
The above program is working with string "\220\254\0021\265\235O~\244\326\216\"\227c\245\002" but fails at converting string "\235\273\'\021\003\261#\022\226\275o\265\322\002\211\263" into uuid. How can I convert these strings into UUIDs?
If fails because of \'. When using backticks, all backslashes are literally backslashes and not escape sequences, so you are passing raw backslash \, followed by single quote ' to the strconv.Unquote. It causes invalid syntax. There are two workarounds here:
First
Just replace this line:
s := `"\235\273\'\021\003\261#\022\226\275o\265\322\002\211\263"`
with this:
s := `"\235\273'\021\003\261#\022\226\275o\265\322\002\211\263"`
So there is ' not \'. But if you need to programmatically convert the string, use the second approach.
Second
Import "strings":
import (
"fmt"
"strconv"
"strings"
"github.com/google/uuid"
)
And replace \' with ':
s = strings.ReplaceAll(s, `\'`, `'`)
So the full code looks like this now:
package main
import (
"fmt"
"strconv"
"strings"
"github.com/google/uuid"
)
func main() {
s := `"\235\273\'\021\003\261#\022\226\275o\265\322\002\211\263"`
s = strings.ReplaceAll(s, `\'`, `'`)
s2, err := strconv.Unquote(s)
if err != nil {
fmt.Println(err)
}
by := []byte(s2)
u, err := uuid.FromBytes(by)
if err != nil {
fmt.Println(err)
}
fmt.Println(u.String())
}
On Linux I use the following code to enable and disable console echo:
unix.IoctlGetTermios(int(os.Stdin.Fd()), unix.TCGETS)
unix.IoctlSetTermios(unix.Stdout, unix.TCSETS, term)
But it won't compile on Mac, what should I use on Mac?
You could use TIOCGETA and TIOCSETA instead on Mac OS
// IoctlSetTermios performs an ioctl on fd with a *Termios.
//
// The req value will usually be TCSETA or TIOCSETA.
func IoctlSetTermios(fd int, req uint, value *Termios) error {
import (
"bufio"
"fmt"
"log"
"os"
"golang.org/x/sys/unix"
)
func main() {
STDIN := int(os.Stdin.Fd())
tio, err := unix.IoctlGetTermios(STDIN, unix.TIOCGETA)
if err != nil {
log.Fatal(err)
}
fmt.Println("Input sth:")
tio.Lflag &^= unix.ECHO
err = unix.IoctlSetTermios(STDIN, unix.TIOCSETA, tio)
if err != nil {
log.Fatal(err)
}
reader := bufio.NewReader(os.Stdin)
line, _ := reader.ReadString('\n')
tio.Lflag |= unix.ECHO
err = unix.IoctlSetTermios(STDIN, unix.TIOCSETA, tio)
if err != nil {
log.Fatal(err)
}
fmt.Println(line)
}
Instead of using unix.TCGETS / unix.TIOCGETA or unix.TCSETS / unix.TIOCSETA you can define constants in different files and then use build constraints to build those files based on the operating system.
You can check how github.com/moby/term does it here:
https://github.com/moby/term/blob/c43b287e0e0f2460e4ba913936af2f6bdcbe9ed5/termios_bsd.go
https://github.com/moby/term/blob/c43b287e0e0f2460e4ba913936af2f6bdcbe9ed5/termios_nonbsd.go
With this method your code is decoupled from the operating system and you can always use the same constant.
In Go, I am trying to create a function that reads and processes the next line of input:
// Read a string of hex from stdin and parse to an array of bytes
func ReadHex() []byte {
r := bufio.NewReader(os.Stdin)
t, _ := r.ReadString('\n')
data, _ := hex.DecodeString(strings.TrimSpace(t))
return data
}
Unfortunately, this only works the first time it is called. It captures the first line but is unable to capture subsequent lines piped via standard input.
I suspect, if the same persistent bufio.Reader() object was used on each subsequent call, it would work but I haven't been able to achieve this without passing it manually on each function call.
Yes, try this:
package main
import (
"bufio"
"encoding/hex"
"fmt"
"log"
"os"
"strings"
)
func ReadFunc() func() []byte {
r := bufio.NewReader(os.Stdin)
return func() []byte {
t, err := r.ReadString('\n')
if err != nil {
log.Fatal(err)
}
data, err := hex.DecodeString(strings.TrimSpace(t))
if err != nil {
log.Fatal(err)
}
return data
}
}
func main() {
r, w, err := os.Pipe()
if err != nil {
log.Fatal(err)
}
os.Stdin = r
w.Write([]byte(`ffff
cafebabe
ff
`))
w.Close()
ReadHex := ReadFunc()
fmt.Println(ReadHex())
fmt.Println(ReadHex())
fmt.Println(ReadHex())
}
Output:
[255 255]
[202 254 186 190]
[255]
Using a struct, try this:
package main
import (
"bufio"
"encoding/hex"
"fmt"
"io"
"log"
"os"
"strings"
)
// InputReader struct
type InputReader struct {
bufio.Reader
}
// New creates an InputReader
func New(rd io.Reader) *InputReader {
return &InputReader{Reader: *bufio.NewReader(rd)}
}
// ReadHex returns a string of hex from stdin and parse to an array of bytes
func (r *InputReader) ReadHex() []byte {
t, err := r.ReadString('\n')
if err != nil {
log.Fatal(err)
}
data, err := hex.DecodeString(strings.TrimSpace(t))
if err != nil {
log.Fatal(err)
}
return data
}
func main() {
r, w, err := os.Pipe()
if err != nil {
log.Fatal(err)
}
os.Stdin = r
w.Write([]byte(`ffff
cafebabe
ff
`))
w.Close()
rdr := New(os.Stdin)
fmt.Println(rdr.ReadHex())
fmt.Println(rdr.ReadHex())
fmt.Println(rdr.ReadHex())
}
I am trying to automate a process in Go. I have been able to implement threads and do the process accordingly however the output is mixed and matched.
I was wondering if there is a way to show the output as it is produced by the program and according to the program's process. So if task A completes before task B, we show A's output before B, or vice-versa.
package main
import (
"fmt"
"log"
"os"
"os/exec"
"sync"
)
var url string
var wg sync.WaitGroup
func nikto() {
cmd := exec.Command("nikto", "-h", url)
cmd.Stdout = os.Stdout
err := cmd.Run()
if err != nil {
log.Fatal(err)
}
wg.Done()
}
func whois() {
cmd := exec.Command("whois", "google.co")
cmd.Stdout = os.Stdout
err := cmd.Run()
if err != nil {
log.Fatal(err)
}
wg.Done()
}
func main() {
fmt.Printf("Please input URL")
fmt.Scanln(&url)
wg.Add(1)
go nikto()
wg.Add(1)
go whois()
wg.Wait()
}
In your process, you pass the os.Stdout file descriptor directly to the commands you invoke to run your child processes. This means the STDOUT pipe of the child processes will be connected directly to your Go program's standard output, and will likely be interleaved if both child processes write simultaneously.
The simplest way to fix this requires you to buffer the output from the STDOUT pipe of the child process in your Go program, so you can intercept the output and control when it is printed.
The Cmd type in the os/exec package provides a function call Output() which will invoke the child process and return the contents of STDOUT in a byte slice. Your code can be adapted with ease to implement this pattern and process the results, for example:
func whois() {
cmd := exec.Command("whois", "google.co")
out, err := cmd.Output()
if err != nil {
log.Fatal(err)
}
fmt.Println(out)
wg.Done()
}
Interleaving of output
If you use functions in the fmt package to print output, there is no guarantee that concurrent calls to fmt.Println will not be interleaved.
To prevent interleaving, you may choose to serialize access to STDOUT, or use a logger which is safe for concurrent use (such as the log package). Here is an example of serializing access to STDOUT in the Go process:
package main
import (
"fmt"
"log"
"os/exec"
"sync"
)
var url string
func nikto(outChan chan<- []byte) {
cmd := exec.Command("nikto", "-h", url)
bs, err := cmd.Output()
if err != nil {
log.Fatal(err)
}
outChan <- bs
}
func whois(outChan chan<- []byte) {
cmd := exec.Command("whois", "google.com")
bs, err := cmd.Output()
if err != nil {
log.Fatal(err)
}
outChan <- bs
}
func main() {
outChan := make(chan []byte)
fmt.Printf("Please input URL")
fmt.Scanln(&url)
go nikto(outChan)
go whois(outChan)
for i := 0; i < 2; i++ {
bs := <-outChan
fmt.Println(string(bs))
}
}
i am trying to create a simple program to read lines from a text file and print them out to the console in golang. I spent lots of time going over my code and I simply can't understand why only the last line is being printed out to the screen. can anyone tell me where I am going wrong here? Everything here should compile and run.
package main
import (
"bufio"
"fmt"
"os"
)
func Readln(r *bufio.Reader) (string, error) {
var (
isPrefix bool = true
err error = nil
line, ln []byte
)
for isPrefix && err == nil {
line, isPrefix, err = r.ReadLine()
ln = append(ln, line...)
}
return string(ln), err
}
func main() {
f, err := os.Open("tickers.txt")
if err != nil {
fmt.Printf("error opening file: %v\n", err)
os.Exit(1)
}
r := bufio.NewReader(f)
s, e := Readln(r)
for e == nil {
fmt.Println(s)
s, e = Readln(r)
}
}
I therefore suspect that the problem is in your tickers.txt file line endings. The docs for ReadLine() also indicate that for most situations a Scanner is more suitable.
The following SO question has some useful information for alternative implementations: reading file line by line in go
I then used the example in the above question to re-implement your main function as follows:
f, err := os.Open("tickers.txt")
if err != nil {
fmt.Printf("error opening file: %v\n", err)
os.Exit(1)
}
scanner := bufio.NewScanner(f)
for scanner.Scan() {
fmt.Println(scanner.Text())
}
if err := scanner.Err(); err != nil {
fmt.Println(err)
}