├── .github
    ├── ISSUE_TEMPLATE
    │   ├── config.yml
    │   ├── feature_request.md
    │   └── bug_report.md
    ├── workflows
    │   ├── gosec.yml
    │   └── gorelease.yml
    ├── pull_request_template.md
    ├── FUNDING.yml
    ├── .goreleaser.yml
    └── autoreleaser-helper.ps1
├── .gitattributes
├── icon
    ├── scope.psd
    ├── icon_v2_universal.png
    └── licensed-with-agpl-v3.svg
├── go.mod
├── go.sum
├── src
    └── hacker-scoper
    │   ├── firebounty_path_default.go
    │   ├── firebounty_path_linux.go
    │   ├── firebounty_path_windows.go
    │   ├── is_benchmark_stub.go
    │   ├── is_vscode_debug_stub.go
    │   ├── is_vscode_debug_real.go
    │   ├── is_benchmark_real.go
    │   ├── main_test.go
    │   └── main.go
├── .gitignore
├── CONTRIBUTING.md
├── choco
    ├── chocolateyinstall_template.ps1
    ├── hacker-scoper
    │   ├── tools
    │   │   ├── chocolateyinstall.ps1
    │   │   ├── VERIFICATION.txt
    │   │   └── LICENSE.txt
    │   └── hacker-scoper.nuspec
    └── hacker-scoper_template.nuspec
├── SECURITY.md
├── README.md
└── LICENSE


/.github/ISSUE_TEMPLATE/config.yml:
--------------------------------------------------------------------------------
1 | blank_issues_enabled: false


--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 | 


--------------------------------------------------------------------------------
/icon/scope.psd:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ItsIgnacioPortal/Hacker-Scoper/HEAD/icon/scope.psd


--------------------------------------------------------------------------------
/icon/icon_v2_universal.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ItsIgnacioPortal/Hacker-Scoper/HEAD/icon/icon_v2_universal.png


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
1 | module github.com/ItsIgnacioPortal/hacker-scoper/src/hacker-scoper
2 | 
3 | go 1.23.0
4 | 
5 | toolchain go1.23.3
6 | 
7 | require golang.org/x/net v0.40.0
8 | 


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
1 | golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
2 | golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
3 | 


--------------------------------------------------------------------------------
/src/hacker-scoper/firebounty_path_default.go:
--------------------------------------------------------------------------------
1 | //go:build !windows && !linux
2 | 
3 | package main
4 | 
5 | func getFirebountyJSONPath() string {
6 | 	return ""
7 | }
8 | 


--------------------------------------------------------------------------------
/src/hacker-scoper/firebounty_path_linux.go:
--------------------------------------------------------------------------------
1 | //go:build linux
2 | package main
3 | 
4 | func getFirebountyJSONPath() string {
5 |     return "/etc/hacker-scoper/"
6 | }


--------------------------------------------------------------------------------
/src/hacker-scoper/firebounty_path_windows.go:
--------------------------------------------------------------------------------
1 | //go:build windows
2 | package main
3 | 
4 | import "os"
5 | 
6 | func getFirebountyJSONPath() string {
7 |     return os.Getenv("APPDATA") + "\\hacker-scoper\\"
8 | }


--------------------------------------------------------------------------------
/src/hacker-scoper/is_benchmark_stub.go:
--------------------------------------------------------------------------------
 1 | //go:build !benchmark
 2 | 
 3 | package main
 4 | 
 5 | func StartBenchmark() bool {
 6 | 	return true
 7 | }
 8 | 
 9 | func StopBenchmark() bool {
10 | 	return true
11 | }
12 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | .vscode
 2 | hacker-scoper.exe
 3 | main.exe
 4 | *.zip
 5 | *.nupkg
 6 | list.txt
 7 | list-upserve.txt
 8 | .inscope
 9 | .noscope
10 | inscope.txt
11 | noscope.txt
12 | benchmarking
13 | # Added by goreleaser init:
14 | dist/
15 | recording.pws


--------------------------------------------------------------------------------
/src/hacker-scoper/is_vscode_debug_stub.go:
--------------------------------------------------------------------------------
1 | //go:build !vscode_debug
2 | 
3 | package main
4 | 
5 | // isVSCodeDebug is a stub that always reports “not debugging”.
6 | // It is compiled when the “vscode_debug” tag is NOT present, i.e. for production builds.
7 | func isVSCodeDebug() bool { return false }
8 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | To contribute to Hacker-Scoper simply make a fork of the main branch, and open a pull request.
2 | 
3 | If you've added new functionality to the proyect, make sure to make update the proyect `README.md` and the built-in `--help`. Also make sure to add relevant unit-tests into the `main_test.go` file.
4 | 
5 | If the changes you've proposed are relevant to an existing issue in the proyect, please make sure to share a link to it.
6 | 


--------------------------------------------------------------------------------
/src/hacker-scoper/is_vscode_debug_real.go:
--------------------------------------------------------------------------------
 1 | //go:build vscode_debug
 2 | 
 3 | package main
 4 | 
 5 | import "os"
 6 | 
 7 | // isVSCodeDebug reports whether the process is running under VS Code’s debugger.
 8 | // This file is compiled only when the “vscode_debug” build tag is present.
 9 | func isVSCodeDebug() bool {
10 | 	// You can also check for any other marker you set in the launch config.
11 | 	return os.Getenv("VSCODE_DEBUG") == "true"
12 | }
13 | 


--------------------------------------------------------------------------------
/.github/workflows/gosec.yml:
--------------------------------------------------------------------------------
 1 | name: GoSec Security Checker
 2 | on:
 3 |   push:
 4 |     branches:
 5 |       - main
 6 |   pull_request:
 7 |     branches:
 8 |       - main
 9 |   workflow_dispatch:
10 | 
11 | jobs:
12 |   tests:
13 |     runs-on: ubuntu-latest
14 |     env:
15 |       GO111MODULE: on
16 |     steps:
17 |       - name: Checkout Source
18 |         uses: actions/checkout@v3
19 |       - name: Run Gosec Security Scanner
20 |         uses: securego/gosec@master
21 |         with:
22 |           args: ./...


--------------------------------------------------------------------------------
/choco/chocolateyinstall_template.ps1:
--------------------------------------------------------------------------------
 1 | $ErrorActionPreference = 'Stop'; # stop on all errors
 2 | $toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
 3 | 
 4 | $packageArgs = @{
 5 |   packageName   = $env:ChocolateyPackageName
 6 |   destination   = "$toolsDir"
 7 |   file          = "$toolsDir\hacker-scoper_VERSIONHERE_windows_32-bit.zip"
 8 |   file64        = "$toolsDir\hacker-scoper_VERSIONHERE_windows_64-bit.zip"
 9 | }
10 | 
11 | Get-ChocolateyUnzip @packageArgs
12 | Remove-Item -Path $packageArgs.file,$packageArgs.file64


--------------------------------------------------------------------------------
/choco/hacker-scoper/tools/chocolateyinstall.ps1:
--------------------------------------------------------------------------------
 1 | $ErrorActionPreference = 'Stop'; # stop on all errors
 2 | $toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
 3 | 
 4 | $packageArgs = @{
 5 |   packageName   = $env:ChocolateyPackageName
 6 |   destination   = "$toolsDir"
 7 |   file          = "$toolsDir\hacker-scoper_VERSIONHERE_windows_386.zip"
 8 |   file64        = "$toolsDir\hacker-scoper_VERSIONHERE_windows_amd64.zip"
 9 | }
10 | 
11 | Get-ChocolateyUnzip @packageArgs
12 | Remove-Item -Path $packageArgs.file,$packageArgs.file64


--------------------------------------------------------------------------------
/icon/licensed-with-agpl-v3.svg:
--------------------------------------------------------------------------------
1 | <svg xmlns="http://www.w3.org/2000/svg" width="223.5833511352539" height="35" viewBox="0 0 223.5833511352539 35"><rect width="132.58334350585938" height="35" fill="#e67a39"/><rect x="132.58334350585938" width="91.00000762939453" height="35" fill="#bd612a"/><text x="66.29167175292969" y="21.5" font-size="12" font-family="'Roboto', sans-serif" fill="#FFFFFF" text-anchor="middle" letter-spacing="2">LICENSED WITH</text><text x="178.08334732055664" y="21.5" font-size="12" font-family="'Montserrat', sans-serif" fill="#FFFFFF" text-anchor="middle" font-weight="900" letter-spacing="2">AGPL V3</text></svg>


--------------------------------------------------------------------------------
/.github/pull_request_template.md:
--------------------------------------------------------------------------------
1 | <!-- A clear and concise description of the changes you've made in this Pull Request -->
2 | This PR implements ...
3 | 
4 | - [ ] If this PR added new features to the proyect, I've also updated the documentation.
5 | - [ ] I am not making a pull request to fix a security vulnerability. I understand that all security vulnerabilities must be handled according to the [Security Policy](https://github.com/ItsIgnacioPortal/Hacker-Scoper/blob/main/SECURITY.md).
6 | - [ ] I have added relevant unit-tests to the `main_test.go` file.
7 | 
8 | <!-- If this Pull Request is related to an existing issue, link it here-->
9 | This PR fixes/resolves/closes #ISSUE-NUMBER-HERE


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: 💡 Feature request
 3 | about: Suggest an idea for this project
 4 | title: ''
 5 | labels: enhancement
 6 | assignees: ''
 7 | 
 8 | ---
 9 | 
10 | **Is your feature request related to a problem? Please describe.**
11 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
12 | 
13 | **Describe the solution you'd like**
14 | A clear and concise description of what you want to happen.
15 | 
16 | **Describe alternatives you've considered**
17 | A clear and concise description of any alternative solutions or features you've considered.
18 | 
19 | **Additional context**
20 | Add any other context or screenshots about the feature request here.
21 | 


--------------------------------------------------------------------------------
/.github/FUNDING.yml:
--------------------------------------------------------------------------------
 1 | # These are supported funding model platforms
 2 | 
 3 | github: ItsIgnacioPortal
 4 | #patreon: # Replace with a single Patreon username
 5 | #open_collective: # Replace with a single Open Collective username
 6 | #ko_fi: # Replace with a single Ko-fi username
 7 | #tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
 8 | #community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
 9 | #liberapay: # Replace with a single Liberapay username
10 | #issuehunt: # Replace with a single IssueHunt username
11 | #lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
12 | #polar: # Replace with a single Polar username
13 | #buy_me_a_coffee: # Replace with a single Buy Me a Coffee username
14 | #custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
15 | 


--------------------------------------------------------------------------------
/choco/hacker-scoper/tools/VERIFICATION.txt:
--------------------------------------------------------------------------------
1 | VERIFICATION
2 | Verification is intended to assist the Chocolatey moderators and community
3 | in verifying that this package's contents are trustworthy.
4 |  
5 | I, ItsIgnacioPortal, am the author of this software. All chocolatey packages for Hacker-Scoper are securely built and pushed from source code using the Github Action at "https://github.com/ItsIgnacioPortal/Hacker-Scoper/blob/main/.github/workflows/gorelease.yml". Full logs for all runs can be seen at "https://github.com/ItsIgnacioPortal/Hacker-Scoper/actions/workflows/gorelease.yml".
6 | 
7 | Additionally, all github releases have an accompanying "Hacker-Scoper_VERSION_checksums.txt" file which contains the checksums of all files in the release. These may be used to verify the integrity of downloaded assets, and can be accessed at "https://github.com/ItsIgnacioPortal/Hacker-Scoper/releases".


--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
 1 | # Security Policy
 2 | 
 3 | ## Supported Versions
 4 | 
 5 | Only the versions specified in this table receive security updates. If you're using a version that's not in this table, consider upgrading so you can get the latest security fixes.
 6 | 
 7 | | Version | Supported          |
 8 | | ------- | ------------------ |
 9 | | 6.x.x   | :white_check_mark: |
10 | | < 6.0.0 | :x:                |
11 | 
12 | ## Reporting a Vulnerability
13 | 
14 | To report a vulnerability you should contact me directly by emailing me at [5990@protonmail.com](mailto:5990@protonmail.com). **Do not** open a public issue on the repository, since this could open the door for bad actors to abuse the vulnerability you've found. 
15 | 
16 |  You can expect to get a reply from me within 48 hours of making the report. Once I receive your report, I'll verify that the vulnerability exists, and then deploy a fix for all currently supported versions.
17 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: 🐛 Bug report
 3 | about: Create a report to help us improve
 4 | title: ''
 5 | labels: bug
 6 | assignees: ''
 7 | 
 8 | ---
 9 | 
10 | **Describe the bug**
11 | A clear and concise description of what the bug is.
12 | 
13 | **To Reproduce**
14 | Steps to reproduce the behavior:
15 | 
16 | Given the files xyz.txt with the content ...
17 | 1. Do this ...
18 | 2. Then do this ....
19 | 3. See error
20 | 
21 | **Expected behavior**
22 | A clear and concise description of what you expected to happen.
23 | 
24 | **Actual behavior**
25 | A clear and concise description of what actually happened.
26 | 
27 | **Screenshots**
28 | If applicable, add screenshots to help explain your problem.
29 | 
30 | **Environment information:**
31 |  - Hacker-Scoper version: [output of "hacker-scoper --version"]
32 |  - OS: [Windows, Linux, Android]
33 |  - OS Version: 
34 | 
35 | **Additional context**
36 | Add any other context about the problem here.
37 | 


--------------------------------------------------------------------------------
/src/hacker-scoper/is_benchmark_real.go:
--------------------------------------------------------------------------------
 1 | //go:build benchmark
 2 | 
 3 | package main
 4 | 
 5 | import (
 6 | 	"os"
 7 | 	"runtime"
 8 | 	"runtime/pprof"
 9 | )
10 | 
11 | var cpufile *os.File
12 | var ramfile *os.File
13 | 
14 | func StartBenchmark() bool {
15 | 	cpufile, err := os.Create(`.\benchmarking\profiling-output\cpu.prof`)
16 | 	if err != nil {
17 | 		crash("could not create CPU profile: ", err)
18 | 	}
19 | 
20 | 	ramfile, err = os.Create(`.\benchmarking\profiling-output\ram.prof`)
21 | 	if err != nil {
22 | 		crash("could not create CPU profile: ", err)
23 | 	}
24 | 
25 | 	err = pprof.StartCPUProfile(cpufile)
26 | 	if err != nil {
27 | 		crash("could not start CPU profile: ", err)
28 | 	}
29 | 
30 | 	return true
31 | }
32 | 
33 | func StopBenchmark() bool {
34 | 	pprof.StopCPUProfile()
35 | 	cpufile.Close()
36 | 
37 | 	// Get a RAM profile
38 | 	runtime.GC() // get up-to-date statistics
39 | 	// Lookup("allocs") creates a profile similar to go test -memprofile.
40 | 	// Alternatively, use Lookup("heap") for a profile
41 | 	// that has inuse_space as the default index.
42 | 	err := pprof.Lookup("allocs").WriteTo(ramfile, 0)
43 | 	if err != nil {
44 | 		crash("could not write memory profile: ", err)
45 | 	}
46 | 
47 | 	ramfile.Close()
48 | 
49 | 	return true
50 | }
51 | 


--------------------------------------------------------------------------------
/.github/.goreleaser.yml:
--------------------------------------------------------------------------------
 1 | version: 2
 2 | 
 3 | before:
 4 |   hooks:
 5 |     # You may remove this if you don't use go modules.
 6 |     - go mod tidy
 7 | 
 8 | archives:
 9 |   - formats: gz
10 |     files:
11 |       - none*
12 |     # this name template makes the OS and Arch compatible with the results of `uname`.
13 |     name_template: >-
14 |       {{ .ProjectName }}_
15 |       {{- title .Os }}_
16 |       {{- if eq .Arch "amd64" }}64-bit
17 |       {{- else if eq .Arch "386" }}32-bit
18 |       {{- else }}{{ .Arch }}{{ end }}
19 |       {{- if .Arm }}v{{ .Arm }}{{ end }}
20 |     # use zip for windows archives
21 |     format_overrides:
22 |       - goos: windows
23 |         formats: [zip]
24 | 
25 | changelog:
26 |   disable: true
27 | 
28 | release:
29 |   footer: >-
30 | 
31 |     ---
32 | 
33 |     Released by [GoReleaser](https://github.com/goreleaser/goreleaser).
34 | 
35 | builds:
36 |   - main: ./src/hacker-scoper
37 |     ldflags:
38 |     - -s -w
39 |     env:
40 |     - CGO_ENABLED=0
41 |     # GOOS list to build for.
42 |     # For more info refer to: https://golang.org/doc/install/source#environment
43 |     # Defaults are darwin and linux.
44 |     goos:
45 |       - linux
46 |       - windows
47 |       - darwin
48 |       - freebsd
49 | 
50 |     # GOARCH to build for.
51 |     # For more info refer to: https://golang.org/doc/install/source#environment
52 |     # Defaults are 386, amd64 and arm64.
53 |     goarch:
54 |       - amd64
55 |       - arm
56 |       - arm64
57 |       - "386"
58 | 
59 |     overrides:
60 |       - goos: windows
61 |         goarch: any
62 |         tags: windows
63 |       - goos: linux
64 |         goarch: any
65 |         tags: linux
66 |       


--------------------------------------------------------------------------------
/choco/hacker-scoper_template.nuspec:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <!-- Do not remove this test for UTF-8: if “Ω” doesn’t appear as greek uppercase omega letter enclosed in quotation marks, you should use an editor that supports UTF-8, not this one. -->
 3 | <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
 4 |   <metadata>
 5 |     <id>hacker-scoper</id>
 6 |     <version>VERSIONHERE</version>
 7 |     <packageSourceUrl>https://github.com/ItsIgnacioPortal/hacker-scoper</packageSourceUrl>
 8 |     <owners>ItsIgnacioPortal</owners>
 9 | 
10 |     <!-- ============================== -->
11 |     <!-- == SOFTWARE SPECIFIC SECTION == -->
12 |     <!-- This section is about the software itself -->
13 | 
14 |     <title>hacker-scoper (Install)</title>
15 |     <authors>ItsIgnacioPortal</authors>
16 |     <projectUrl>https://github.com/ItsIgnacioPortal/hacker-scoper/</projectUrl>
17 |     <licenseUrl>https://raw.githubusercontent.com/ItsIgnacioPortal/hacker-scoper/main/LICENSE</licenseUrl>
18 |     <requireLicenseAcceptance>true</requireLicenseAcceptance>
19 |     <projectSourceUrl>https://github.com/ItsIgnacioPortal/hacker-scoper</projectSourceUrl>
20 |     <bugTrackerUrl>https://github.com/ItsIgnacioPortal/hacker-scoper/issues</bugTrackerUrl>
21 |     <tags>filter scopes infosec recon bugbounty</tags>
22 |     <summary>A go application to filter scopes for hacking. Specially useful for researchers on bug-bounty programs. </summary>
23 |     <description>This is a GoLang application made to filter scopes for hacking. It's specially useful for researchers on bug-bounty programs. </description>
24 |   </metadata>
25 |   <files>
26 |     <!-- this section controls what actually gets packaged into the Chocolatey package -->
27 |     <file src="tools\**" target="tools" />
28 |   </files>
29 | </package>
30 | 


--------------------------------------------------------------------------------
/choco/hacker-scoper/hacker-scoper.nuspec:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <!-- Do not remove this test for UTF-8: if “Ω” doesn’t appear as greek uppercase omega letter enclosed in quotation marks, you should use an editor that supports UTF-8, not this one. -->
 3 | <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
 4 |   <metadata>
 5 |     <id>hacker-scoper</id>
 6 |     <version>VERSIONHERE</version>
 7 |     <packageSourceUrl>https://github.com/ItsIgnacioPortal/hacker-scoper</packageSourceUrl>
 8 |     <owners>ItsIgnacioPortal</owners>
 9 | 
10 |     <!-- ============================== -->
11 |     <!-- == SOFTWARE SPECIFIC SECTION == -->
12 |     <!-- This section is about the software itself -->
13 | 
14 |     <title>hacker-scoper (Install)</title>
15 |     <authors>ItsIgnacioPortal</authors>
16 |     <projectUrl>https://github.com/ItsIgnacioPortal/hacker-scoper/</projectUrl>
17 |     <licenseUrl>https://raw.githubusercontent.com/ItsIgnacioPortal/hacker-scoper/main/LICENSE</licenseUrl>
18 |     <requireLicenseAcceptance>true</requireLicenseAcceptance>
19 |     <projectSourceUrl>https://github.com/ItsIgnacioPortal/hacker-scoper</projectSourceUrl>
20 |     <bugTrackerUrl>https://github.com/ItsIgnacioPortal/hacker-scoper/issues</bugTrackerUrl>
21 |     <tags>filter scopes infosec recon bugbounty</tags>
22 |     <summary>A go application to filter scopes for hacking. Specially useful for researchers on bug-bounty programs. </summary>
23 |     <description>This is a GoLang application made to filter scopes for hacking. It's specially useful for researchers on bug-bounty programs. </description>
24 |   </metadata>
25 |   <files>
26 |     <!-- this section controls what actually gets packaged into the Chocolatey package -->
27 |     <file src="tools\**" target="tools" />
28 |   </files>
29 | </package>
30 | 


--------------------------------------------------------------------------------
/.github/autoreleaser-helper.ps1:
--------------------------------------------------------------------------------
 1 | echo $pwd
 2 | $originaldir = (pwd).path
 3 | echo $(tree)
 4 | 
 5 | echo 'Downloading the releases file...'
 6 | Invoke-WebRequest -Uri https://api.github.com/repos/itsignacioportal/hacker-scoper/releases/latest -OutFile $env:TEMP\releases.json
 7 | 
 8 | echo 'Installing jq...'
 9 | choco install jq
10 | 
11 | echo 'Parsing latest version tag from JSON...'
12 | $version = type $env:TEMP\releases.json | C:\ProgramData\chocolatey\bin\jq.exe '.tag_name'
13 | $version = $version -replace '"',''
14 | 
15 | echo 'Parsing download URL from JSON...'
16 | $cmdOutput = type $env:TEMP\releases.json | C:\ProgramData\chocolatey\bin\jq.exe '.assets[11].browser_download_url'
17 | 
18 | echo 'Downloading the windows_32-bit file...'
19 | $cmdOutput = $cmdOutput -replace '"',''
20 | Invoke-WebRequest -Uri $cmdOutput -OutFile choco\hacker-scoper\tools\hacker-scoper_$($version)_windows_32-bit.zip
21 | 
22 | echo 'Parsing download URL from JSON...'
23 | $cmdOutput = type $env:TEMP\releases.json | C:\ProgramData\chocolatey\bin\jq.exe '.assets[12].browser_download_url'
24 | 
25 | echo 'Downloading the windows_64-bit file...'
26 | $cmdOutput = $cmdOutput -replace '"',''
27 | Invoke-WebRequest -Uri $cmdOutput -OutFile choco\hacker-scoper\tools\hacker-scoper_$($version)_windows_64-bit.zip
28 | 
29 | 
30 | echo 'Preparing Chocolatey package installer...'
31 | Copy-Item choco\chocolateyinstall_template.ps1 choco\hacker-scoper\tools\chocolateyinstall.ps1
32 | $filePath = "choco\hacker-scoper\tools\chocolateyinstall.ps1"
33 | (Get-Content $filePath).Replace("VERSIONHERE",$version) | Set-Content $filePath
34 | 
35 | echo 'Preparing Chocolatey nuspec file...'
36 | Copy-Item choco\hacker-scoper_template.nuspec choco\hacker-scoper\hacker-scoper.nuspec
37 | $filePath = "choco\hacker-scoper\hacker-scoper.nuspec"
38 | $version = $version -replace 'v',''
39 | (Get-Content $filePath).Replace("VERSIONHERE",$version) | Set-Content $filePath
40 | 
41 | cd choco\hacker-scoper
42 | echo "We're in '$pwd'"
43 | tree /F


--------------------------------------------------------------------------------
/.github/workflows/gorelease.yml:
--------------------------------------------------------------------------------
 1 | name: AutoReleaser
 2 | 
 3 | on:
 4 |   workflow_dispatch:
 5 |   push:
 6 |     tags:
 7 |       - 'v*.*.*'
 8 | 
 9 | permissions:
10 |   contents: write
11 | 
12 | jobs:
13 |   goreleaser:
14 |     runs-on: ubuntu-latest
15 |     steps:
16 |       -
17 |         name: checkout
18 |         uses: actions/checkout@v4
19 |         with:
20 |           fetch-depth: 0
21 |       -
22 |         name: set up Go
23 |         uses: actions/setup-go@v5
24 |         with:
25 |           go-version: 1.24.3
26 |       -
27 |         run: cd ${{ github.workspace }}/.. && wget https://raw.githubusercontent.com/ItsIgnacioPortal/hacker-scoper/main/.github/.goreleaser.yml && pwd
28 |       -
29 |         name: run GoReleaser
30 |         uses: goreleaser/goreleaser-action@v6.3.0
31 |         with:
32 |           # either 'goreleaser' (default) or 'goreleaser-pro'
33 |           distribution: goreleaser
34 |           # 'latest', 'nightly', or a semver
35 |           version: '~> v2'
36 |           args: release --clean --config ${{ github.workspace }}/../.goreleaser.yml
37 |         env:
38 |           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
39 | 
40 |   chocolatey:
41 |     needs: goreleaser
42 |     runs-on: windows-latest
43 |     steps:
44 |       -
45 |         name: Checkout
46 |         uses: actions/checkout@v3
47 |         with:
48 |           fetch-depth: 0
49 |       -
50 |         name: Run powershell script
51 |         run: |
52 |           powershell -ep bypass .\.github\autoreleaser-helper.ps1
53 |       -
54 |         name: Create Choco pack
55 |         uses: crazy-max/ghaction-chocolatey@v2
56 |         with:
57 |           args: pack choco\hacker-scoper\hacker-scoper.nuspec
58 |       - 
59 |         name: Upload to chocolatey
60 |         shell: cmd
61 |         run: |
62 |           FOR /F "tokens=* USEBACKQ" %%F IN (`dir /B *.nupkg`) DO (SET filename=%%F)
63 |           ECHO %filename%
64 |           choco push %filename% --source "'https://push.chocolatey.org/'" --api-key "'${{ secrets.CHOCOLATEY_API_KEY }}'"
65 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | <div align="center"><img src="icon/icon_v2_universal.png" alt ="Hacker-Scoper icon"></div>
  2 | <br>
  3 | <p align="center">
  4 |   <a href="https://github.com/ItsIgnacioPortal/hacker-scoper/actions/workflows/gorelease.yml"><img src="https://github.com/ItsIgnacioPortal/Hacker-Scoper/actions/workflows/gorelease.yml/badge.svg?event=push"></a>
  5 |   <a href="https://go.dev"><img alt="Golang icon" src="https://img.shields.io/badge/Built_with-GoLang-00acd7?logo=go"></a>
  6 |   <a href="https://github.com/ItsIgnacioPortal/Hacker-Scoper/releases"><img alt="Link to the latest version" src="https://img.shields.io/github/v/release/itsignacioportal/hacker-scoper"></a>
  7 |   <a href="https://www.bestpractices.dev/projects/10594"><img alt="OpenSSF best practices badge." src="https://www.bestpractices.dev/projects/10594/badge?c"></a>
  8 |   <a href="https://github.com/vavkamil/awesome-bugbounty-tools"><img alt="Mentioned in Awesome Bug Bounty Tools." src="https://awesome.re/mentioned-badge.svg"></a>
  9 | </p>
 10 | 
 11 | 
 12 | ---
 13 | 
 14 | Hacker-Scoper is a CLI tool programmed in GoLang designed to assist cybersecurity professionals in bug bounty programs. Given a mixed list of targets (URLs/IPs), it can quickly filter them to match the bug-bounty program's scope. The scope can be supplied manually, or it can also be detected automatically by just giving hacker-scoper the name of the targeted company.
 15 | 
 16 | This project is developed and maintained by [ItsIgnacioPortal](https://github.com/ItsIgnacioPortal).
 17 | 
 18 | ## 🌟 Features
 19 | 
 20 | - **Automatic scope detection**: Hacker-Scoper maintains an automatically-updated cached database of public program scopes. This means you don't need to manually specify the program scope unless the bug bounty program is private. You just need to supply the company name (`-c company-name-here`).
 21 | 
 22 | - **Easy customization**: You can load the scope of any private program into files named `.inscope` for inscope assets, and `.noscope` for out-of-scope assets.
 23 | 
 24 | - **Match any asset**: Hacker-Scoper works with IPv4, IPv6, and any URL format (including URLs with non-conventional schemes, like `sql://` or `redis://`).
 25 | 
 26 | - **Wildcard support**: Hacker-Scoper supports wildcards in any part of your domain-name scopes, allowing you to use filters like `amzn*.example.com` and `dev.*.example.com`.
 27 | 
 28 | - **Regex support**: You can use Regular Expressions (regex) as scopes to filter any assets. All regex scopes _must_ start with `^` and end with `$`. For example: `^\w+:\/\/db[0-9][0-9][0-9]\.mycompany\.ec2\.amazonaws\.com.*$`
 29 | 
 30 | - **CIDR Range support**: You can use CIDR ranges in your scopes to filter IP addresses, for example: `10.49.20.0/24` for IPv4 and `2001:DB8::/32` for IPv6.
 31 | 
 32 | - **Nmap octet ranges support**: Just like nmap, you may specify IPv4 scopes using octet ranges, like for example: `192.168.1-3.1`. That example would match the IPs `192.168.1.1`, `192.168.2.1` and `192.168.3.1`. You can also specify a comma-separated list of numbers for each octet, for example: `192.168.1-3,5.1`, which would match the IPs: `192.168.1.1`, `192.168.2.1`, `192.168.3.1` and `192.168.5.1`.
 33 | 
 34 | - **Automation friendly**: Use the `-ch`/`--chain-mode` argument to disable the fancy text decorations and output only the in-scope assets. Hacker-scoper also supports input from stdin.
 35 | 
 36 | - **Compatible**: Hacker-Scoper is compatible with Windows, Linux and MacOS in all architectures.
 37 | 
 38 | - **Blazing-fast**: Hacker-Scoper is extremely fast at processing targets, as it leverages several optimization techniques as well as built-in multithreading.
 39 | 
 40 | - **Flexible**: For any companies with vaguely defined scopes, you can enable or disable scope wildcard/CIDR parsing using the command-line argument `-ie`/`--inscope-explicit-level`.
 41 | 
 42 | - **Misconfiguration detection**: Using TLD-Based detection, hacker-scoper can automatically detect misconfigurations in bug-bounty program scopes. For example: Sometimes bug bounty programs set APK package names such as `com.my.businness.gatewayportal` as `web_application` resources instead of as `android_application` resources in their program scope, causing trouble for anyone using automatic tools. Hacker-Scoper automatically detects these errors and notifies the user.
 43 | 
 44 | ## 📦 Installation
 45 | 
 46 | **Using Chocolatey**
 47 | 
 48 | ```
 49 | choco install hacker-scoper
 50 | ```
 51 | 
 52 | **Using go install**
 53 | 
 54 | ```
 55 | go install github.com/ItsIgnacioPortal/hacker-scoper/src/hacker-scoper
 56 | ```
 57 | 
 58 | **From the releases page**
 59 | 
 60 | Download a pre-built binary from [the releases page](https://github.com/ItsIgnacioPortal/hacker-scoper/releases)
 61 | 
 62 | <br>
 63 | 
 64 | ## 🎥 Demos
 65 | 
 66 | ### Demo with company lookup
 67 | [![asciicast](https://asciinema.org/a/llZUBG5BC754rA2yy0Gx7EBqg.svg)](https://asciinema.org/a/llZUBG5BC754rA2yy0Gx7EBqg)
 68 | <br>
 69 | <br>
 70 | <br>
 71 | <br>
 72 | 
 73 | ### Demo with custom scopes file
 74 | [![asciicast](https://asciinema.org/a/f1IU5U2wv37D3YDclA1EBcQ6U.svg)](https://asciinema.org/a/f1IU5U2wv37D3YDclA1EBcQ6U)
 75 | 
 76 | ## 🏭 Company scope matching
 77 | - **Q: How does the "company" scope matching actually work?**
 78 | - A: It works by looking for company-name matches in a cached copy of the [firebounty](https://firebounty.com/) database. The company name that you specify will be lowercase'd, and then the tool will check if any company name in the database contains that string. Once it finds a name match, it will filter your supplied targets according to the scopes that firebounty detected for that company. You can test how this would perform by just searching some name in [the firebounty website](https://firebounty.com/).
 79 | 
 80 | ## 🤔 Usage
 81 | Usage: hacker-scoper --file /path/to/targets [--company company | --inscopes-file /path/to/inscopes [--outofscopes-file /path/to/outofscopes] [--enable-private-tlds]] [--inscope-explicit-level INT] [--noscope-explicit-level INT] [--chain-mode] [--database /path/to/firebounty.json] [--include-unsure] [--output /path/to/outputfile] [--hostnames-only]
 82 | 
 83 | ### Usage examples:
 84 | - Example: Cat a file, and lookup scopes on firebounty
 85 |   `cat recon-targets.txt | hacker-scoper -c google`
 86 | 
 87 | - Example: Cat a file, and use the .inscope & .noscope files
 88 |   `cat recon-targets.txt | hacker-scoper`
 89 | 
 90 | - Example: Manually pick a file, lookup scopes on firebounty, and set inscope explicit-level
 91 |   `hacker-scoper -f recon-targets.txt -c google -ie 2`
 92 | 
 93 | - Example: Manually pick a file, use custom scopes and out-of-scope files, and set inscope explicit-level
 94 |   `hacker-scoper -f recon-targets.txt -ins inscope -oos noscope.txt -ie 2`
 95 | 
 96 | **Usage notes:** If no company and no inscope file are specified, hacker-scoper will look for ".inscope" and ".noscope" files in the current or in parent directories.
 97 | 
 98 | ### Table of all possible arguments:
 99 | | Short | Long | Description |
100 | |-------|------|-------------|
101 | | -c | --company |  Specify the company name to lookup. |
102 | | -f | --file |  Path to your file containing URLs/domains/IPs |
103 | | -ins | --inscope-file |  Path to a custom plaintext file containing scopes |
104 | | -oos | --outofscope-file |  Path to a custom plaintext file containing scopes exclusions |
105 | | -ie<br>-oe | --inscope-explicit-level int<br>--noscope-explicit-level  int|  How explicit we expect the scopes to be:    <br> 1 (default): Include subdomains in the scope even if there's not a wildcard in the scope.    <br> 2: Include subdomains in the scope only if there's a wildcard in the scope.    <br> 3: Include subdomains/IPs in the scope only if they are explicitly within the scope. CIDR ranges and wildcards are disabled. |
106 | |  | --enable-private-tlds | Set this flag to enable the use of company scope domains with private TLDs. This essentially disables the bug-bounty-program misconfiguration detection. |
107 | | -ch | --chain-mode |  In "chain-mode" we only output the important information. No decorations. Default: false |
108 | |  | --database | Custom path to the cached firebounty database |
109 | | -iu | --include-unsure |  Include "unsure" assets in the output. An unsure asset is an asset that's not in scope, but is also not out of scope. Very probably unrelated to the bug bounty program. |
110 | | -o | --output |  Save the inscope assets to a file |
111 | |    | --quiet | Disable command-line output. |
112 | | -ho | --hostnames-only | When handling URLs, output only their hostnames instead of the full URLs |
113 | |  | --version | Show the installed version |
114 | |_______________|_____________________________| _____________________________________ |
115 | 
116 | list example:
117 | ```javascript
118 | example.com
119 | dev.example.com
120 | 1.dev.example.com
121 | 2.dev.example.com
122 | ads.example.com
123 | 192.168.1.10
124 | 192.168.2.10
125 | 192.168.2.8
126 | 2001:db8:0000:0000:0000:0000:0000:0001
127 | 2001:db8:0000:0000:0000:0000:0000:0002
128 | 2001:db8::3
129 | 2001:db9:0000:0000:0000:0000:0000:0004
130 | 2001:db9::5
131 | http://db123.mycompany.ec2.amazonaws.com/path/to/stuff
132 | http://db123.someothercompany.ec2.amazonaws.com/path/to/stuff
133 | ```
134 | 
135 | Custom .inscope file example:
136 | ```javascript
137 | # This is a comment!
138 | # Wildcards
139 | *.example.com
140 | *.sub.domain.example.com
141 | amzn*.domain.example.com
142 | 
143 | # IPv4 address
144 | 192.168.2.10
145 | 
146 | # IPv4 CIDR range
147 | 192.168.1.0/24
148 | 
149 | # IPv6 addresses
150 | FE80:0000:0000:0000:0202:B3FF:FE1E:8329
151 | FE80::0202:B3FF:FE1E:8329
152 | 
153 | # IPv6 CIDR range
154 | 2001:DB8::/32
155 | 
156 | # Regex
157 | ^\w+:\/\/db[0-9][0-9][0-9]\.mycompany\.ec2\.amazonaws\.com.*$
158 | 
159 | # Nmap octet ranges
160 | 192.168.100-104.1
161 | 192.168.200.0-255
162 | 192.168.105-107,109.1
163 | ```
164 | 
165 | Custom .noscope file example:
166 | ```javascript
167 | community.example.com
168 | thirdparty.example.com
169 | *.thirdparty.example.com
170 | dev.*.example.com
171 | 192.168.2.8
172 | FE80::0202:B3FF:FE1E:8330
173 | ```
174 | 
175 | ### Wildcards vs Regex
176 | Regex scopes are matched against the entire string that is given as a target, from start to finish, whereas wildcard scopes are only matched against hosts (IPv4s, IPv6s, and URL hosts). Also note that regex scopes aren't affected by --explicit-level settings.
177 | 
178 | ## :heart: Special thank you
179 | This project was inspired by the [yeswehack_vdp_finder](https://github.com/yeswehack/yeswehack_vdp_finder)
180 | 
181 | ## 📄 License
182 | All of the code on this repository is licensed under the *GNU Affero General Public License v3*. A copy can be seen as `LICENSE` on this repository.
183 | 
184 | The library `golang.org/x/net/publicsuffix`, used within this project is licensed with [BSD-3-Clause](https://pkg.go.dev/golang.org/x/net/publicsuffix?tab=licenses).
185 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 |                     GNU AFFERO GENERAL PUBLIC LICENSE
  2 |                        Version 3, 19 November 2007
  3 | 
  4 |  Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  5 |  Everyone is permitted to copy and distribute verbatim copies
  6 |  of this license document, but changing it is not allowed.
  7 | 
  8 |                             Preamble
  9 | 
 10 |   The GNU Affero General Public License is a free, copyleft license for
 11 | software and other kinds of works, specifically designed to ensure
 12 | cooperation with the community in the case of network server software.
 13 | 
 14 |   The licenses for most software and other practical works are designed
 15 | to take away your freedom to share and change the works.  By contrast,
 16 | our General Public Licenses are intended to guarantee your freedom to
 17 | share and change all versions of a program--to make sure it remains free
 18 | software for all its users.
 19 | 
 20 |   When we speak of free software, we are referring to freedom, not
 21 | price.  Our General Public Licenses are designed to make sure that you
 22 | have the freedom to distribute copies of free software (and charge for
 23 | them if you wish), that you receive source code or can get it if you
 24 | want it, that you can change the software or use pieces of it in new
 25 | free programs, and that you know you can do these things.
 26 | 
 27 |   Developers that use our General Public Licenses protect your rights
 28 | with two steps: (1) assert copyright on the software, and (2) offer
 29 | you this License which gives you legal permission to copy, distribute
 30 | and/or modify the software.
 31 | 
 32 |   A secondary benefit of defending all users' freedom is that
 33 | improvements made in alternate versions of the program, if they
 34 | receive widespread use, become available for other developers to
 35 | incorporate.  Many developers of free software are heartened and
 36 | encouraged by the resulting cooperation.  However, in the case of
 37 | software used on network servers, this result may fail to come about.
 38 | The GNU General Public License permits making a modified version and
 39 | letting the public access it on a server without ever releasing its
 40 | source code to the public.
 41 | 
 42 |   The GNU Affero General Public License is designed specifically to
 43 | ensure that, in such cases, the modified source code becomes available
 44 | to the community.  It requires the operator of a network server to
 45 | provide the source code of the modified version running there to the
 46 | users of that server.  Therefore, public use of a modified version, on
 47 | a publicly accessible server, gives the public access to the source
 48 | code of the modified version.
 49 | 
 50 |   An older license, called the Affero General Public License and
 51 | published by Affero, was designed to accomplish similar goals.  This is
 52 | a different license, not a version of the Affero GPL, but Affero has
 53 | released a new version of the Affero GPL which permits relicensing under
 54 | this license.
 55 | 
 56 |   The precise terms and conditions for copying, distribution and
 57 | modification follow.
 58 | 
 59 |                        TERMS AND CONDITIONS
 60 | 
 61 |   0. Definitions.
 62 | 
 63 |   "This License" refers to version 3 of the GNU Affero General Public License.
 64 | 
 65 |   "Copyright" also means copyright-like laws that apply to other kinds of
 66 | works, such as semiconductor masks.
 67 | 
 68 |   "The Program" refers to any copyrightable work licensed under this
 69 | License.  Each licensee is addressed as "you".  "Licensees" and
 70 | "recipients" may be individuals or organizations.
 71 | 
 72 |   To "modify" a work means to copy from or adapt all or part of the work
 73 | in a fashion requiring copyright permission, other than the making of an
 74 | exact copy.  The resulting work is called a "modified version" of the
 75 | earlier work or a work "based on" the earlier work.
 76 | 
 77 |   A "covered work" means either the unmodified Program or a work based
 78 | on the Program.
 79 | 
 80 |   To "propagate" a work means to do anything with it that, without
 81 | permission, would make you directly or secondarily liable for
 82 | infringement under applicable copyright law, except executing it on a
 83 | computer or modifying a private copy.  Propagation includes copying,
 84 | distribution (with or without modification), making available to the
 85 | public, and in some countries other activities as well.
 86 | 
 87 |   To "convey" a work means any kind of propagation that enables other
 88 | parties to make or receive copies.  Mere interaction with a user through
 89 | a computer network, with no transfer of a copy, is not conveying.
 90 | 
 91 |   An interactive user interface displays "Appropriate Legal Notices"
 92 | to the extent that it includes a convenient and prominently visible
 93 | feature that (1) displays an appropriate copyright notice, and (2)
 94 | tells the user that there is no warranty for the work (except to the
 95 | extent that warranties are provided), that licensees may convey the
 96 | work under this License, and how to view a copy of this License.  If
 97 | the interface presents a list of user commands or options, such as a
 98 | menu, a prominent item in the list meets this criterion.
 99 | 
100 |   1. Source Code.
101 | 
102 |   The "source code" for a work means the preferred form of the work
103 | for making modifications to it.  "Object code" means any non-source
104 | form of a work.
105 | 
106 |   A "Standard Interface" means an interface that either is an official
107 | standard defined by a recognized standards body, or, in the case of
108 | interfaces specified for a particular programming language, one that
109 | is widely used among developers working in that language.
110 | 
111 |   The "System Libraries" of an executable work include anything, other
112 | than the work as a whole, that (a) is included in the normal form of
113 | packaging a Major Component, but which is not part of that Major
114 | Component, and (b) serves only to enable use of the work with that
115 | Major Component, or to implement a Standard Interface for which an
116 | implementation is available to the public in source code form.  A
117 | "Major Component", in this context, means a major essential component
118 | (kernel, window system, and so on) of the specific operating system
119 | (if any) on which the executable work runs, or a compiler used to
120 | produce the work, or an object code interpreter used to run it.
121 | 
122 |   The "Corresponding Source" for a work in object code form means all
123 | the source code needed to generate, install, and (for an executable
124 | work) run the object code and to modify the work, including scripts to
125 | control those activities.  However, it does not include the work's
126 | System Libraries, or general-purpose tools or generally available free
127 | programs which are used unmodified in performing those activities but
128 | which are not part of the work.  For example, Corresponding Source
129 | includes interface definition files associated with source files for
130 | the work, and the source code for shared libraries and dynamically
131 | linked subprograms that the work is specifically designed to require,
132 | such as by intimate data communication or control flow between those
133 | subprograms and other parts of the work.
134 | 
135 |   The Corresponding Source need not include anything that users
136 | can regenerate automatically from other parts of the Corresponding
137 | Source.
138 | 
139 |   The Corresponding Source for a work in source code form is that
140 | same work.
141 | 
142 |   2. Basic Permissions.
143 | 
144 |   All rights granted under this License are granted for the term of
145 | copyright on the Program, and are irrevocable provided the stated
146 | conditions are met.  This License explicitly affirms your unlimited
147 | permission to run the unmodified Program.  The output from running a
148 | covered work is covered by this License only if the output, given its
149 | content, constitutes a covered work.  This License acknowledges your
150 | rights of fair use or other equivalent, as provided by copyright law.
151 | 
152 |   You may make, run and propagate covered works that you do not
153 | convey, without conditions so long as your license otherwise remains
154 | in force.  You may convey covered works to others for the sole purpose
155 | of having them make modifications exclusively for you, or provide you
156 | with facilities for running those works, provided that you comply with
157 | the terms of this License in conveying all material for which you do
158 | not control copyright.  Those thus making or running the covered works
159 | for you must do so exclusively on your behalf, under your direction
160 | and control, on terms that prohibit them from making any copies of
161 | your copyrighted material outside their relationship with you.
162 | 
163 |   Conveying under any other circumstances is permitted solely under
164 | the conditions stated below.  Sublicensing is not allowed; section 10
165 | makes it unnecessary.
166 | 
167 |   3. Protecting Users' Legal Rights From Anti-Circumvention Law.
168 | 
169 |   No covered work shall be deemed part of an effective technological
170 | measure under any applicable law fulfilling obligations under article
171 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
172 | similar laws prohibiting or restricting circumvention of such
173 | measures.
174 | 
175 |   When you convey a covered work, you waive any legal power to forbid
176 | circumvention of technological measures to the extent such circumvention
177 | is effected by exercising rights under this License with respect to
178 | the covered work, and you disclaim any intention to limit operation or
179 | modification of the work as a means of enforcing, against the work's
180 | users, your or third parties' legal rights to forbid circumvention of
181 | technological measures.
182 | 
183 |   4. Conveying Verbatim Copies.
184 | 
185 |   You may convey verbatim copies of the Program's source code as you
186 | receive it, in any medium, provided that you conspicuously and
187 | appropriately publish on each copy an appropriate copyright notice;
188 | keep intact all notices stating that this License and any
189 | non-permissive terms added in accord with section 7 apply to the code;
190 | keep intact all notices of the absence of any warranty; and give all
191 | recipients a copy of this License along with the Program.
192 | 
193 |   You may charge any price or no price for each copy that you convey,
194 | and you may offer support or warranty protection for a fee.
195 | 
196 |   5. Conveying Modified Source Versions.
197 | 
198 |   You may convey a work based on the Program, or the modifications to
199 | produce it from the Program, in the form of source code under the
200 | terms of section 4, provided that you also meet all of these conditions:
201 | 
202 |     a) The work must carry prominent notices stating that you modified
203 |     it, and giving a relevant date.
204 | 
205 |     b) The work must carry prominent notices stating that it is
206 |     released under this License and any conditions added under section
207 |     7.  This requirement modifies the requirement in section 4 to
208 |     "keep intact all notices".
209 | 
210 |     c) You must license the entire work, as a whole, under this
211 |     License to anyone who comes into possession of a copy.  This
212 |     License will therefore apply, along with any applicable section 7
213 |     additional terms, to the whole of the work, and all its parts,
214 |     regardless of how they are packaged.  This License gives no
215 |     permission to license the work in any other way, but it does not
216 |     invalidate such permission if you have separately received it.
217 | 
218 |     d) If the work has interactive user interfaces, each must display
219 |     Appropriate Legal Notices; however, if the Program has interactive
220 |     interfaces that do not display Appropriate Legal Notices, your
221 |     work need not make them do so.
222 | 
223 |   A compilation of a covered work with other separate and independent
224 | works, which are not by their nature extensions of the covered work,
225 | and which are not combined with it such as to form a larger program,
226 | in or on a volume of a storage or distribution medium, is called an
227 | "aggregate" if the compilation and its resulting copyright are not
228 | used to limit the access or legal rights of the compilation's users
229 | beyond what the individual works permit.  Inclusion of a covered work
230 | in an aggregate does not cause this License to apply to the other
231 | parts of the aggregate.
232 | 
233 |   6. Conveying Non-Source Forms.
234 | 
235 |   You may convey a covered work in object code form under the terms
236 | of sections 4 and 5, provided that you also convey the
237 | machine-readable Corresponding Source under the terms of this License,
238 | in one of these ways:
239 | 
240 |     a) Convey the object code in, or embodied in, a physical product
241 |     (including a physical distribution medium), accompanied by the
242 |     Corresponding Source fixed on a durable physical medium
243 |     customarily used for software interchange.
244 | 
245 |     b) Convey the object code in, or embodied in, a physical product
246 |     (including a physical distribution medium), accompanied by a
247 |     written offer, valid for at least three years and valid for as
248 |     long as you offer spare parts or customer support for that product
249 |     model, to give anyone who possesses the object code either (1) a
250 |     copy of the Corresponding Source for all the software in the
251 |     product that is covered by this License, on a durable physical
252 |     medium customarily used for software interchange, for a price no
253 |     more than your reasonable cost of physically performing this
254 |     conveying of source, or (2) access to copy the
255 |     Corresponding Source from a network server at no charge.
256 | 
257 |     c) Convey individual copies of the object code with a copy of the
258 |     written offer to provide the Corresponding Source.  This
259 |     alternative is allowed only occasionally and noncommercially, and
260 |     only if you received the object code with such an offer, in accord
261 |     with subsection 6b.
262 | 
263 |     d) Convey the object code by offering access from a designated
264 |     place (gratis or for a charge), and offer equivalent access to the
265 |     Corresponding Source in the same way through the same place at no
266 |     further charge.  You need not require recipients to copy the
267 |     Corresponding Source along with the object code.  If the place to
268 |     copy the object code is a network server, the Corresponding Source
269 |     may be on a different server (operated by you or a third party)
270 |     that supports equivalent copying facilities, provided you maintain
271 |     clear directions next to the object code saying where to find the
272 |     Corresponding Source.  Regardless of what server hosts the
273 |     Corresponding Source, you remain obligated to ensure that it is
274 |     available for as long as needed to satisfy these requirements.
275 | 
276 |     e) Convey the object code using peer-to-peer transmission, provided
277 |     you inform other peers where the object code and Corresponding
278 |     Source of the work are being offered to the general public at no
279 |     charge under subsection 6d.
280 | 
281 |   A separable portion of the object code, whose source code is excluded
282 | from the Corresponding Source as a System Library, need not be
283 | included in conveying the object code work.
284 | 
285 |   A "User Product" is either (1) a "consumer product", which means any
286 | tangible personal property which is normally used for personal, family,
287 | or household purposes, or (2) anything designed or sold for incorporation
288 | into a dwelling.  In determining whether a product is a consumer product,
289 | doubtful cases shall be resolved in favor of coverage.  For a particular
290 | product received by a particular user, "normally used" refers to a
291 | typical or common use of that class of product, regardless of the status
292 | of the particular user or of the way in which the particular user
293 | actually uses, or expects or is expected to use, the product.  A product
294 | is a consumer product regardless of whether the product has substantial
295 | commercial, industrial or non-consumer uses, unless such uses represent
296 | the only significant mode of use of the product.
297 | 
298 |   "Installation Information" for a User Product means any methods,
299 | procedures, authorization keys, or other information required to install
300 | and execute modified versions of a covered work in that User Product from
301 | a modified version of its Corresponding Source.  The information must
302 | suffice to ensure that the continued functioning of the modified object
303 | code is in no case prevented or interfered with solely because
304 | modification has been made.
305 | 
306 |   If you convey an object code work under this section in, or with, or
307 | specifically for use in, a User Product, and the conveying occurs as
308 | part of a transaction in which the right of possession and use of the
309 | User Product is transferred to the recipient in perpetuity or for a
310 | fixed term (regardless of how the transaction is characterized), the
311 | Corresponding Source conveyed under this section must be accompanied
312 | by the Installation Information.  But this requirement does not apply
313 | if neither you nor any third party retains the ability to install
314 | modified object code on the User Product (for example, the work has
315 | been installed in ROM).
316 | 
317 |   The requirement to provide Installation Information does not include a
318 | requirement to continue to provide support service, warranty, or updates
319 | for a work that has been modified or installed by the recipient, or for
320 | the User Product in which it has been modified or installed.  Access to a
321 | network may be denied when the modification itself materially and
322 | adversely affects the operation of the network or violates the rules and
323 | protocols for communication across the network.
324 | 
325 |   Corresponding Source conveyed, and Installation Information provided,
326 | in accord with this section must be in a format that is publicly
327 | documented (and with an implementation available to the public in
328 | source code form), and must require no special password or key for
329 | unpacking, reading or copying.
330 | 
331 |   7. Additional Terms.
332 | 
333 |   "Additional permissions" are terms that supplement the terms of this
334 | License by making exceptions from one or more of its conditions.
335 | Additional permissions that are applicable to the entire Program shall
336 | be treated as though they were included in this License, to the extent
337 | that they are valid under applicable law.  If additional permissions
338 | apply only to part of the Program, that part may be used separately
339 | under those permissions, but the entire Program remains governed by
340 | this License without regard to the additional permissions.
341 | 
342 |   When you convey a copy of a covered work, you may at your option
343 | remove any additional permissions from that copy, or from any part of
344 | it.  (Additional permissions may be written to require their own
345 | removal in certain cases when you modify the work.)  You may place
346 | additional permissions on material, added by you to a covered work,
347 | for which you have or can give appropriate copyright permission.
348 | 
349 |   Notwithstanding any other provision of this License, for material you
350 | add to a covered work, you may (if authorized by the copyright holders of
351 | that material) supplement the terms of this License with terms:
352 | 
353 |     a) Disclaiming warranty or limiting liability differently from the
354 |     terms of sections 15 and 16 of this License; or
355 | 
356 |     b) Requiring preservation of specified reasonable legal notices or
357 |     author attributions in that material or in the Appropriate Legal
358 |     Notices displayed by works containing it; or
359 | 
360 |     c) Prohibiting misrepresentation of the origin of that material, or
361 |     requiring that modified versions of such material be marked in
362 |     reasonable ways as different from the original version; or
363 | 
364 |     d) Limiting the use for publicity purposes of names of licensors or
365 |     authors of the material; or
366 | 
367 |     e) Declining to grant rights under trademark law for use of some
368 |     trade names, trademarks, or service marks; or
369 | 
370 |     f) Requiring indemnification of licensors and authors of that
371 |     material by anyone who conveys the material (or modified versions of
372 |     it) with contractual assumptions of liability to the recipient, for
373 |     any liability that these contractual assumptions directly impose on
374 |     those licensors and authors.
375 | 
376 |   All other non-permissive additional terms are considered "further
377 | restrictions" within the meaning of section 10.  If the Program as you
378 | received it, or any part of it, contains a notice stating that it is
379 | governed by this License along with a term that is a further
380 | restriction, you may remove that term.  If a license document contains
381 | a further restriction but permits relicensing or conveying under this
382 | License, you may add to a covered work material governed by the terms
383 | of that license document, provided that the further restriction does
384 | not survive such relicensing or conveying.
385 | 
386 |   If you add terms to a covered work in accord with this section, you
387 | must place, in the relevant source files, a statement of the
388 | additional terms that apply to those files, or a notice indicating
389 | where to find the applicable terms.
390 | 
391 |   Additional terms, permissive or non-permissive, may be stated in the
392 | form of a separately written license, or stated as exceptions;
393 | the above requirements apply either way.
394 | 
395 |   8. Termination.
396 | 
397 |   You may not propagate or modify a covered work except as expressly
398 | provided under this License.  Any attempt otherwise to propagate or
399 | modify it is void, and will automatically terminate your rights under
400 | this License (including any patent licenses granted under the third
401 | paragraph of section 11).
402 | 
403 |   However, if you cease all violation of this License, then your
404 | license from a particular copyright holder is reinstated (a)
405 | provisionally, unless and until the copyright holder explicitly and
406 | finally terminates your license, and (b) permanently, if the copyright
407 | holder fails to notify you of the violation by some reasonable means
408 | prior to 60 days after the cessation.
409 | 
410 |   Moreover, your license from a particular copyright holder is
411 | reinstated permanently if the copyright holder notifies you of the
412 | violation by some reasonable means, this is the first time you have
413 | received notice of violation of this License (for any work) from that
414 | copyright holder, and you cure the violation prior to 30 days after
415 | your receipt of the notice.
416 | 
417 |   Termination of your rights under this section does not terminate the
418 | licenses of parties who have received copies or rights from you under
419 | this License.  If your rights have been terminated and not permanently
420 | reinstated, you do not qualify to receive new licenses for the same
421 | material under section 10.
422 | 
423 |   9. Acceptance Not Required for Having Copies.
424 | 
425 |   You are not required to accept this License in order to receive or
426 | run a copy of the Program.  Ancillary propagation of a covered work
427 | occurring solely as a consequence of using peer-to-peer transmission
428 | to receive a copy likewise does not require acceptance.  However,
429 | nothing other than this License grants you permission to propagate or
430 | modify any covered work.  These actions infringe copyright if you do
431 | not accept this License.  Therefore, by modifying or propagating a
432 | covered work, you indicate your acceptance of this License to do so.
433 | 
434 |   10. Automatic Licensing of Downstream Recipients.
435 | 
436 |   Each time you convey a covered work, the recipient automatically
437 | receives a license from the original licensors, to run, modify and
438 | propagate that work, subject to this License.  You are not responsible
439 | for enforcing compliance by third parties with this License.
440 | 
441 |   An "entity transaction" is a transaction transferring control of an
442 | organization, or substantially all assets of one, or subdividing an
443 | organization, or merging organizations.  If propagation of a covered
444 | work results from an entity transaction, each party to that
445 | transaction who receives a copy of the work also receives whatever
446 | licenses to the work the party's predecessor in interest had or could
447 | give under the previous paragraph, plus a right to possession of the
448 | Corresponding Source of the work from the predecessor in interest, if
449 | the predecessor has it or can get it with reasonable efforts.
450 | 
451 |   You may not impose any further restrictions on the exercise of the
452 | rights granted or affirmed under this License.  For example, you may
453 | not impose a license fee, royalty, or other charge for exercise of
454 | rights granted under this License, and you may not initiate litigation
455 | (including a cross-claim or counterclaim in a lawsuit) alleging that
456 | any patent claim is infringed by making, using, selling, offering for
457 | sale, or importing the Program or any portion of it.
458 | 
459 |   11. Patents.
460 | 
461 |   A "contributor" is a copyright holder who authorizes use under this
462 | License of the Program or a work on which the Program is based.  The
463 | work thus licensed is called the contributor's "contributor version".
464 | 
465 |   A contributor's "essential patent claims" are all patent claims
466 | owned or controlled by the contributor, whether already acquired or
467 | hereafter acquired, that would be infringed by some manner, permitted
468 | by this License, of making, using, or selling its contributor version,
469 | but do not include claims that would be infringed only as a
470 | consequence of further modification of the contributor version.  For
471 | purposes of this definition, "control" includes the right to grant
472 | patent sublicenses in a manner consistent with the requirements of
473 | this License.
474 | 
475 |   Each contributor grants you a non-exclusive, worldwide, royalty-free
476 | patent license under the contributor's essential patent claims, to
477 | make, use, sell, offer for sale, import and otherwise run, modify and
478 | propagate the contents of its contributor version.
479 | 
480 |   In the following three paragraphs, a "patent license" is any express
481 | agreement or commitment, however denominated, not to enforce a patent
482 | (such as an express permission to practice a patent or covenant not to
483 | sue for patent infringement).  To "grant" such a patent license to a
484 | party means to make such an agreement or commitment not to enforce a
485 | patent against the party.
486 | 
487 |   If you convey a covered work, knowingly relying on a patent license,
488 | and the Corresponding Source of the work is not available for anyone
489 | to copy, free of charge and under the terms of this License, through a
490 | publicly available network server or other readily accessible means,
491 | then you must either (1) cause the Corresponding Source to be so
492 | available, or (2) arrange to deprive yourself of the benefit of the
493 | patent license for this particular work, or (3) arrange, in a manner
494 | consistent with the requirements of this License, to extend the patent
495 | license to downstream recipients.  "Knowingly relying" means you have
496 | actual knowledge that, but for the patent license, your conveying the
497 | covered work in a country, or your recipient's use of the covered work
498 | in a country, would infringe one or more identifiable patents in that
499 | country that you have reason to believe are valid.
500 | 
501 |   If, pursuant to or in connection with a single transaction or
502 | arrangement, you convey, or propagate by procuring conveyance of, a
503 | covered work, and grant a patent license to some of the parties
504 | receiving the covered work authorizing them to use, propagate, modify
505 | or convey a specific copy of the covered work, then the patent license
506 | you grant is automatically extended to all recipients of the covered
507 | work and works based on it.
508 | 
509 |   A patent license is "discriminatory" if it does not include within
510 | the scope of its coverage, prohibits the exercise of, or is
511 | conditioned on the non-exercise of one or more of the rights that are
512 | specifically granted under this License.  You may not convey a covered
513 | work if you are a party to an arrangement with a third party that is
514 | in the business of distributing software, under which you make payment
515 | to the third party based on the extent of your activity of conveying
516 | the work, and under which the third party grants, to any of the
517 | parties who would receive the covered work from you, a discriminatory
518 | patent license (a) in connection with copies of the covered work
519 | conveyed by you (or copies made from those copies), or (b) primarily
520 | for and in connection with specific products or compilations that
521 | contain the covered work, unless you entered into that arrangement,
522 | or that patent license was granted, prior to 28 March 2007.
523 | 
524 |   Nothing in this License shall be construed as excluding or limiting
525 | any implied license or other defenses to infringement that may
526 | otherwise be available to you under applicable patent law.
527 | 
528 |   12. No Surrender of Others' Freedom.
529 | 
530 |   If conditions are imposed on you (whether by court order, agreement or
531 | otherwise) that contradict the conditions of this License, they do not
532 | excuse you from the conditions of this License.  If you cannot convey a
533 | covered work so as to satisfy simultaneously your obligations under this
534 | License and any other pertinent obligations, then as a consequence you may
535 | not convey it at all.  For example, if you agree to terms that obligate you
536 | to collect a royalty for further conveying from those to whom you convey
537 | the Program, the only way you could satisfy both those terms and this
538 | License would be to refrain entirely from conveying the Program.
539 | 
540 |   13. Remote Network Interaction; Use with the GNU General Public License.
541 | 
542 |   Notwithstanding any other provision of this License, if you modify the
543 | Program, your modified version must prominently offer all users
544 | interacting with it remotely through a computer network (if your version
545 | supports such interaction) an opportunity to receive the Corresponding
546 | Source of your version by providing access to the Corresponding Source
547 | from a network server at no charge, through some standard or customary
548 | means of facilitating copying of software.  This Corresponding Source
549 | shall include the Corresponding Source for any work covered by version 3
550 | of the GNU General Public License that is incorporated pursuant to the
551 | following paragraph.
552 | 
553 |   Notwithstanding any other provision of this License, you have
554 | permission to link or combine any covered work with a work licensed
555 | under version 3 of the GNU General Public License into a single
556 | combined work, and to convey the resulting work.  The terms of this
557 | License will continue to apply to the part which is the covered work,
558 | but the work with which it is combined will remain governed by version
559 | 3 of the GNU General Public License.
560 | 
561 |   14. Revised Versions of this License.
562 | 
563 |   The Free Software Foundation may publish revised and/or new versions of
564 | the GNU Affero General Public License from time to time.  Such new versions
565 | will be similar in spirit to the present version, but may differ in detail to
566 | address new problems or concerns.
567 | 
568 |   Each version is given a distinguishing version number.  If the
569 | Program specifies that a certain numbered version of the GNU Affero General
570 | Public License "or any later version" applies to it, you have the
571 | option of following the terms and conditions either of that numbered
572 | version or of any later version published by the Free Software
573 | Foundation.  If the Program does not specify a version number of the
574 | GNU Affero General Public License, you may choose any version ever published
575 | by the Free Software Foundation.
576 | 
577 |   If the Program specifies that a proxy can decide which future
578 | versions of the GNU Affero General Public License can be used, that proxy's
579 | public statement of acceptance of a version permanently authorizes you
580 | to choose that version for the Program.
581 | 
582 |   Later license versions may give you additional or different
583 | permissions.  However, no additional obligations are imposed on any
584 | author or copyright holder as a result of your choosing to follow a
585 | later version.
586 | 
587 |   15. Disclaimer of Warranty.
588 | 
589 |   THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
590 | APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
591 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
592 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
593 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
594 | PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
595 | IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
596 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
597 | 
598 |   16. Limitation of Liability.
599 | 
600 |   IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
601 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
602 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
603 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
604 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
605 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
606 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
607 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
608 | SUCH DAMAGES.
609 | 
610 |   17. Interpretation of Sections 15 and 16.
611 | 
612 |   If the disclaimer of warranty and limitation of liability provided
613 | above cannot be given local legal effect according to their terms,
614 | reviewing courts shall apply local law that most closely approximates
615 | an absolute waiver of all civil liability in connection with the
616 | Program, unless a warranty or assumption of liability accompanies a
617 | copy of the Program in return for a fee.
618 | 
619 |                      END OF TERMS AND CONDITIONS
620 | 
621 |             How to Apply These Terms to Your New Programs
622 | 
623 |   If you develop a new program, and you want it to be of the greatest
624 | possible use to the public, the best way to achieve this is to make it
625 | free software which everyone can redistribute and change under these terms.
626 | 
627 |   To do so, attach the following notices to the program.  It is safest
628 | to attach them to the start of each source file to most effectively
629 | state the exclusion of warranty; and each file should have at least
630 | the "copyright" line and a pointer to where the full notice is found.
631 | 
632 |     <one line to give the program's name and a brief idea of what it does.>
633 |     Copyright (C) <year>  <name of author>
634 | 
635 |     This program is free software: you can redistribute it and/or modify
636 |     it under the terms of the GNU Affero General Public License as published by
637 |     the Free Software Foundation, either version 3 of the License, or
638 |     (at your option) any later version.
639 | 
640 |     This program is distributed in the hope that it will be useful,
641 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
642 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
643 |     GNU Affero General Public License for more details.
644 | 
645 |     You should have received a copy of the GNU Affero General Public License
646 |     along with this program.  If not, see <https://www.gnu.org/licenses/>.
647 | 
648 | Also add information on how to contact you by electronic and paper mail.
649 | 
650 |   If your software can interact with users remotely through a computer
651 | network, you should also make sure that it provides a way for users to
652 | get its source.  For example, if your program is a web application, its
653 | interface could display a "Source" link that leads users to an archive
654 | of the code.  There are many ways you could offer source, and different
655 | solutions will be better for different programs; see section 13 for the
656 | specific requirements.
657 | 
658 |   You should also get your employer (if you work as a programmer) or school,
659 | if any, to sign a "copyright disclaimer" for the program, if necessary.
660 | For more information on this, and how to apply and follow the GNU AGPL, see
661 | <https://www.gnu.org/licenses/>.
662 | 


--------------------------------------------------------------------------------
/choco/hacker-scoper/tools/LICENSE.txt:
--------------------------------------------------------------------------------
  1 | From: https://github.com/ItsIgnacioPortal/hacker-scoper/
  2 | 
  3 | LICENSE
  4 | 
  5 |                     GNU AFFERO GENERAL PUBLIC LICENSE
  6 |                        Version 3, 19 November 2007
  7 | 
  8 |  Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
  9 |  Everyone is permitted to copy and distribute verbatim copies
 10 |  of this license document, but changing it is not allowed.
 11 | 
 12 |                             Preamble
 13 | 
 14 |   The GNU Affero General Public License is a free, copyleft license for
 15 | software and other kinds of works, specifically designed to ensure
 16 | cooperation with the community in the case of network server software.
 17 | 
 18 |   The licenses for most software and other practical works are designed
 19 | to take away your freedom to share and change the works.  By contrast,
 20 | our General Public Licenses are intended to guarantee your freedom to
 21 | share and change all versions of a program--to make sure it remains free
 22 | software for all its users.
 23 | 
 24 |   When we speak of free software, we are referring to freedom, not
 25 | price.  Our General Public Licenses are designed to make sure that you
 26 | have the freedom to distribute copies of free software (and charge for
 27 | them if you wish), that you receive source code or can get it if you
 28 | want it, that you can change the software or use pieces of it in new
 29 | free programs, and that you know you can do these things.
 30 | 
 31 |   Developers that use our General Public Licenses protect your rights
 32 | with two steps: (1) assert copyright on the software, and (2) offer
 33 | you this License which gives you legal permission to copy, distribute
 34 | and/or modify the software.
 35 | 
 36 |   A secondary benefit of defending all users' freedom is that
 37 | improvements made in alternate versions of the program, if they
 38 | receive widespread use, become available for other developers to
 39 | incorporate.  Many developers of free software are heartened and
 40 | encouraged by the resulting cooperation.  However, in the case of
 41 | software used on network servers, this result may fail to come about.
 42 | The GNU General Public License permits making a modified version and
 43 | letting the public access it on a server without ever releasing its
 44 | source code to the public.
 45 | 
 46 |   The GNU Affero General Public License is designed specifically to
 47 | ensure that, in such cases, the modified source code becomes available
 48 | to the community.  It requires the operator of a network server to
 49 | provide the source code of the modified version running there to the
 50 | users of that server.  Therefore, public use of a modified version, on
 51 | a publicly accessible server, gives the public access to the source
 52 | code of the modified version.
 53 | 
 54 |   An older license, called the Affero General Public License and
 55 | published by Affero, was designed to accomplish similar goals.  This is
 56 | a different license, not a version of the Affero GPL, but Affero has
 57 | released a new version of the Affero GPL which permits relicensing under
 58 | this license.
 59 | 
 60 |   The precise terms and conditions for copying, distribution and
 61 | modification follow.
 62 | 
 63 |                        TERMS AND CONDITIONS
 64 | 
 65 |   0. Definitions.
 66 | 
 67 |   "This License" refers to version 3 of the GNU Affero General Public License.
 68 | 
 69 |   "Copyright" also means copyright-like laws that apply to other kinds of
 70 | works, such as semiconductor masks.
 71 | 
 72 |   "The Program" refers to any copyrightable work licensed under this
 73 | License.  Each licensee is addressed as "you".  "Licensees" and
 74 | "recipients" may be individuals or organizations.
 75 | 
 76 |   To "modify" a work means to copy from or adapt all or part of the work
 77 | in a fashion requiring copyright permission, other than the making of an
 78 | exact copy.  The resulting work is called a "modified version" of the
 79 | earlier work or a work "based on" the earlier work.
 80 | 
 81 |   A "covered work" means either the unmodified Program or a work based
 82 | on the Program.
 83 | 
 84 |   To "propagate" a work means to do anything with it that, without
 85 | permission, would make you directly or secondarily liable for
 86 | infringement under applicable copyright law, except executing it on a
 87 | computer or modifying a private copy.  Propagation includes copying,
 88 | distribution (with or without modification), making available to the
 89 | public, and in some countries other activities as well.
 90 | 
 91 |   To "convey" a work means any kind of propagation that enables other
 92 | parties to make or receive copies.  Mere interaction with a user through
 93 | a computer network, with no transfer of a copy, is not conveying.
 94 | 
 95 |   An interactive user interface displays "Appropriate Legal Notices"
 96 | to the extent that it includes a convenient and prominently visible
 97 | feature that (1) displays an appropriate copyright notice, and (2)
 98 | tells the user that there is no warranty for the work (except to the
 99 | extent that warranties are provided), that licensees may convey the
100 | work under this License, and how to view a copy of this License.  If
101 | the interface presents a list of user commands or options, such as a
102 | menu, a prominent item in the list meets this criterion.
103 | 
104 |   1. Source Code.
105 | 
106 |   The "source code" for a work means the preferred form of the work
107 | for making modifications to it.  "Object code" means any non-source
108 | form of a work.
109 | 
110 |   A "Standard Interface" means an interface that either is an official
111 | standard defined by a recognized standards body, or, in the case of
112 | interfaces specified for a particular programming language, one that
113 | is widely used among developers working in that language.
114 | 
115 |   The "System Libraries" of an executable work include anything, other
116 | than the work as a whole, that (a) is included in the normal form of
117 | packaging a Major Component, but which is not part of that Major
118 | Component, and (b) serves only to enable use of the work with that
119 | Major Component, or to implement a Standard Interface for which an
120 | implementation is available to the public in source code form.  A
121 | "Major Component", in this context, means a major essential component
122 | (kernel, window system, and so on) of the specific operating system
123 | (if any) on which the executable work runs, or a compiler used to
124 | produce the work, or an object code interpreter used to run it.
125 | 
126 |   The "Corresponding Source" for a work in object code form means all
127 | the source code needed to generate, install, and (for an executable
128 | work) run the object code and to modify the work, including scripts to
129 | control those activities.  However, it does not include the work's
130 | System Libraries, or general-purpose tools or generally available free
131 | programs which are used unmodified in performing those activities but
132 | which are not part of the work.  For example, Corresponding Source
133 | includes interface definition files associated with source files for
134 | the work, and the source code for shared libraries and dynamically
135 | linked subprograms that the work is specifically designed to require,
136 | such as by intimate data communication or control flow between those
137 | subprograms and other parts of the work.
138 | 
139 |   The Corresponding Source need not include anything that users
140 | can regenerate automatically from other parts of the Corresponding
141 | Source.
142 | 
143 |   The Corresponding Source for a work in source code form is that
144 | same work.
145 | 
146 |   2. Basic Permissions.
147 | 
148 |   All rights granted under this License are granted for the term of
149 | copyright on the Program, and are irrevocable provided the stated
150 | conditions are met.  This License explicitly affirms your unlimited
151 | permission to run the unmodified Program.  The output from running a
152 | covered work is covered by this License only if the output, given its
153 | content, constitutes a covered work.  This License acknowledges your
154 | rights of fair use or other equivalent, as provided by copyright law.
155 | 
156 |   You may make, run and propagate covered works that you do not
157 | convey, without conditions so long as your license otherwise remains
158 | in force.  You may convey covered works to others for the sole purpose
159 | of having them make modifications exclusively for you, or provide you
160 | with facilities for running those works, provided that you comply with
161 | the terms of this License in conveying all material for which you do
162 | not control copyright.  Those thus making or running the covered works
163 | for you must do so exclusively on your behalf, under your direction
164 | and control, on terms that prohibit them from making any copies of
165 | your copyrighted material outside their relationship with you.
166 | 
167 |   Conveying under any other circumstances is permitted solely under
168 | the conditions stated below.  Sublicensing is not allowed; section 10
169 | makes it unnecessary.
170 | 
171 |   3. Protecting Users' Legal Rights From Anti-Circumvention Law.
172 | 
173 |   No covered work shall be deemed part of an effective technological
174 | measure under any applicable law fulfilling obligations under article
175 | 11 of the WIPO copyright treaty adopted on 20 December 1996, or
176 | similar laws prohibiting or restricting circumvention of such
177 | measures.
178 | 
179 |   When you convey a covered work, you waive any legal power to forbid
180 | circumvention of technological measures to the extent such circumvention
181 | is effected by exercising rights under this License with respect to
182 | the covered work, and you disclaim any intention to limit operation or
183 | modification of the work as a means of enforcing, against the work's
184 | users, your or third parties' legal rights to forbid circumvention of
185 | technological measures.
186 | 
187 |   4. Conveying Verbatim Copies.
188 | 
189 |   You may convey verbatim copies of the Program's source code as you
190 | receive it, in any medium, provided that you conspicuously and
191 | appropriately publish on each copy an appropriate copyright notice;
192 | keep intact all notices stating that this License and any
193 | non-permissive terms added in accord with section 7 apply to the code;
194 | keep intact all notices of the absence of any warranty; and give all
195 | recipients a copy of this License along with the Program.
196 | 
197 |   You may charge any price or no price for each copy that you convey,
198 | and you may offer support or warranty protection for a fee.
199 | 
200 |   5. Conveying Modified Source Versions.
201 | 
202 |   You may convey a work based on the Program, or the modifications to
203 | produce it from the Program, in the form of source code under the
204 | terms of section 4, provided that you also meet all of these conditions:
205 | 
206 |     a) The work must carry prominent notices stating that you modified
207 |     it, and giving a relevant date.
208 | 
209 |     b) The work must carry prominent notices stating that it is
210 |     released under this License and any conditions added under section
211 |     7.  This requirement modifies the requirement in section 4 to
212 |     "keep intact all notices".
213 | 
214 |     c) You must license the entire work, as a whole, under this
215 |     License to anyone who comes into possession of a copy.  This
216 |     License will therefore apply, along with any applicable section 7
217 |     additional terms, to the whole of the work, and all its parts,
218 |     regardless of how they are packaged.  This License gives no
219 |     permission to license the work in any other way, but it does not
220 |     invalidate such permission if you have separately received it.
221 | 
222 |     d) If the work has interactive user interfaces, each must display
223 |     Appropriate Legal Notices; however, if the Program has interactive
224 |     interfaces that do not display Appropriate Legal Notices, your
225 |     work need not make them do so.
226 | 
227 |   A compilation of a covered work with other separate and independent
228 | works, which are not by their nature extensions of the covered work,
229 | and which are not combined with it such as to form a larger program,
230 | in or on a volume of a storage or distribution medium, is called an
231 | "aggregate" if the compilation and its resulting copyright are not
232 | used to limit the access or legal rights of the compilation's users
233 | beyond what the individual works permit.  Inclusion of a covered work
234 | in an aggregate does not cause this License to apply to the other
235 | parts of the aggregate.
236 | 
237 |   6. Conveying Non-Source Forms.
238 | 
239 |   You may convey a covered work in object code form under the terms
240 | of sections 4 and 5, provided that you also convey the
241 | machine-readable Corresponding Source under the terms of this License,
242 | in one of these ways:
243 | 
244 |     a) Convey the object code in, or embodied in, a physical product
245 |     (including a physical distribution medium), accompanied by the
246 |     Corresponding Source fixed on a durable physical medium
247 |     customarily used for software interchange.
248 | 
249 |     b) Convey the object code in, or embodied in, a physical product
250 |     (including a physical distribution medium), accompanied by a
251 |     written offer, valid for at least three years and valid for as
252 |     long as you offer spare parts or customer support for that product
253 |     model, to give anyone who possesses the object code either (1) a
254 |     copy of the Corresponding Source for all the software in the
255 |     product that is covered by this License, on a durable physical
256 |     medium customarily used for software interchange, for a price no
257 |     more than your reasonable cost of physically performing this
258 |     conveying of source, or (2) access to copy the
259 |     Corresponding Source from a network server at no charge.
260 | 
261 |     c) Convey individual copies of the object code with a copy of the
262 |     written offer to provide the Corresponding Source.  This
263 |     alternative is allowed only occasionally and noncommercially, and
264 |     only if you received the object code with such an offer, in accord
265 |     with subsection 6b.
266 | 
267 |     d) Convey the object code by offering access from a designated
268 |     place (gratis or for a charge), and offer equivalent access to the
269 |     Corresponding Source in the same way through the same place at no
270 |     further charge.  You need not require recipients to copy the
271 |     Corresponding Source along with the object code.  If the place to
272 |     copy the object code is a network server, the Corresponding Source
273 |     may be on a different server (operated by you or a third party)
274 |     that supports equivalent copying facilities, provided you maintain
275 |     clear directions next to the object code saying where to find the
276 |     Corresponding Source.  Regardless of what server hosts the
277 |     Corresponding Source, you remain obligated to ensure that it is
278 |     available for as long as needed to satisfy these requirements.
279 | 
280 |     e) Convey the object code using peer-to-peer transmission, provided
281 |     you inform other peers where the object code and Corresponding
282 |     Source of the work are being offered to the general public at no
283 |     charge under subsection 6d.
284 | 
285 |   A separable portion of the object code, whose source code is excluded
286 | from the Corresponding Source as a System Library, need not be
287 | included in conveying the object code work.
288 | 
289 |   A "User Product" is either (1) a "consumer product", which means any
290 | tangible personal property which is normally used for personal, family,
291 | or household purposes, or (2) anything designed or sold for incorporation
292 | into a dwelling.  In determining whether a product is a consumer product,
293 | doubtful cases shall be resolved in favor of coverage.  For a particular
294 | product received by a particular user, "normally used" refers to a
295 | typical or common use of that class of product, regardless of the status
296 | of the particular user or of the way in which the particular user
297 | actually uses, or expects or is expected to use, the product.  A product
298 | is a consumer product regardless of whether the product has substantial
299 | commercial, industrial or non-consumer uses, unless such uses represent
300 | the only significant mode of use of the product.
301 | 
302 |   "Installation Information" for a User Product means any methods,
303 | procedures, authorization keys, or other information required to install
304 | and execute modified versions of a covered work in that User Product from
305 | a modified version of its Corresponding Source.  The information must
306 | suffice to ensure that the continued functioning of the modified object
307 | code is in no case prevented or interfered with solely because
308 | modification has been made.
309 | 
310 |   If you convey an object code work under this section in, or with, or
311 | specifically for use in, a User Product, and the conveying occurs as
312 | part of a transaction in which the right of possession and use of the
313 | User Product is transferred to the recipient in perpetuity or for a
314 | fixed term (regardless of how the transaction is characterized), the
315 | Corresponding Source conveyed under this section must be accompanied
316 | by the Installation Information.  But this requirement does not apply
317 | if neither you nor any third party retains the ability to install
318 | modified object code on the User Product (for example, the work has
319 | been installed in ROM).
320 | 
321 |   The requirement to provide Installation Information does not include a
322 | requirement to continue to provide support service, warranty, or updates
323 | for a work that has been modified or installed by the recipient, or for
324 | the User Product in which it has been modified or installed.  Access to a
325 | network may be denied when the modification itself materially and
326 | adversely affects the operation of the network or violates the rules and
327 | protocols for communication across the network.
328 | 
329 |   Corresponding Source conveyed, and Installation Information provided,
330 | in accord with this section must be in a format that is publicly
331 | documented (and with an implementation available to the public in
332 | source code form), and must require no special password or key for
333 | unpacking, reading or copying.
334 | 
335 |   7. Additional Terms.
336 | 
337 |   "Additional permissions" are terms that supplement the terms of this
338 | License by making exceptions from one or more of its conditions.
339 | Additional permissions that are applicable to the entire Program shall
340 | be treated as though they were included in this License, to the extent
341 | that they are valid under applicable law.  If additional permissions
342 | apply only to part of the Program, that part may be used separately
343 | under those permissions, but the entire Program remains governed by
344 | this License without regard to the additional permissions.
345 | 
346 |   When you convey a copy of a covered work, you may at your option
347 | remove any additional permissions from that copy, or from any part of
348 | it.  (Additional permissions may be written to require their own
349 | removal in certain cases when you modify the work.)  You may place
350 | additional permissions on material, added by you to a covered work,
351 | for which you have or can give appropriate copyright permission.
352 | 
353 |   Notwithstanding any other provision of this License, for material you
354 | add to a covered work, you may (if authorized by the copyright holders of
355 | that material) supplement the terms of this License with terms:
356 | 
357 |     a) Disclaiming warranty or limiting liability differently from the
358 |     terms of sections 15 and 16 of this License; or
359 | 
360 |     b) Requiring preservation of specified reasonable legal notices or
361 |     author attributions in that material or in the Appropriate Legal
362 |     Notices displayed by works containing it; or
363 | 
364 |     c) Prohibiting misrepresentation of the origin of that material, or
365 |     requiring that modified versions of such material be marked in
366 |     reasonable ways as different from the original version; or
367 | 
368 |     d) Limiting the use for publicity purposes of names of licensors or
369 |     authors of the material; or
370 | 
371 |     e) Declining to grant rights under trademark law for use of some
372 |     trade names, trademarks, or service marks; or
373 | 
374 |     f) Requiring indemnification of licensors and authors of that
375 |     material by anyone who conveys the material (or modified versions of
376 |     it) with contractual assumptions of liability to the recipient, for
377 |     any liability that these contractual assumptions directly impose on
378 |     those licensors and authors.
379 | 
380 |   All other non-permissive additional terms are considered "further
381 | restrictions" within the meaning of section 10.  If the Program as you
382 | received it, or any part of it, contains a notice stating that it is
383 | governed by this License along with a term that is a further
384 | restriction, you may remove that term.  If a license document contains
385 | a further restriction but permits relicensing or conveying under this
386 | License, you may add to a covered work material governed by the terms
387 | of that license document, provided that the further restriction does
388 | not survive such relicensing or conveying.
389 | 
390 |   If you add terms to a covered work in accord with this section, you
391 | must place, in the relevant source files, a statement of the
392 | additional terms that apply to those files, or a notice indicating
393 | where to find the applicable terms.
394 | 
395 |   Additional terms, permissive or non-permissive, may be stated in the
396 | form of a separately written license, or stated as exceptions;
397 | the above requirements apply either way.
398 | 
399 |   8. Termination.
400 | 
401 |   You may not propagate or modify a covered work except as expressly
402 | provided under this License.  Any attempt otherwise to propagate or
403 | modify it is void, and will automatically terminate your rights under
404 | this License (including any patent licenses granted under the third
405 | paragraph of section 11).
406 | 
407 |   However, if you cease all violation of this License, then your
408 | license from a particular copyright holder is reinstated (a)
409 | provisionally, unless and until the copyright holder explicitly and
410 | finally terminates your license, and (b) permanently, if the copyright
411 | holder fails to notify you of the violation by some reasonable means
412 | prior to 60 days after the cessation.
413 | 
414 |   Moreover, your license from a particular copyright holder is
415 | reinstated permanently if the copyright holder notifies you of the
416 | violation by some reasonable means, this is the first time you have
417 | received notice of violation of this License (for any work) from that
418 | copyright holder, and you cure the violation prior to 30 days after
419 | your receipt of the notice.
420 | 
421 |   Termination of your rights under this section does not terminate the
422 | licenses of parties who have received copies or rights from you under
423 | this License.  If your rights have been terminated and not permanently
424 | reinstated, you do not qualify to receive new licenses for the same
425 | material under section 10.
426 | 
427 |   9. Acceptance Not Required for Having Copies.
428 | 
429 |   You are not required to accept this License in order to receive or
430 | run a copy of the Program.  Ancillary propagation of a covered work
431 | occurring solely as a consequence of using peer-to-peer transmission
432 | to receive a copy likewise does not require acceptance.  However,
433 | nothing other than this License grants you permission to propagate or
434 | modify any covered work.  These actions infringe copyright if you do
435 | not accept this License.  Therefore, by modifying or propagating a
436 | covered work, you indicate your acceptance of this License to do so.
437 | 
438 |   10. Automatic Licensing of Downstream Recipients.
439 | 
440 |   Each time you convey a covered work, the recipient automatically
441 | receives a license from the original licensors, to run, modify and
442 | propagate that work, subject to this License.  You are not responsible
443 | for enforcing compliance by third parties with this License.
444 | 
445 |   An "entity transaction" is a transaction transferring control of an
446 | organization, or substantially all assets of one, or subdividing an
447 | organization, or merging organizations.  If propagation of a covered
448 | work results from an entity transaction, each party to that
449 | transaction who receives a copy of the work also receives whatever
450 | licenses to the work the party's predecessor in interest had or could
451 | give under the previous paragraph, plus a right to possession of the
452 | Corresponding Source of the work from the predecessor in interest, if
453 | the predecessor has it or can get it with reasonable efforts.
454 | 
455 |   You may not impose any further restrictions on the exercise of the
456 | rights granted or affirmed under this License.  For example, you may
457 | not impose a license fee, royalty, or other charge for exercise of
458 | rights granted under this License, and you may not initiate litigation
459 | (including a cross-claim or counterclaim in a lawsuit) alleging that
460 | any patent claim is infringed by making, using, selling, offering for
461 | sale, or importing the Program or any portion of it.
462 | 
463 |   11. Patents.
464 | 
465 |   A "contributor" is a copyright holder who authorizes use under this
466 | License of the Program or a work on which the Program is based.  The
467 | work thus licensed is called the contributor's "contributor version".
468 | 
469 |   A contributor's "essential patent claims" are all patent claims
470 | owned or controlled by the contributor, whether already acquired or
471 | hereafter acquired, that would be infringed by some manner, permitted
472 | by this License, of making, using, or selling its contributor version,
473 | but do not include claims that would be infringed only as a
474 | consequence of further modification of the contributor version.  For
475 | purposes of this definition, "control" includes the right to grant
476 | patent sublicenses in a manner consistent with the requirements of
477 | this License.
478 | 
479 |   Each contributor grants you a non-exclusive, worldwide, royalty-free
480 | patent license under the contributor's essential patent claims, to
481 | make, use, sell, offer for sale, import and otherwise run, modify and
482 | propagate the contents of its contributor version.
483 | 
484 |   In the following three paragraphs, a "patent license" is any express
485 | agreement or commitment, however denominated, not to enforce a patent
486 | (such as an express permission to practice a patent or covenant not to
487 | sue for patent infringement).  To "grant" such a patent license to a
488 | party means to make such an agreement or commitment not to enforce a
489 | patent against the party.
490 | 
491 |   If you convey a covered work, knowingly relying on a patent license,
492 | and the Corresponding Source of the work is not available for anyone
493 | to copy, free of charge and under the terms of this License, through a
494 | publicly available network server or other readily accessible means,
495 | then you must either (1) cause the Corresponding Source to be so
496 | available, or (2) arrange to deprive yourself of the benefit of the
497 | patent license for this particular work, or (3) arrange, in a manner
498 | consistent with the requirements of this License, to extend the patent
499 | license to downstream recipients.  "Knowingly relying" means you have
500 | actual knowledge that, but for the patent license, your conveying the
501 | covered work in a country, or your recipient's use of the covered work
502 | in a country, would infringe one or more identifiable patents in that
503 | country that you have reason to believe are valid.
504 | 
505 |   If, pursuant to or in connection with a single transaction or
506 | arrangement, you convey, or propagate by procuring conveyance of, a
507 | covered work, and grant a patent license to some of the parties
508 | receiving the covered work authorizing them to use, propagate, modify
509 | or convey a specific copy of the covered work, then the patent license
510 | you grant is automatically extended to all recipients of the covered
511 | work and works based on it.
512 | 
513 |   A patent license is "discriminatory" if it does not include within
514 | the scope of its coverage, prohibits the exercise of, or is
515 | conditioned on the non-exercise of one or more of the rights that are
516 | specifically granted under this License.  You may not convey a covered
517 | work if you are a party to an arrangement with a third party that is
518 | in the business of distributing software, under which you make payment
519 | to the third party based on the extent of your activity of conveying
520 | the work, and under which the third party grants, to any of the
521 | parties who would receive the covered work from you, a discriminatory
522 | patent license (a) in connection with copies of the covered work
523 | conveyed by you (or copies made from those copies), or (b) primarily
524 | for and in connection with specific products or compilations that
525 | contain the covered work, unless you entered into that arrangement,
526 | or that patent license was granted, prior to 28 March 2007.
527 | 
528 |   Nothing in this License shall be construed as excluding or limiting
529 | any implied license or other defenses to infringement that may
530 | otherwise be available to you under applicable patent law.
531 | 
532 |   12. No Surrender of Others' Freedom.
533 | 
534 |   If conditions are imposed on you (whether by court order, agreement or
535 | otherwise) that contradict the conditions of this License, they do not
536 | excuse you from the conditions of this License.  If you cannot convey a
537 | covered work so as to satisfy simultaneously your obligations under this
538 | License and any other pertinent obligations, then as a consequence you may
539 | not convey it at all.  For example, if you agree to terms that obligate you
540 | to collect a royalty for further conveying from those to whom you convey
541 | the Program, the only way you could satisfy both those terms and this
542 | License would be to refrain entirely from conveying the Program.
543 | 
544 |   13. Remote Network Interaction; Use with the GNU General Public License.
545 | 
546 |   Notwithstanding any other provision of this License, if you modify the
547 | Program, your modified version must prominently offer all users
548 | interacting with it remotely through a computer network (if your version
549 | supports such interaction) an opportunity to receive the Corresponding
550 | Source of your version by providing access to the Corresponding Source
551 | from a network server at no charge, through some standard or customary
552 | means of facilitating copying of software.  This Corresponding Source
553 | shall include the Corresponding Source for any work covered by version 3
554 | of the GNU General Public License that is incorporated pursuant to the
555 | following paragraph.
556 | 
557 |   Notwithstanding any other provision of this License, you have
558 | permission to link or combine any covered work with a work licensed
559 | under version 3 of the GNU General Public License into a single
560 | combined work, and to convey the resulting work.  The terms of this
561 | License will continue to apply to the part which is the covered work,
562 | but the work with which it is combined will remain governed by version
563 | 3 of the GNU General Public License.
564 | 
565 |   14. Revised Versions of this License.
566 | 
567 |   The Free Software Foundation may publish revised and/or new versions of
568 | the GNU Affero General Public License from time to time.  Such new versions
569 | will be similar in spirit to the present version, but may differ in detail to
570 | address new problems or concerns.
571 | 
572 |   Each version is given a distinguishing version number.  If the
573 | Program specifies that a certain numbered version of the GNU Affero General
574 | Public License "or any later version" applies to it, you have the
575 | option of following the terms and conditions either of that numbered
576 | version or of any later version published by the Free Software
577 | Foundation.  If the Program does not specify a version number of the
578 | GNU Affero General Public License, you may choose any version ever published
579 | by the Free Software Foundation.
580 | 
581 |   If the Program specifies that a proxy can decide which future
582 | versions of the GNU Affero General Public License can be used, that proxy's
583 | public statement of acceptance of a version permanently authorizes you
584 | to choose that version for the Program.
585 | 
586 |   Later license versions may give you additional or different
587 | permissions.  However, no additional obligations are imposed on any
588 | author or copyright holder as a result of your choosing to follow a
589 | later version.
590 | 
591 |   15. Disclaimer of Warranty.
592 | 
593 |   THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
594 | APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
595 | HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
596 | OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
597 | THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
598 | PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
599 | IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
600 | ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
601 | 
602 |   16. Limitation of Liability.
603 | 
604 |   IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
605 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
606 | THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
607 | GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
608 | USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
609 | DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
610 | PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
611 | EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
612 | SUCH DAMAGES.
613 | 
614 |   17. Interpretation of Sections 15 and 16.
615 | 
616 |   If the disclaimer of warranty and limitation of liability provided
617 | above cannot be given local legal effect according to their terms,
618 | reviewing courts shall apply local law that most closely approximates
619 | an absolute waiver of all civil liability in connection with the
620 | Program, unless a warranty or assumption of liability accompanies a
621 | copy of the Program in return for a fee.
622 | 
623 |                      END OF TERMS AND CONDITIONS
624 | 
625 |             How to Apply These Terms to Your New Programs
626 | 
627 |   If you develop a new program, and you want it to be of the greatest
628 | possible use to the public, the best way to achieve this is to make it
629 | free software which everyone can redistribute and change under these terms.
630 | 
631 |   To do so, attach the following notices to the program.  It is safest
632 | to attach them to the start of each source file to most effectively
633 | state the exclusion of warranty; and each file should have at least
634 | the "copyright" line and a pointer to where the full notice is found.
635 | 
636 |     <one line to give the program's name and a brief idea of what it does.>
637 |     Copyright (C) <year>  <name of author>
638 | 
639 |     This program is free software: you can redistribute it and/or modify
640 |     it under the terms of the GNU Affero General Public License as published by
641 |     the Free Software Foundation, either version 3 of the License, or
642 |     (at your option) any later version.
643 | 
644 |     This program is distributed in the hope that it will be useful,
645 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
646 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
647 |     GNU Affero General Public License for more details.
648 | 
649 |     You should have received a copy of the GNU Affero General Public License
650 |     along with this program.  If not, see <https://www.gnu.org/licenses/>.
651 | 
652 | Also add information on how to contact you by electronic and paper mail.
653 | 
654 |   If your software can interact with users remotely through a computer
655 | network, you should also make sure that it provides a way for users to
656 | get its source.  For example, if your program is a web application, its
657 | interface could display a "Source" link that leads users to an archive
658 | of the code.  There are many ways you could offer source, and different
659 | solutions will be better for different programs; see section 13 for the
660 | specific requirements.
661 | 
662 |   You should also get your employer (if you work as a programmer) or school,
663 | if any, to sign a "copyright disclaimer" for the program, if necessary.
664 | For more information on this, and how to apply and follow the GNU AGPL, see
665 | <https://www.gnu.org/licenses/>.


--------------------------------------------------------------------------------
/src/hacker-scoper/main_test.go:
--------------------------------------------------------------------------------
   1 | package main
   2 | 
   3 | import (
   4 | 	"fmt"
   5 | 	"net"
   6 | 	"net/url"
   7 | 	"path/filepath"
   8 | 	"reflect"
   9 | 	"regexp"
  10 | 	"runtime"
  11 | 	"testing"
  12 | )
  13 | 
  14 | //========================================================================
  15 | //                            HELPER FUNCTIONS
  16 | //========================================================================
  17 | 
  18 | // ok fails the test if an err is not nil.
  19 | func checkForErrors(tb testing.TB, err error) {
  20 | 	if err != nil {
  21 | 		_, file, line, _ := runtime.Caller(1)
  22 | 		fmt.Printf("\033[31m%s:%d: unexpected error: %s\033[39m\n\n", filepath.Base(file), line, err.Error())
  23 | 		tb.FailNow()
  24 | 	}
  25 | }
  26 | 
  27 | // equals fails the test if exp is not equal to act.
  28 | func equals(tb testing.TB, exp, act interface{}) {
  29 | 	if !reflect.DeepEqual(exp, act) {
  30 | 		_, file, line, _ := runtime.Caller(1)
  31 | 		fmt.Printf("\033[31m%s:%d:\n\n\texp: %#v\n\n\tgot: %#v\033[39m\n\n", filepath.Base(file), line, exp, act)
  32 | 		tb.FailNow()
  33 | 	}
  34 | }
  35 | 
  36 | //========================================================================
  37 | //========================================================================
  38 | //========================================================================
  39 | 
  40 | // -----------------------------------
  41 | //     TESTING THE LINE PARSING
  42 | 
  43 | func Test_parseLine_Scope_IP(t *testing.T) {
  44 | 	scope := "192.168.0.1"
  45 | 	scopeParsed := net.ParseIP(scope)
  46 | 	result, _ := parseLine(scope, true)
  47 | 	equals(t, &scopeParsed, result)
  48 | }
  49 | 
  50 | func Test_parseLine_Scope_IPv4CIDR(t *testing.T) {
  51 | 	scope := "192.168.0.1/24"
  52 | 	_, scopeParsed, _ := net.ParseCIDR(scope)
  53 | 	result, _ := parseLine(scope, true)
  54 | 	equals(t, scopeParsed, result)
  55 | }
  56 | 
  57 | func Test_parseLine_Scope_IPv6CIDR(t *testing.T) {
  58 | 	scope := "2001:DB8::/32"
  59 | 	_, scopeParsed, _ := net.ParseCIDR(scope)
  60 | 	result, _ := parseLine(scope, true)
  61 | 	equals(t, scopeParsed, result)
  62 | }
  63 | 
  64 | func Test_parseLine_Scope_URL_Hostname(t *testing.T) {
  65 | 	scope := "https://example.com"
  66 | 	result, _ := parseLine(scope, true)
  67 | 	equals(t, "example.com", result)
  68 | }
  69 | 
  70 | func Test_parseLine_Scope_URL_Hostname_NoScheme(t *testing.T) {
  71 | 	scope := "example.com"
  72 | 	result, _ := parseLine(scope, true)
  73 | 	equals(t, "example.com", result)
  74 | }
  75 | 
  76 | func Test_parseLine_Scope_URL_Hostname_Port(t *testing.T) {
  77 | 	scope := "http://example.com:80"
  78 | 	result, _ := parseLine(scope, true)
  79 | 	equals(t, "example.com", result)
  80 | }
  81 | 
  82 | func Test_parseLine_Scope_URL_Hostname_Port_NoScheme(t *testing.T) {
  83 | 	scope := "example.com:80"
  84 | 	result, _ := parseLine(scope, true)
  85 | 	equals(t, "example.com", result)
  86 | }
  87 | 
  88 | func Test_parseLine_Scope_Invalid(t *testing.T) {
  89 | 	scope := "Consequuntur et aut saepe quibusdam quia. Nostrum aut et et ea ea. Ducimus dolore aut unde. Unde a eligendi repudiandae tempore corrupti."
  90 | 	result, err := parseLine(scope, true)
  91 | 	equals(t, nil, result)
  92 | 	equals(t, ErrInvalidFormat, err)
  93 | }
  94 | 
  95 | func Test_parseLine_Scope_URL_Scheme_Invalid(t *testing.T) {
  96 | 	scope := "https://Consequuntur et aut saepe quibusdam quia. Nostrum aut et et ea ea. Ducimus dolore aut unde. Unde a eligendi repudiandae tempore corrupti."
  97 | 	result, err := parseLine(scope, true)
  98 | 	equals(t, nil, result)
  99 | 	equals(t, ErrInvalidFormat, err)
 100 | }
 101 | 
 102 | // Scopes that are URLs with paths are expected to throw an error.
 103 | func Test_parseLine_Scope_URL_Hostname_WithPath(t *testing.T) {
 104 | 	scope := "https://example.com/path/to/something.html"
 105 | 	result, err := parseLine(scope, true)
 106 | 
 107 | 	equals(t, nil, result)
 108 | 	equals(t, ErrInvalidFormat, err)
 109 | 
 110 | }
 111 | 
 112 | // Scopes that are URLs with paths are expected to throw an error.
 113 | func Test_parseLine_Scope_URL_Hostname_Port_WithPath(t *testing.T) {
 114 | 	scope := "https://example.com:80/path/to/something.html"
 115 | 	result, err := parseLine(scope, true)
 116 | 
 117 | 	equals(t, nil, result)
 118 | 	equals(t, ErrInvalidFormat, err)
 119 | 
 120 | }
 121 | 
 122 | // Scopes that are URLs with paths are expected to throw an error.
 123 | func Test_parseLine_Scope_URL_Hostname_NoScheme_WithPath(t *testing.T) {
 124 | 	scope := "example.com/path/to/something.html"
 125 | 	result, err := parseLine(scope, true)
 126 | 
 127 | 	equals(t, nil, result)
 128 | 	equals(t, ErrInvalidFormat, err)
 129 | 
 130 | }
 131 | 
 132 | // Scopes that are URLs with paths are expected to throw an error.
 133 | func Test_parseLine_Scope_URL_Hostname_Port_NoScheme_WithPath(t *testing.T) {
 134 | 	scope := "example.com:80/path/to/something.html"
 135 | 	result, err := parseLine(scope, true)
 136 | 
 137 | 	equals(t, nil, result)
 138 | 	equals(t, ErrInvalidFormat, err)
 139 | 
 140 | }
 141 | 
 142 | // Scopes that are URLs with paths are expected to throw an error.
 143 | func Test_parseLine_Scope_URL_IP_WithPath(t *testing.T) {
 144 | 	scope := "https://192.168.1.0/path/to/something.html"
 145 | 	result, err := parseLine(scope, true)
 146 | 
 147 | 	equals(t, nil, result)
 148 | 	equals(t, ErrInvalidFormat, err)
 149 | 
 150 | }
 151 | 
 152 | // Scopes that are URLs with paths are expected to throw an error.
 153 | func Test_parseLine_Scope_URL_IP_NoScheme_WithPath(t *testing.T) {
 154 | 	scope := "192.168.1.0/path/to/something.html"
 155 | 	result, err := parseLine(scope, true)
 156 | 
 157 | 	equals(t, nil, result)
 158 | 	equals(t, ErrInvalidFormat, err)
 159 | 
 160 | }
 161 | 
 162 | // Scopes that are URLs with paths are expected to throw an error.
 163 | func Test_parseLine_Scope_URL_IP_Port_NoScheme_WithPath(t *testing.T) {
 164 | 	scope := "192.168.1.0:80/path/to/something.html"
 165 | 	result, err := parseLine(scope, true)
 166 | 
 167 | 	equals(t, nil, result)
 168 | 	equals(t, ErrInvalidFormat, err)
 169 | 
 170 | }
 171 | 
 172 | // Try parsing wildcards
 173 | func Test_parseLine_Scope_Wildcard_Start(t *testing.T) {
 174 | 	scope := "*.amz.example.com"
 175 | 	myregex, _ := regexp.Compile(`.*\.amz\.example\.com`)
 176 | 	scopeParsed := &WildcardScope{scope: *myregex}
 177 | 	result, _ := parseLine(scope, true)
 178 | 	equals(t, scopeParsed, result)
 179 | }
 180 | 
 181 | // Try parsing wildcards
 182 | func Test_parseLine_Scope_Wildcard_Middle(t *testing.T) {
 183 | 	scope := "database*.internal.example.com"
 184 | 	myregex, _ := regexp.Compile(`database.*\.internal\.example\.com`)
 185 | 	scopeParsed := &WildcardScope{scope: *myregex}
 186 | 	result, _ := parseLine(scope, true)
 187 | 	equals(t, scopeParsed, result)
 188 | }
 189 | 
 190 | // Try parsing wildcards
 191 | func Test_parseLine_Scope_Wildcard_Complex(t *testing.T) {
 192 | 	scope := "database*.internal.*.example.com"
 193 | 	myregex, _ := regexp.Compile(`database.*\.internal\..*\.example\.com`)
 194 | 	scopeParsed := &WildcardScope{scope: *myregex}
 195 | 	result, _ := parseLine(scope, true)
 196 | 	equals(t, scopeParsed, result)
 197 | }
 198 | 
 199 | // Try parsing regex
 200 | func Test_parseLine_Scope_Regex(t *testing.T) {
 201 | 	scope := `^\w+:\/\/db[0-9][0-9][0-9]\.mycompany\.ec2\.amazonaws\.com.*$`
 202 | 	scopeParsed, _ := regexp.Compile(scope)
 203 | 	result, _ := parseLine(scope, true)
 204 | 	equals(t, scopeParsed, result)
 205 | }
 206 | 
 207 | func Test_parseLine_Target_IP(t *testing.T) {
 208 | 	scope := "192.168.0.1"
 209 | 	scopeParsed := net.ParseIP(scope)
 210 | 	result, _ := parseLine(scope, true)
 211 | 	equals(t, &scopeParsed, result)
 212 | }
 213 | 
 214 | func Test_parseLine_Target_IPv4CIDR(t *testing.T) {
 215 | 	scope := "192.168.0.1/24"
 216 | 	result, err := parseLine(scope, false)
 217 | 	// If a CIDR range is given as a target (which doesn't make logical sense), the expected behavior is for it to be parsed as a URL with an IP host.
 218 | 	// so "192.168.0.1/24" turns into "https://192.168.0.1/24" (where "/24" is the URL path)
 219 | 	scopeAsIP := net.ParseIP("192.168.0.1")
 220 | 	parsedScope := URLWithIPAddressHost{rawURL: scope, IPhost: scopeAsIP}
 221 | 
 222 | 	checkForErrors(t, err)
 223 | 	// Compare the fields, not the pointers
 224 | 	got := result.(*URLWithIPAddressHost)
 225 | 	if parsedScope.IPhost.String() != got.IPhost.String() || parsedScope.rawURL != got.rawURL {
 226 | 		t.Errorf("expected %+v, got %+v", parsedScope, got)
 227 | 	}
 228 | }
 229 | 
 230 | // If a CIDR range is given as a target (which doesn't make logical sense), the expected behavior is for it to be parsed as a URL.
 231 | // so "2001:DB8::/32" turns into "https://2001:DB8::/32" (where "/32" is the URL path)
 232 | func Test_parseLine_Target_IPv6CIDR(t *testing.T) {
 233 | 	scope := "2001:DB8::/32"
 234 | 	scopeAsIP := net.ParseIP("2001:DB8::")
 235 | 	parsedScope := URLWithIPAddressHost{rawURL: scope, IPhost: scopeAsIP}
 236 | 	result, err := parseLine(scope, false)
 237 | 
 238 | 	checkForErrors(t, err)
 239 | 	got := result.(*URLWithIPAddressHost)
 240 | 	if parsedScope.IPhost.String() != got.IPhost.String() || parsedScope.rawURL != got.rawURL {
 241 | 		t.Errorf("expected %+v, got %+v", parsedScope, got)
 242 | 	}
 243 | }
 244 | 
 245 | func Test_parseLine_Target_URL_Hostname(t *testing.T) {
 246 | 	scope := "https://example.com"
 247 | 	scopeParsed, _ := url.Parse(scope)
 248 | 	result, _ := parseLine(scope, false)
 249 | 	equals(t, scopeParsed, result)
 250 | }
 251 | 
 252 | func Test_parseLine_Target_URL_Hostname_NoScheme(t *testing.T) {
 253 | 	scope := "example.com"
 254 | 	scopeParsed, _ := url.Parse("https://" + scope)
 255 | 	result, _ := parseLine(scope, false)
 256 | 	equals(t, scopeParsed, result)
 257 | }
 258 | 
 259 | func Test_parseLine_Target_URL_Hostname_Port(t *testing.T) {
 260 | 	scope := "http://example.com:80"
 261 | 	scopeParsed, _ := url.Parse(scope)
 262 | 	result, _ := parseLine(scope, false)
 263 | 	equals(t, scopeParsed, result)
 264 | }
 265 | 
 266 | func Test_parseLine_Target_URL_Hostname_Port_NoScheme(t *testing.T) {
 267 | 	scope := "example.com:80"
 268 | 	scopeParsed, _ := url.Parse("https://" + scope)
 269 | 	result, _ := parseLine(scope, false)
 270 | 	equals(t, scopeParsed, result)
 271 | }
 272 | 
 273 | func Test_parseLine_Target_Invalid(t *testing.T) {
 274 | 	scope := "Consequuntur et aut saepe quibusdam quia. Nostrum aut et et ea ea. Ducimus dolore aut unde. Unde a eligendi repudiandae tempore corrupti."
 275 | 	result, err := parseLine(scope, false)
 276 | 	equals(t, nil, result)
 277 | 	equals(t, ErrInvalidFormat, err)
 278 | }
 279 | 
 280 | func Test_parseLine_Target_URL_Scheme_Invalid(t *testing.T) {
 281 | 	scope := "https://Consequuntur et aut saepe quibusdam quia. Nostrum aut et et ea ea. Ducimus dolore aut unde. Unde a eligendi repudiandae tempore corrupti."
 282 | 	result, err := parseLine(scope, false)
 283 | 	equals(t, nil, result)
 284 | 	equals(t, ErrInvalidFormat, err)
 285 | }
 286 | 
 287 | // Targets that are URLs with paths are expected to work
 288 | func Test_parseLine_Target_URL_Hostname_WithPath(t *testing.T) {
 289 | 	scope := "https://example.com/path/to/something.html"
 290 | 	parsedScope, _ := url.Parse(scope)
 291 | 	result, err := parseLine(scope, false)
 292 | 
 293 | 	equals(t, err, nil)
 294 | 	equals(t, parsedScope, result)
 295 | 
 296 | }
 297 | 
 298 | // Targets that are URLs with paths are expected to work
 299 | func Test_parseLine_Target_URL_Hostname_Port_WithPath(t *testing.T) {
 300 | 	scope := "https://example.com:80/path/to/something.html"
 301 | 	parsedScope, _ := url.Parse(scope)
 302 | 	result, err := parseLine(scope, false)
 303 | 
 304 | 	equals(t, err, nil)
 305 | 	equals(t, parsedScope, result)
 306 | 
 307 | }
 308 | 
 309 | // Targets that are URLs with paths are expected to work
 310 | func Test_parseLine_Target_URL_Hostname_NoScheme_WithPath(t *testing.T) {
 311 | 	scope := "example.com/path/to/something.html"
 312 | 	parsedScope, _ := url.Parse("https://" + scope)
 313 | 	result, err := parseLine(scope, false)
 314 | 
 315 | 	equals(t, err, nil)
 316 | 	equals(t, parsedScope, result)
 317 | 
 318 | }
 319 | 
 320 | // Targets that are URLs with paths are expected to work
 321 | func Test_parseLine_Target_URL_Hostname_Port_NoScheme_WithPath(t *testing.T) {
 322 | 	scope := "example.com:80/path/to/something.html"
 323 | 	parsedScope, _ := url.Parse("https://" + scope)
 324 | 	result, err := parseLine(scope, false)
 325 | 
 326 | 	equals(t, err, nil)
 327 | 	equals(t, parsedScope, result)
 328 | 
 329 | }
 330 | 
 331 | // Targets that are URLs with paths are expected to work
 332 | func Test_parseLine_Target_URL_IPv4_WithPath(t *testing.T) {
 333 | 	scope := "https://192.168.1.0/path/to/something.html"
 334 | 	scopeAsIP := net.ParseIP("192.168.1.0")
 335 | 	parsedScope := URLWithIPAddressHost{rawURL: scope, IPhost: scopeAsIP}
 336 | 	result, err := parseLine(scope, false)
 337 | 
 338 | 	checkForErrors(t, err)
 339 | 	equals(t, &parsedScope, result)
 340 | 
 341 | }
 342 | 
 343 | // Targets that are URLs with paths are expected to work
 344 | func Test_parseLine_Target_URL_IPv4_NoScheme_WithPath(t *testing.T) {
 345 | 	scope := "192.168.1.0/path/to/something.html"
 346 | 	scopeAsIP := net.ParseIP("192.168.1.0")
 347 | 	parsedScope := URLWithIPAddressHost{rawURL: scope, IPhost: scopeAsIP}
 348 | 	result, err := parseLine(scope, false)
 349 | 
 350 | 	checkForErrors(t, err)
 351 | 	got := result.(*URLWithIPAddressHost)
 352 | 	if parsedScope.IPhost.String() != got.IPhost.String() || parsedScope.rawURL != got.rawURL {
 353 | 		t.Errorf("expected %+v, got %+v", parsedScope, got)
 354 | 	}
 355 | 
 356 | }
 357 | 
 358 | // Targets that are URLs with paths are expected to work
 359 | func Test_parseLine_Target_URL_IPv4_Port_NoScheme_WithPath(t *testing.T) {
 360 | 	scope := "192.168.1.0:80/path/to/something.html"
 361 | 	scopeAsIP := net.ParseIP("192.168.1.0")
 362 | 	parsedScope := URLWithIPAddressHost{rawURL: scope, IPhost: scopeAsIP}
 363 | 	result, err := parseLine(scope, false)
 364 | 
 365 | 	checkForErrors(t, err)
 366 | 	equals(t, &parsedScope, result)
 367 | 
 368 | }
 369 | 
 370 | // -----------------------------------
 371 | //     TESTING THE SCOPE MATCHING
 372 | 
 373 | func Test_isInscope_CIDR_IPv4(t *testing.T) {
 374 | 	var result bool
 375 | 	var scopes []interface{}
 376 | 	assetIP := net.ParseIP("192.168.0.1")
 377 | 	scope := "https://192.168.0.1/path/to/stuff"
 378 | 	assetURLWithIPHost := URLWithIPAddressHost{rawURL: scope, IPhost: assetIP}
 379 | 	assetURLPtr, _ := url.Parse("https://example.com/path/to/stuff")
 380 | 	assetURL := *assetURLPtr
 381 | 	var iface interface{}
 382 | 
 383 | 	// Test inscope CIDR. --explicit-level=1
 384 | 	_, cidr, _ := net.ParseCIDR("192.168.0.1/24")
 385 | 	scopes = []interface{}{cidr}
 386 | 
 387 | 	explicitLevel := 1
 388 | 
 389 | 	iface = &assetIP
 390 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 391 | 	equals(t, true, result)
 392 | 	iface = &assetURLWithIPHost
 393 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 394 | 	equals(t, true, result)
 395 | 	iface = &assetURL
 396 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 397 | 	equals(t, false, result)
 398 | 
 399 | 	// Test out-of-scope CIDR. --explicit-level=1
 400 | 	_, cidr, _ = net.ParseCIDR("192.168.1.1/24")
 401 | 	scopes = []interface{}{cidr}
 402 | 
 403 | 	iface = &assetIP
 404 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 405 | 	equals(t, false, result)
 406 | 	iface = &assetURLWithIPHost
 407 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 408 | 	equals(t, false, result)
 409 | 	iface = &assetURL
 410 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 411 | 	equals(t, false, result)
 412 | 
 413 | 	// Test inscope CIDR. --explicit-level=2
 414 | 	// --explicit-level=2 shouldn't affect IP address scope matching.
 415 | 	_, cidr, _ = net.ParseCIDR("192.168.0.1/24")
 416 | 	scopes = []interface{}{cidr}
 417 | 
 418 | 	explicitLevel = 2
 419 | 
 420 | 	iface = &assetIP
 421 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 422 | 	equals(t, true, result)
 423 | 	iface = &assetURLWithIPHost
 424 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 425 | 	equals(t, true, result)
 426 | 	iface = &assetURL
 427 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 428 | 	equals(t, false, result)
 429 | 
 430 | 	// Test out-of-scope CIDR. --explicit-level=2
 431 | 	_, cidr, _ = net.ParseCIDR("192.168.1.1/24")
 432 | 	scopes = []interface{}{cidr}
 433 | 
 434 | 	iface = &assetIP
 435 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 436 | 	equals(t, false, result)
 437 | 	iface = &assetURLWithIPHost
 438 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 439 | 	equals(t, false, result)
 440 | 	iface = &assetURL
 441 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 442 | 	equals(t, false, result)
 443 | 
 444 | 	// Test inscope CIDR. --explicit-level=3
 445 | 	// --explicit-level=3 should disable CIDR range matching.
 446 | 	_, cidr, _ = net.ParseCIDR("192.168.0.1/24")
 447 | 	scopes = []interface{}{cidr}
 448 | 
 449 | 	explicitLevel = 3
 450 | 
 451 | 	iface = &assetIP
 452 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 453 | 	equals(t, false, result)
 454 | 	iface = &assetURLWithIPHost
 455 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 456 | 	equals(t, false, result)
 457 | 	iface = &assetURL
 458 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 459 | 	equals(t, false, result)
 460 | 
 461 | 	// Test out-of-scope CIDR. --explicit-level=3
 462 | 	_, cidr, _ = net.ParseCIDR("192.168.1.1/24")
 463 | 	scopes = []interface{}{cidr}
 464 | 
 465 | 	iface = &assetIP
 466 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 467 | 	equals(t, false, result)
 468 | 	iface = &assetURLWithIPHost
 469 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 470 | 	equals(t, false, result)
 471 | 	iface = &assetURL
 472 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 473 | 	equals(t, false, result)
 474 | }
 475 | 
 476 | func Test_isInscope_CIDR_IPv6(t *testing.T) {
 477 | 	var result bool
 478 | 	var scopes []interface{}
 479 | 	var iface interface{}
 480 | 	assetIP := net.ParseIP("2001:DB8:0000:0000:0000:0000:0000:0001")
 481 | 	assetURLWithIPHost := URLWithIPAddressHost{rawURL: "https://2001:DB8:0000:0000:0000:0000:0000:0001/path/to/stuff", IPhost: assetIP}
 482 | 	assetURL, _ := url.Parse("https://example.com/path/to/stuff")
 483 | 
 484 | 	// Test inscope CIDR. --explicit-level=1
 485 | 	_, cidr, _ := net.ParseCIDR("2001:DB8::/32")
 486 | 	scopes = []interface{}{cidr}
 487 | 
 488 | 	explicitLevel := 1
 489 | 
 490 | 	iface = &assetIP
 491 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 492 | 	equals(t, true, result)
 493 | 	iface = &assetURLWithIPHost
 494 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 495 | 	equals(t, true, result)
 496 | 	iface = &assetURL
 497 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 498 | 	equals(t, false, result)
 499 | 
 500 | 	// Test out-of-scope CIDR. --explicit-level=1
 501 | 	_, cidr, _ = net.ParseCIDR("2001:DB9::/32")
 502 | 	scopes = []interface{}{cidr}
 503 | 
 504 | 	iface = &assetIP
 505 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 506 | 	equals(t, false, result)
 507 | 	iface = &assetURLWithIPHost
 508 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 509 | 	equals(t, false, result)
 510 | 	iface = &assetURL
 511 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 512 | 	equals(t, false, result)
 513 | 
 514 | 	// Test inscope CIDR. --explicit-level=2
 515 | 	// --explicit-level=2 shouldn't affect IP address scope matching.
 516 | 	_, cidr, _ = net.ParseCIDR("2001:DB8::/32")
 517 | 	scopes = []interface{}{cidr}
 518 | 
 519 | 	explicitLevel = 2
 520 | 
 521 | 	iface = &assetIP
 522 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 523 | 	equals(t, true, result)
 524 | 	iface = &assetURLWithIPHost
 525 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 526 | 	equals(t, true, result)
 527 | 	iface = &assetURL
 528 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 529 | 	equals(t, false, result)
 530 | 
 531 | 	// Test out-of-scope CIDR. --explicit-level=2
 532 | 	_, cidr, _ = net.ParseCIDR("2001:DB9::/32")
 533 | 	scopes = []interface{}{cidr}
 534 | 
 535 | 	iface = &assetIP
 536 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 537 | 	equals(t, false, result)
 538 | 	iface = &assetURLWithIPHost
 539 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 540 | 	equals(t, false, result)
 541 | 	iface = &assetURL
 542 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 543 | 	equals(t, false, result)
 544 | 
 545 | 	// Test inscope CIDR. --explicit-level=3
 546 | 	// --explicit-level=3 should disable CIDR range matching.
 547 | 	_, cidr, _ = net.ParseCIDR("2001:DB8::/32")
 548 | 	scopes = []interface{}{cidr}
 549 | 
 550 | 	explicitLevel = 3
 551 | 
 552 | 	iface = &assetIP
 553 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 554 | 	equals(t, false, result)
 555 | 	iface = &assetURLWithIPHost
 556 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 557 | 	equals(t, false, result)
 558 | 	iface = &assetURL
 559 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 560 | 	equals(t, false, result)
 561 | 
 562 | 	// Test out-of-scope CIDR. --explicit-level=3
 563 | 	_, cidr, _ = net.ParseCIDR("2001:DB9::/32")
 564 | 	scopes = []interface{}{cidr}
 565 | 
 566 | 	iface = &assetIP
 567 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 568 | 	equals(t, false, result)
 569 | 	iface = &assetURLWithIPHost
 570 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 571 | 	equals(t, false, result)
 572 | 	iface = &assetURL
 573 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 574 | 	equals(t, false, result)
 575 | }
 576 | 
 577 | func Test_isInscope_URL(t *testing.T) {
 578 | 
 579 | 	var result bool
 580 | 	var scopes []interface{}
 581 | 	var iface interface{}
 582 | 	var explicitLevel int
 583 | 
 584 | 	assetIPv6 := net.ParseIP("2001:DB8:0000:0000:0000:0000:0000:0001")
 585 | 	temp := "https://2001:DB8:0000:0000:0000:0000:0000:0001/path/to/stuff"
 586 | 	assetURLWithIPv6Host := URLWithIPAddressHost{rawURL: temp, IPhost: assetIPv6}
 587 | 	assetIPv4 := net.ParseIP("192.168.0.1")
 588 | 	temp = "https://192.168.0.1/path/to/stuff"
 589 | 	assetURLWithIPv4Host := URLWithIPAddressHost{rawURL: temp, IPhost: assetIPv4}
 590 | 	pointerToassetURL, _ := url.Parse("https://example.com/path/to/stuff")
 591 | 	assetURL := *pointerToassetURL
 592 | 
 593 | 	scope := "example.com"
 594 | 	scopes = append(scopes, scope)
 595 | 	explicitLevel = 1
 596 | 
 597 | 	iface = &assetIPv4
 598 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 599 | 	equals(t, false, result)
 600 | 	iface = &assetURLWithIPv4Host
 601 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 602 | 	equals(t, false, result)
 603 | 	iface = &assetIPv6
 604 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 605 | 	equals(t, false, result)
 606 | 	iface = &assetURLWithIPv6Host
 607 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 608 | 	equals(t, false, result)
 609 | 	iface = &assetURL
 610 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 611 | 	equals(t, true, result)
 612 | 
 613 | 	pointerToassetURL, _ = url.Parse("https://unrelatedwebsite.com/path/to/stuff")
 614 | 	assetURL = *pointerToassetURL
 615 | 	// explicitLevel still equals 1
 616 | 
 617 | 	iface = &assetIPv4
 618 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 619 | 	equals(t, false, result)
 620 | 	iface = &assetURLWithIPv4Host
 621 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 622 | 	equals(t, false, result)
 623 | 	iface = &assetIPv6
 624 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 625 | 	equals(t, false, result)
 626 | 	iface = &assetURLWithIPv6Host
 627 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 628 | 	equals(t, false, result)
 629 | 	iface = &assetURL
 630 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 631 | 	equals(t, false, result)
 632 | 
 633 | 	pointerToassetURL, _ = url.Parse("https://somesubdomain.example.com/path/to/stuff")
 634 | 	assetURL = *pointerToassetURL
 635 | 	// explicitLevel still equals 1
 636 | 
 637 | 	iface = &assetIPv4
 638 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 639 | 	equals(t, false, result)
 640 | 	iface = &assetURLWithIPv4Host
 641 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 642 | 	equals(t, false, result)
 643 | 	iface = &assetIPv6
 644 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 645 | 	equals(t, false, result)
 646 | 	iface = &assetURLWithIPv6Host
 647 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 648 | 	equals(t, false, result)
 649 | 	iface = &assetURL
 650 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 651 | 	equals(t, true, result)
 652 | 
 653 | 	pointerToassetURL, _ = url.Parse("https://example.com/path/to/stuff")
 654 | 	assetURL = *pointerToassetURL
 655 | 	explicitLevel = 2
 656 | 
 657 | 	iface = &assetIPv4
 658 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 659 | 	equals(t, false, result)
 660 | 	iface = &assetURLWithIPv4Host
 661 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 662 | 	equals(t, false, result)
 663 | 	iface = &assetIPv6
 664 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 665 | 	equals(t, false, result)
 666 | 	iface = &assetURLWithIPv6Host
 667 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 668 | 	equals(t, false, result)
 669 | 	iface = &assetURL
 670 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 671 | 	equals(t, true, result) // Since the scope is still just "https://example.com", this should succeed
 672 | 
 673 | 	pointerToassetURL, _ = url.Parse("https://somesubdomain.example.com/path/to/stuff")
 674 | 	assetURL = *pointerToassetURL
 675 | 	// explicitLevel = 2
 676 | 
 677 | 	iface = &assetIPv4
 678 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 679 | 	equals(t, false, result)
 680 | 	iface = &assetURLWithIPv4Host
 681 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 682 | 	equals(t, false, result)
 683 | 	iface = &assetIPv6
 684 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 685 | 	equals(t, false, result)
 686 | 	iface = &assetURLWithIPv6Host
 687 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 688 | 	equals(t, false, result)
 689 | 	iface = &assetURL
 690 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 691 | 	equals(t, false, result) // Since the scope is still just "https://example.com", this should fail
 692 | 
 693 | 	myregex := regexp.MustCompile(`.*\.example.com`)
 694 | 	regexScope := &WildcardScope{scope: *myregex}
 695 | 	scopes = []interface{}{regexScope}
 696 | 
 697 | 	iface = &assetIPv4
 698 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 699 | 	equals(t, false, result)
 700 | 	iface = &assetURLWithIPv4Host
 701 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 702 | 	equals(t, false, result)
 703 | 	iface = &assetIPv6
 704 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 705 | 	equals(t, false, result)
 706 | 	iface = &assetURLWithIPv6Host
 707 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 708 | 	equals(t, false, result)
 709 | 	iface = &assetURL
 710 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 711 | 	equals(t, true, result) // Since the scope now has a wildcard, this should succeed.
 712 | 
 713 | 	explicitLevel = 3
 714 | 
 715 | 	iface = &assetIPv4
 716 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 717 | 	equals(t, false, result)
 718 | 	iface = &assetURLWithIPv4Host
 719 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 720 | 	equals(t, false, result)
 721 | 	iface = &assetIPv6
 722 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 723 | 	equals(t, false, result)
 724 | 	iface = &assetURLWithIPv6Host
 725 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 726 | 	equals(t, false, result)
 727 | 	iface = &assetURL
 728 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 729 | 	equals(t, false, result) // The scope has a wildcard, but in explicitlevel=3 wildcards are ignored. This should fail.
 730 | 
 731 | 	scope = "somesubdomain.example.com"
 732 | 	scopes = []interface{}{scope}
 733 | 
 734 | 	iface = &assetIPv4
 735 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 736 | 	equals(t, false, result)
 737 | 	iface = &assetURLWithIPv4Host
 738 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 739 | 	equals(t, false, result)
 740 | 	iface = &assetIPv6
 741 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 742 | 	equals(t, false, result)
 743 | 	iface = &assetURLWithIPv6Host
 744 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 745 | 	equals(t, false, result)
 746 | 	iface = &assetURL
 747 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 748 | 	equals(t, true, result) // The scope is now explicit. This should succeed.
 749 | 
 750 | 	scopeRegex := regexp.MustCompile(`^\w+:\/\/db[0-9][0-9][0-9]\.mycompany\.ec2\.amazonaws\.com.*$`)
 751 | 	scopes = []interface{}{scopeRegex}
 752 | 	pointerToassetURL, _ = url.Parse("http://db123.mycompany.ec2.amazonaws.com/path/to/stuff")
 753 | 	assetURL = *pointerToassetURL
 754 | 	for explicitLevel = 1; explicitLevel < 3; explicitLevel++ {
 755 | 		iface = &assetIPv4
 756 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 757 | 		equals(t, false, result)
 758 | 		iface = &assetURLWithIPv4Host
 759 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 760 | 		equals(t, false, result)
 761 | 		iface = &assetIPv6
 762 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 763 | 		equals(t, false, result)
 764 | 		iface = &assetURLWithIPv6Host
 765 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 766 | 		equals(t, false, result)
 767 | 		iface = &assetURL
 768 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 769 | 		equals(t, true, result) // The scope is now explicit. But regex scopes aren't disabled by --explicit-level=3. This should succeed.
 770 | 
 771 | 	}
 772 | 
 773 | 	pointerToassetURL, _ = url.Parse("http://db123.someothercompany.ec2.amazonaws.com/path/to/stuff")
 774 | 	assetURL = *pointerToassetURL
 775 | 	for explicitLevel = 1; explicitLevel < 3; explicitLevel++ {
 776 | 		iface = &assetIPv4
 777 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 778 | 		equals(t, false, result)
 779 | 		iface = &assetURLWithIPv4Host
 780 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 781 | 		equals(t, false, result)
 782 | 		iface = &assetIPv6
 783 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 784 | 		equals(t, false, result)
 785 | 		iface = &assetURLWithIPv6Host
 786 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 787 | 		equals(t, false, result)
 788 | 		iface = &assetURL
 789 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 790 | 		equals(t, false, result) // The scope is now explicit. This should fail.
 791 | 	}
 792 | 
 793 | }
 794 | 
 795 | func Test_isInscope_IP(t *testing.T) {
 796 | 	var result bool
 797 | 	var scope net.IP
 798 | 	var scopes []interface{}
 799 | 	var iface interface{}
 800 | 	var explicitLevel int
 801 | 
 802 | 	assetIPv6 := net.ParseIP("2001:DB8:0000:0000:0000:0000:0000:0001")
 803 | 	temp := "https://2001:DB8:0000:0000:0000:0000:0000:0001/path/to/stuff"
 804 | 	assetURLWithIPv6Host := URLWithIPAddressHost{rawURL: temp, IPhost: assetIPv6}
 805 | 	assetIPv4 := net.ParseIP("192.168.0.1")
 806 | 	temp = "https://192.168.0.1/path/to/stuff"
 807 | 	assetURLWithIPv4Host := URLWithIPAddressHost{rawURL: temp, IPhost: assetIPv4}
 808 | 	pointerToassetURL, _ := url.Parse("https://example.com/path/to/stuff")
 809 | 	assetURL := *pointerToassetURL
 810 | 
 811 | 	for explicitLevel = 1; explicitLevel <= 3; explicitLevel++ {
 812 | 		scope = net.ParseIP("192.168.0.1")
 813 | 		scopes = []interface{}{&scope}
 814 | 
 815 | 		iface = &assetIPv4
 816 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 817 | 		equals(t, true, result)
 818 | 		iface = &assetURLWithIPv4Host
 819 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 820 | 		equals(t, true, result)
 821 | 		iface = &assetIPv6
 822 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 823 | 		equals(t, false, result)
 824 | 		iface = &assetURLWithIPv6Host
 825 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 826 | 		equals(t, false, result)
 827 | 		iface = &assetURL
 828 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 829 | 		equals(t, false, result)
 830 | 
 831 | 		scope = net.ParseIP("192.168.0.2")
 832 | 		scopes = []interface{}{&scope}
 833 | 
 834 | 		iface = &assetIPv4
 835 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 836 | 		equals(t, false, result)
 837 | 		iface = &assetURLWithIPv4Host
 838 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 839 | 		equals(t, false, result)
 840 | 		iface = &assetIPv6
 841 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 842 | 		equals(t, false, result)
 843 | 		iface = &assetURLWithIPv6Host
 844 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 845 | 		equals(t, false, result)
 846 | 		iface = &assetURL
 847 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 848 | 		equals(t, false, result)
 849 | 
 850 | 		scope = net.ParseIP("2001:DB8:0000:0000:0000:0000:0000:0001")
 851 | 		scopes = []interface{}{&scope}
 852 | 
 853 | 		iface = &assetIPv4
 854 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 855 | 		equals(t, false, result)
 856 | 		iface = &assetURLWithIPv4Host
 857 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 858 | 		equals(t, false, result)
 859 | 		iface = &assetIPv6
 860 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 861 | 		equals(t, true, result)
 862 | 		iface = &assetURLWithIPv6Host
 863 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 864 | 		equals(t, true, result)
 865 | 		iface = &assetURL
 866 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 867 | 		equals(t, false, result)
 868 | 
 869 | 		scope = net.ParseIP("2001:DB9:0000:0000:0000:0000:0000:0001")
 870 | 		scopes = []interface{}{&scope}
 871 | 
 872 | 		iface = &assetIPv4
 873 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 874 | 		equals(t, false, result)
 875 | 		iface = &assetURLWithIPv4Host
 876 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 877 | 		equals(t, false, result)
 878 | 		iface = &assetIPv6
 879 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 880 | 		equals(t, false, result)
 881 | 		iface = &assetURLWithIPv6Host
 882 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 883 | 		equals(t, false, result)
 884 | 		iface = &assetURL
 885 | 		result = isInscope(&scopes, &iface, &explicitLevel)
 886 | 		equals(t, false, result)
 887 | 	}
 888 | 
 889 | 	// Test nmap-like input (last octet)
 890 | 	nmapScope, err := parseLine("192.168.0.1-4", true)
 891 | 	if err != nil {
 892 | 		panic(err)
 893 | 	}
 894 | 	scopes = []interface{}{nmapScope}
 895 | 
 896 | 	explicitLevel = 1
 897 | 
 898 | 	iface = &assetIPv4
 899 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 900 | 	equals(t, true, result)
 901 | 	assetIPv4 = net.ParseIP("192.168.0.2")
 902 | 	iface = &assetIPv4
 903 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 904 | 	equals(t, true, result)
 905 | 	assetIPv4 = net.ParseIP("192.168.0.3")
 906 | 	iface = &assetIPv4
 907 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 908 | 	equals(t, true, result)
 909 | 	assetIPv4 = net.ParseIP("192.168.0.5")
 910 | 	iface = &assetIPv4
 911 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 912 | 	equals(t, false, result)
 913 | 
 914 | 	// Test nmap-like input (middle octet)
 915 | 	nmapScope, err = parseLine("192.168.0-4.1", true)
 916 | 	if err != nil {
 917 | 		panic(err)
 918 | 	}
 919 | 	scopes = []interface{}{nmapScope}
 920 | 
 921 | 	explicitLevel = 1
 922 | 
 923 | 	assetIPv4 = net.ParseIP("192.168.0.1")
 924 | 	iface = &assetIPv4
 925 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 926 | 	equals(t, true, result)
 927 | 	assetIPv4 = net.ParseIP("192.168.2.1")
 928 | 	iface = &assetIPv4
 929 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 930 | 	equals(t, true, result)
 931 | 	assetIPv4 = net.ParseIP("192.168.3.1")
 932 | 	iface = &assetIPv4
 933 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 934 | 	equals(t, true, result)
 935 | 	assetIPv4 = net.ParseIP("192.168.1.2")
 936 | 	iface = &assetIPv4
 937 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 938 | 	equals(t, false, result)
 939 | 	assetIPv4 = net.ParseIP("192.168.2.2")
 940 | 	iface = &assetIPv4
 941 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 942 | 	equals(t, false, result)
 943 | 
 944 | 	// Test nmap-like input (middle octet, with commas)
 945 | 	nmapScope, err = parseLine("192.168.0-4,6.1", true)
 946 | 	if err != nil {
 947 | 		panic(err)
 948 | 	}
 949 | 	scopes = []interface{}{nmapScope}
 950 | 
 951 | 	explicitLevel = 1
 952 | 
 953 | 	assetIPv4 = net.ParseIP("192.168.0.1")
 954 | 	iface = &assetIPv4
 955 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 956 | 	equals(t, true, result)
 957 | 	assetIPv4 = net.ParseIP("192.168.2.1")
 958 | 	iface = &assetIPv4
 959 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 960 | 	equals(t, true, result)
 961 | 	assetIPv4 = net.ParseIP("192.168.3.1")
 962 | 	iface = &assetIPv4
 963 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 964 | 	equals(t, true, result)
 965 | 	assetIPv4 = net.ParseIP("192.168.1.2")
 966 | 	iface = &assetIPv4
 967 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 968 | 	equals(t, false, result)
 969 | 	assetIPv4 = net.ParseIP("192.168.2.2")
 970 | 	iface = &assetIPv4
 971 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 972 | 	equals(t, false, result)
 973 | 	assetIPv4 = net.ParseIP("192.168.4.1")
 974 | 	iface = &assetIPv4
 975 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 976 | 	equals(t, true, result)
 977 | 	assetIPv4 = net.ParseIP("192.168.5.1")
 978 | 	iface = &assetIPv4
 979 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 980 | 	equals(t, false, result)
 981 | 	assetIPv4 = net.ParseIP("192.168.6.1")
 982 | 	iface = &assetIPv4
 983 | 	result = isInscope(&scopes, &iface, &explicitLevel)
 984 | 	equals(t, true, result)
 985 | 
 986 | }
 987 | 
 988 | /*
 989 | func Example_parseOutOfScopes() {
 990 | 	// Test with an invalid out-of-scope string
 991 | 	// In context, this function would print a warning to stderr and return false
 992 | 	// However, for testing purposes, we will just check the stederr output
 993 | 	assetURL, _ := url.Parse("https://example.com")
 994 | 	outOfScopeString := "this is not even close to a URL"
 995 | 
 996 | 	out := capturer.CaptureStderr(func() {
 997 | 		_ = parseOutOfScopes(assetURL, outOfScopeString, nil)
 998 | 	})
 999 | 
1000 | 	fmt.Println(out)
1001 | 	// Output: [WARNING]: Couldn't parse out-of-scope "https://this is not even close to a URL" as a URL.
1002 | }
1003 | */
1004 | /*
1005 | func Test_updateFireBountyJSON(t *testing.T) {
1006 | 	// This test just verifies if the firebountyAPIURL is still available online, and if the JSON it returns still matches the expected structure.
1007 | 	// firebountyAPIURL is a global variable defined in the main package.
1008 | 	// First, we test if the URL is reachable with a HEAD request.
1009 | 	fmt.Println(firebountyAPIURL)
1010 | 	resp, err := http.Head("https://firebounty.com/api/v1/scope/all/url_only/")
1011 | 	// if error is not nil and the response body has more than 1 byte, we fail the test.
1012 | 	if err != nil || resp == nil || resp.ContentLength < 1 {
1013 | 		t.Fatalf("Failed to reach firebounty API URL: %v", err)
1014 | 	} else {
1015 | 		// If the HEAD request is successful, we proceed to test the JSON structure.
1016 | 		// We can use a simple HTTP GET request to fetch the JSON.
1017 | 		resp, err = http.Get(firebountyAPIURL)
1018 | 		checkForErrors(t, err)
1019 | 		defer resp.Body.Close()
1020 | 
1021 | 		// We can check if the Content-Type is application/json
1022 | 		if resp.Header.Get("Content-Type") != "application/json" {
1023 | 			t.Fatalf("Expected Content-Type application/json, got %s", resp.Header.Get("Content-Type"))
1024 | 		}
1025 | 
1026 | 		// We can also check if the response body is not empty
1027 | 		if resp.ContentLength == 0 {
1028 | 			t.Fatal("Expected non-empty response body")
1029 | 		}
1030 | 	}
1031 | }
1032 | */
1033 | 
1034 | func Test_removePortFromHost(t *testing.T) {
1035 | 	// testURL must be in a variable of type *url.URL, which contains "https://example.com:8080/path?query=123"
1036 | 	testURL, _ := url.Parse("https://example.com:8080/path?query=123")
1037 | 	value := removePortFromHost(testURL)
1038 | 	equals(t, "example.com", value)
1039 | }
1040 | 


--------------------------------------------------------------------------------
/src/hacker-scoper/main.go:
--------------------------------------------------------------------------------
   1 | package main
   2 | 
   3 | import (
   4 | 	"bufio"
   5 | 	"encoding/json"
   6 | 	"errors"
   7 | 	"flag"
   8 | 	"fmt"
   9 | 	"io"
  10 | 	"net"
  11 | 	"net/http"
  12 | 	"net/url"
  13 | 	"os"
  14 | 	"path/filepath"
  15 | 	"regexp"
  16 | 	"runtime"
  17 | 	"strconv"
  18 | 	"strings"
  19 | 	"sync"
  20 | 	"time"
  21 | 	"unicode"
  22 | 
  23 | 	"golang.org/x/net/publicsuffix"
  24 | )
  25 | 
  26 | const firebountyAPIURL = "https://firebounty.com/api/v1/scope/all/url_only/"
  27 | const firebountyJSONFilename = "firebounty-scope-url_only.json"
  28 | 
  29 | var firebountyJSONPath string
  30 | 
  31 | var ErrInvalidFormat = errors.New("invalid format: not IP, CIDR, or URL")
  32 | 
  33 | type URLWithIPAddressHost struct {
  34 | 	rawURL string
  35 | 	IPhost net.IP
  36 | }
  37 | 
  38 | type WildcardScope struct {
  39 | 	scope regexp.Regexp
  40 | }
  41 | 
  42 | type NmapIPRange struct {
  43 | 	Octets [4][]uint8 // Each octet can be a list of allowed values
  44 | 	Raw    string     // Original string for reference
  45 | }
  46 | 
  47 | // https://tutorialedge.net/golang/parsing-json-with-golang/
  48 | type Scope struct {
  49 | 	Scope      string //either a domain, or a wildcard domain
  50 | 	Scope_type string //we only care about "web_application"
  51 | }
  52 | 
  53 | type Program struct {
  54 | 	Firebounty_url string //url.URL not allowed appearently
  55 | 	Scopes         struct {
  56 | 		In_scopes     []Scope
  57 | 		Out_of_scopes []Scope
  58 | 	}
  59 | 	Slug string
  60 | 	Tag  string
  61 | 	Url  string //url.URL not allowed appearently
  62 | 	Name string
  63 | }
  64 | 
  65 | type firebountySearchMatch struct {
  66 | 	companyIndex int
  67 | 	companyName  string
  68 | }
  69 | 
  70 | // Define a minimal struct for just the company names
  71 | type PartialProgram struct {
  72 | 	Name string `json:"name"`
  73 | }
  74 | 
  75 | type PartialFirebounty struct {
  76 | 	Pgms []PartialProgram `json:"pgms"`
  77 | }
  78 | 
  79 | type parseResult struct {
  80 | 	value interface{}
  81 | 	line  string
  82 | 	err   error
  83 | }
  84 | 
  85 | type targetResult struct {
  86 | 	index         int
  87 | 	parsedTarget  interface{}
  88 | 	err           error
  89 | 	isInsideScope bool
  90 | 	isUnsure      bool
  91 | 	targetStr     string
  92 | }
  93 | 
  94 | var chainMode bool
  95 | 
  96 | const colorReset = "\033[0m"
  97 | const colorYellow = "\033[33m"
  98 | const colorRed = "\033[38;2;255;0;0m"
  99 | const colorGreen = "\033[38;2;37;255;36m"
 100 | const colorBlue = "\033[38;2;0;204;255m"
 101 | 
 102 | func main() {
 103 | 
 104 | 	StartBenchmark()
 105 | 
 106 | 	var targetsListFilepath string
 107 | 	var includeUnsure bool
 108 | 	var inscopeOutputFile string
 109 | 	var outputDomainsOnly bool
 110 | 
 111 | 	var quietMode bool
 112 | 	var showVersion bool
 113 | 	var company string
 114 | 	var inscopeExplicitLevel int //should only be [0], 1, or 2
 115 | 	var noscopeExplicitLevel int //should only be [0], 1, or 2
 116 | 	var scopesListFilepath string
 117 | 	var outofScopesListFilepath string
 118 | 	var privateTLDsAreEnabled bool
 119 | 
 120 | 	const usage = `Hacker-scoper is a GoLang tool designed to assist cybersecurity professionals in bug bounty programs. It identifies and excludes URLs and IP addresses that fall outside a program's scope by comparing input targets (URLs/IPs) against a locally cached [FireBounty](https://firebounty.com) database of scraped scope data. Users may also supply a custom scope list for validation.
 121 | 
 122 | ` + colorBlue + `Usage:` + colorReset + ` hacker-scoper --file /path/to/targets [--company company | --inscopes-file /path/to/inscopes [--outofscopes-file /path/to/outofscopes] [--enable-private-tlds]] [--inscope-explicit-level INT] [--noscope-explicit-level INT] [--chain-mode] [--database /path/to/firebounty.json] [--include-unsure] [--output /path/to/outputfile] [--hostnames-only]
 123 | 
 124 | ` + colorBlue + `Usage examples:` + colorReset + `
 125 |   Example: Cat a file, and lookup scopes on firebounty
 126 |   ` + colorGreen + `cat recon-targets.txt | hacker-scoper -c google` + colorReset + `
 127 | 
 128 |   Example: Cat a file, and use the .inscope & .noscope files
 129 |   ` + colorGreen + `cat recon-targets.txt | hacker-scoper` + colorReset + `
 130 | 
 131 |   Example: Manually pick a file, lookup scopes on firebounty, and set inscope explicit-level
 132 |   ` + colorGreen + `hacker-scoper -f recon-targets.txt -c google -ie 2` + colorReset + `
 133 | 
 134 |   Example: Manually pick a file, use custom scopes and out-of-scope files, and set inscope explicit-level
 135 |   ` + colorGreen + `hacker-scoper -f recon-targets.txt -ins inscope -oos noscope.txt -ie 2 ` + colorReset + `
 136 | 
 137 | ` + colorBlue + `Usage notes:` + colorReset + `
 138 |   If no company and no inscope file is specified, hacker-scoper will look for ".inscope" and ".noscope" files in the current or in parent directories.
 139 | 
 140 | ` + colorBlue + `List of all possible arguments:` + colorReset + `
 141 |   -c, --company string
 142 |       Specify the company name to lookup.
 143 | 
 144 |   -f, --file string
 145 |       Path to your file containing URLs
 146 | 
 147 |   -ins, --inscope, --in-scope, --in-scope-file, --inscope-file string
 148 |       Path to a custom plaintext file containing scopes
 149 | 
 150 |   -oos, --outofscope, --out-of-scope, --out-of-scope-file, --outofscope-file string
 151 |       Path to a custom plaintext file containing scopes exclusions
 152 | 
 153 |   -ie, --inscope-explicit-level int
 154 |   -oe, --noscope-explicit-level int
 155 |       How explicit we expect the scopes to be:
 156 |         (default) 1: Include subdomains in the scope even if there's not a wildcard in the scope.
 157 |                   2: Include subdomains in the scope only if there's a wildcard in the scope.
 158 |                   3: Include subdomains/IPs in the scope only if they are explicitly within the scope. CIDR ranges and wildcards are disabled.
 159 | 
 160 |   --enable-private-tlds
 161 |       Set this flag to enable the use of company scope domains with private TLDs. This essentially disables the bug-bounty-program misconfiguration detection.
 162 | 
 163 |   -ch, --chain-mode, --plain, --raw, --no-ansi
 164 |       In "chain-mode" we only output the important information. No decorations.
 165 | 	    Default: false
 166 | 
 167 |   --database string
 168 |       Custom path to the cached firebounty database.
 169 | 	  	Default:
 170 | 		- Windows: %APPDATA%\hacker-scoper\
 171 | 		- Linux: /etc/hacker-scoper/
 172 | 
 173 |   -iu, --include-unsure
 174 |       Include "unsure" assets in the output. An unsure asset is an asset that's not in scope, but is also not out of scope. Very probably unrelated to the bug bounty program.
 175 | 
 176 |   -o, --output string
 177 |       Save the inscope assets to a file
 178 | 
 179 |   --quiet
 180 |       Disable command-line output.
 181 | 
 182 |   -ho, --hostnames-only
 183 |       When handling URLs, output only their hostnames instead of the full URLs
 184 | 
 185 |   --version
 186 |       Show the installed version
 187 | 
 188 | `
 189 | 
 190 | 	flag.StringVar(&company, "c", "", "Specify the company name to lookup.")
 191 | 	flag.StringVar(&company, "company", "", "Specify the company name to lookup.")
 192 | 	flag.StringVar(&targetsListFilepath, "f", "", "Path to your file containing URLs")
 193 | 	flag.StringVar(&targetsListFilepath, "file", "", "Path to your file containing URLs")
 194 | 	flag.StringVar(&scopesListFilepath, "ins", "", "Path to a custom plaintext file containing scopes")
 195 | 	flag.StringVar(&scopesListFilepath, "inscope", "", "Path to a custom plaintext file containing scopes")
 196 | 	flag.StringVar(&scopesListFilepath, "in-scope", "", "Path to a custom plaintext file containing scopes")
 197 | 	flag.StringVar(&scopesListFilepath, "in-scope-file", "", "Path to a custom plaintext file containing scopes")
 198 | 	flag.StringVar(&scopesListFilepath, "inscope-file", "", "Path to a custom plaintext file containing scopes")
 199 | 	flag.StringVar(&outofScopesListFilepath, "oos", "", "Path to a custom plaintext file containing scopes exclusions")
 200 | 	flag.StringVar(&outofScopesListFilepath, "outofscope", "", "Path to a custom plaintext file containing scopes exclusions")
 201 | 	flag.StringVar(&outofScopesListFilepath, "out-of-scope", "", "Path to a custom plaintext file containing scopes exclusions")
 202 | 	flag.StringVar(&outofScopesListFilepath, "outofscope-file", "", "Path to a custom plaintext file containing scopes exclusions")
 203 | 	flag.StringVar(&outofScopesListFilepath, "out-of-scope-file", "", "Path to a custom plaintext file containing scopes exclusions")
 204 | 	flag.IntVar(&inscopeExplicitLevel, "ie", 1, "Level of explicity expected. ([1]/2/3)")
 205 | 	flag.IntVar(&inscopeExplicitLevel, "inscope-explicit-level", 1, "Level of explicity expected. ([1]/2/3)")
 206 | 	flag.IntVar(&inscopeExplicitLevel, "in-scope-explicit-level", 1, "Level of explicity expected. ([1]/2/3)")
 207 | 	flag.IntVar(&noscopeExplicitLevel, "oe", 1, "Level of explicity expected. ([1]/2/3)")
 208 | 	flag.IntVar(&noscopeExplicitLevel, "noscope-explicit-level", 1, "Level of explicity expected. ([1]/2/3)")
 209 | 	flag.IntVar(&noscopeExplicitLevel, "no-scope-explicit-level", 1, "Level of explicity expected. ([1]/2/3)")
 210 | 	flag.BoolVar(&privateTLDsAreEnabled, "enable-private-tlds", false, "Set this flag to enable the use of company scope domains with private TLDs. This essentially disables the bug-bounty-program misconfiguration detection.")
 211 | 	flag.BoolVar(&chainMode, "ch", false, "Output only the important information. No decorations.")
 212 | 	flag.BoolVar(&chainMode, "chain-mode", false, "Output only the important information. No decorations.")
 213 | 	flag.BoolVar(&chainMode, "plain", false, "Output only the important information. No decorations.")
 214 | 	flag.BoolVar(&chainMode, "raw", false, "Output only the important information. No decorations.")
 215 | 	flag.BoolVar(&chainMode, "no-ansi", false, "Output only the important information. No decorations.")
 216 | 	flag.StringVar(&firebountyJSONPath, "database", "", "Custom path to the cached firebounty database")
 217 | 	flag.StringVar(&inscopeOutputFile, "o", "", "Save the inscope urls to a file")
 218 | 	flag.StringVar(&inscopeOutputFile, "output", "", "Save the inscope urls to a file")
 219 | 	flag.BoolVar(&quietMode, "quiet", false, "Disable command-line output.")
 220 | 	flag.BoolVar(&showVersion, "version", false, "Show installed version")
 221 | 	flag.BoolVar(&includeUnsure, "iu", false, "Include \"unsure\" URLs in the output. An unsure URL is a URL that's not in scope, but is also not out of scope. Very probably unrelated to the bug bounty program.")
 222 | 	flag.BoolVar(&includeUnsure, "include-unsure", false, "Include \"unsure\" URLs in the output. An unsure URL is a URL that's not in scope, but is also not out of scope. Very probably unrelated to the bug bounty program.")
 223 | 	flag.BoolVar(&outputDomainsOnly, "ho", false, "Output only domains instead of the full URLs")
 224 | 	flag.BoolVar(&outputDomainsOnly, "hostnames-only", false, "Output only domains instead of the full URLs")
 225 | 	//https://www.antoniojgutierrez.com/posts/2021-05-14-short-and-long-options-in-go-flags-pkg/
 226 | 	flag.Usage = func() { fmt.Print(usage) }
 227 | 	flag.Parse()
 228 | 
 229 | 	banner := `
 230 | '||                      '||                      '
 231 |  || ..    ....     ....   ||  ..    ....  ... ..     ....    ....    ...   ... ...    ....  ... ..
 232 |  ||' ||  '' .||  .|   ''  || .'   .|...||  ||' ''   ||. '  .|   '' .|  '|.  ||'  || .|...||  ||' ''
 233 |  ||  ||  .|' ||  ||       ||'|.   ||       ||       . '|.. ||      ||   ||  ||    | ||       ||
 234 | .||. ||. '|..'|'  '|...' .||. ||.  '|...' .||.      |'..|'  '|...'  '|..|'  ||...'   '|...' .||.
 235 |                                                                             ||
 236 |                                                                            ''''
 237 | `
 238 | 
 239 | 	if showVersion {
 240 | 		fmt.Print("hacker-scoper: v6.1.3\n")
 241 | 		os.Exit(0)
 242 | 	}
 243 | 
 244 | 	if quietMode && inscopeOutputFile == "" {
 245 | 		warning("--quiet was set, but no output file was specified. Program will do nothing.")
 246 | 		os.Exit(2)
 247 | 	}
 248 | 
 249 | 	// This avoids having to check both chainMode and quietMode in the future. Instead we can just check chainMode.
 250 | 	if quietMode && !chainMode {
 251 | 		chainMode = quietMode
 252 | 	}
 253 | 
 254 | 	if firebountyJSONPath == "" {
 255 | 		firebountyJSONPath = getFirebountyJSONPath()
 256 | 		if firebountyJSONPath == "" && !chainMode {
 257 | 			warning("This OS isn't officially supported. The firebounty JSON will be downloaded in the current working directory. To override this behaviour, use the \"--database\" flag.")
 258 | 		}
 259 | 	} else {
 260 | 		//If the folder exists...
 261 | 		_, err := os.Stat(firebountyJSONPath)
 262 | 		if errors.Is(err, os.ErrNotExist) {
 263 | 			//Create the folder
 264 | 			err := os.Mkdir(firebountyJSONPath, 0600)
 265 | 			if err != nil {
 266 | 				crash("Unable to create the folder \""+firebountyJSONPath+"\"", err)
 267 | 			}
 268 | 		} else if err != nil {
 269 | 			// Schrodinger: file may or may not exist. See err for details.
 270 | 			crash("Could not verify existance of the folder \""+firebountyJSONPath+"\"!", err)
 271 | 		}
 272 | 	}
 273 | 
 274 | 	firebountyJSONPath = firebountyJSONPath + firebountyJSONFilename
 275 | 
 276 | 	if !chainMode {
 277 | 		fmt.Println(banner)
 278 | 	}
 279 | 
 280 | 	//validate arguments
 281 | 	if inscopeExplicitLevel != 1 && inscopeExplicitLevel != 2 && inscopeExplicitLevel != 3 {
 282 | 		var err error
 283 | 		crash("Invalid in-scope explicit-level selected", err)
 284 | 	}
 285 | 	if noscopeExplicitLevel != 1 && noscopeExplicitLevel != 2 && noscopeExplicitLevel != 3 {
 286 | 		var err error
 287 | 		crash("Invalid no-scope explicit-level selected", err)
 288 | 	}
 289 | 
 290 | 	// Validate the targets input
 291 | 	var targetsInput []string
 292 | 
 293 | 	// If we're getting input from stdin...
 294 | 	//https://stackoverflow.com/a/26567513/11490425
 295 | 	stat, _ := os.Stdin.Stat()
 296 | 	if (stat.Mode()&os.ModeCharDevice) == 0 && !isVSCodeDebug() {
 297 | 
 298 | 		// Read all of stdin into targetsInput
 299 | 
 300 | 		//read stdin
 301 | 		scanner := bufio.NewScanner(os.Stdin)
 302 | 		for scanner.Scan() {
 303 | 			line := scanner.Text()
 304 | 			line = strings.TrimSpace(line)
 305 | 			if line != "" && !strings.HasPrefix(line, "#") && !strings.HasPrefix(line, "//") {
 306 | 				targetsInput = append(targetsInput, line)
 307 | 			}
 308 | 		}
 309 | 		if err := scanner.Err(); err != nil {
 310 | 			crash("bufio couldn't read stdin correctly.", err)
 311 | 		}
 312 | 
 313 | 	} else if targetsListFilepath != "" {
 314 | 		// We didn't get anything from stdin, so we will use the file specified by the user
 315 | 		// Immediatly open the file specified by the user to prevent the file from potentially being modified by another process, exploiting a race condition (CWE-377)
 316 | 
 317 | 		// Load the user-supplied targets file into memory
 318 | 		var err error
 319 | 		targetsInput, err = readFileLines(targetsListFilepath)
 320 | 		if err != nil {
 321 | 			crash("Could not read the file "+targetsListFilepath, err)
 322 | 		}
 323 | 
 324 | 	} else {
 325 | 		// We didn't get anything from stdin, and the user didn't specify a file
 326 | 		// Print a usage warning, then quit gracefully
 327 | 
 328 | 		if !chainMode {
 329 | 			fmt.Println(string(colorRed) + "[-] No input file specified. Please specify a file with the -f or --file argument." + string(colorReset))
 330 | 			fmt.Println(string(colorRed) + "[-] Run with \"--help\" for more information." + string(colorReset))
 331 | 		}
 332 | 
 333 | 		// Exit code 2 = command line syntax error
 334 | 		os.Exit(2)
 335 | 	}
 336 | 
 337 | 	var inscopeLines []string
 338 | 	var noscopeLines []string
 339 | 
 340 | 	// Validate the inscope input
 341 | 	if company == "" && scopesListFilepath == "" {
 342 | 		// If the user didn't specify a company name, and also didn't specify a filepath for the inscope and outofscope files, we'll search for .inscope and .noscope files.
 343 | 
 344 | 		if !chainMode {
 345 | 			fmt.Print("No company or scopes file specified. Looking for \".inscope\" and \".noscope\" files..." + "\n")
 346 | 		}
 347 | 
 348 | 		//look for .inscope file
 349 | 		inscopePath, err := searchForFileBackwards(".inscope")
 350 | 		if err != nil {
 351 | 			crash("Couldn't locate a .inscope file.", err)
 352 | 		}
 353 | 
 354 | 		if !chainMode {
 355 | 			fmt.Print(".inscope found. Using " + inscopePath + "\n")
 356 | 		}
 357 | 
 358 | 		//look for .noscope file
 359 | 		noscopePath, err := searchForFileBackwards(".noscope")
 360 | 		if err != nil {
 361 | 			noscopePath = ""
 362 | 		} else if !chainMode {
 363 | 			fmt.Print(".noscope found. Using " + noscopePath + "\n")
 364 | 		}
 365 | 
 366 | 		// Load the inscope file into memory
 367 | 		inscopeLines, err = readFileLines(inscopePath)
 368 | 		if err != nil {
 369 | 			crash(".inscope file found at "+inscopePath+" but couldn't be read.", err)
 370 | 		}
 371 | 
 372 | 		// Load the noscope file into memory
 373 | 		noscopeLines, err = readFileLines(noscopePath)
 374 | 		if err != nil {
 375 | 			crash(".noscope file found at "+noscopePath+" but couldn't be read.", err)
 376 | 		}
 377 | 
 378 | 	} else if company != "" {
 379 | 		// If the user inputted a company name, we'll lookup said company in the firebounty db
 380 | 
 381 | 		// If the db exists...
 382 | 		if firebountyJSONFileStats, err := os.Stat(firebountyJSONPath); err == nil {
 383 | 			//check age. if age > 24hs
 384 | 			yesterday := time.Now().Add(-24 * time.Hour)
 385 | 			if firebountyJSONFileStats.ModTime().Before(yesterday) {
 386 | 				if !chainMode {
 387 | 					fmt.Println("[INFO]: +24hs have passed since the last update to the local firebounty database. Updating...")
 388 | 				}
 389 | 				updateFireBountyJSON()
 390 | 			}
 391 | 		} else if errors.Is(err, os.ErrNotExist) {
 392 | 			// The database does not exist.
 393 | 			// We'll create it.
 394 | 			if !chainMode {
 395 | 				fmt.Println("[INFO]: Downloading scopes file and saving in \"" + firebountyJSONPath + "\"")
 396 | 			}
 397 | 			updateFireBountyJSON()
 398 | 		} else {
 399 | 			crash("Unable to get information about the database file at \""+firebountyJSONPath+"\". Probably a permissions error with the directory the database is saved at. Try using the database argument like '--database /custom/path/to/store/the/firebounty.json'", err)
 400 | 		}
 401 | 
 402 | 		// Get the company names from the JSON file
 403 | 		companyNames, err := extractCompanyNames(firebountyJSONPath)
 404 | 		if err != nil {
 405 | 			crash("Couldn't parse company names from firebounty JSON.", err)
 406 | 		}
 407 | 
 408 | 		var matchingCompanyList []firebountySearchMatch
 409 | 		var userChoice string
 410 | 		var userPickedInvalidChoice bool = true
 411 | 		var userChoiceAsInt int
 412 | 
 413 | 		//for every company...
 414 | 		for i, fcompany := range companyNames {
 415 | 			fcompany := strings.ToLower(fcompany)
 416 | 			if strings.Contains(fcompany, company) {
 417 | 				matchingCompanyList = append(matchingCompanyList, firebountySearchMatch{i, fcompany})
 418 | 			}
 419 | 		}
 420 | 		if len(matchingCompanyList) == 0 && !chainMode {
 421 | 			fmt.Println(string(colorRed) + "[-] 0 (lowercase'd) company names contained the string \"" + company + "\"" + string(colorReset))
 422 | 			fmt.Println(string(colorRed) + "[-] If the company's bug bounty program is private, consider using rescope to download the scopes: https://github.com/root4loot/rescope")
 423 | 			fmt.Println(string(colorRed) + "[-] If the company's bug bounty program is public, consider either of these options:")
 424 | 			fmt.Println(string(colorRed) + "\t - Doing a manual search at https://firebounty.com")
 425 | 			fmt.Println(string(colorRed) + "\t - Loading the scopes manually into '.inscope' and '.noscope' files.")
 426 | 			fmt.Println(string(colorRed) + "\t - Loading the scopes manually into custom files, specified with the --inscope-file and --outofscope-file arguments.")
 427 | 			// Exit code 2 = command line syntax error
 428 | 			os.Exit(2)
 429 | 		} else if len(matchingCompanyList) > 1 {
 430 | 
 431 | 			if chainMode {
 432 | 				err = nil
 433 | 				crash("Unable to match the company to a single company. Please use a more exact company string.", err)
 434 | 			}
 435 | 
 436 | 			//appearently "while" doesn't exist in Go. It has been replaced by "for"
 437 | 			for userPickedInvalidChoice {
 438 | 				//For every matchingCompanyList item...
 439 | 				for i := range matchingCompanyList {
 440 | 					//Print it
 441 | 					fmt.Println("    " + strconv.Itoa(i) + " - " + matchingCompanyList[i].companyName)
 442 | 				}
 443 | 
 444 | 				//Show user the option to combine all of the previous companies as if they were a single company
 445 | 				fmt.Println("    " + strconv.Itoa(len(matchingCompanyList)) + " - COMBINE ALL")
 446 | 
 447 | 				//Get userchoice
 448 | 				fmt.Print("\n[+] Multiple companies matched \"" + company + "\". Please choose one: ")
 449 | 				_, err = fmt.Scanln(&userChoice)
 450 | 				if err != nil {
 451 | 					crash("An error ocurred while reading user input.", err)
 452 | 				}
 453 | 
 454 | 				//Convert userchoice str -> int
 455 | 				userChoiceAsInt, err = strconv.Atoi(userChoice)
 456 | 				//If the user picked something invalid...
 457 | 				if err != nil {
 458 | 					warning("Invalid option selected!")
 459 | 				} else {
 460 | 					userPickedInvalidChoice = false
 461 | 				}
 462 | 			}
 463 | 
 464 | 			//tip
 465 | 			fmt.Println("[-] If you want to remove one of these options, feel free to modify your firebounty database: " + firebountyJSONPath + "\n")
 466 | 
 467 | 			//If the user chose to "COMBINE ALL"...
 468 | 			if userChoiceAsInt == len(matchingCompanyList) {
 469 | 				//for every company that matched the company query...
 470 | 				for i := range matchingCompanyList {
 471 | 
 472 | 					//Load the matchingCompanyList 2D slice, and convert the first member from string to integer, and save the company index
 473 | 					companyIndex := matchingCompanyList[i].companyIndex
 474 | 					tempinscopeLines, tempnoscopeLines, err := getCompanyScopes(firebountyJSONPath, &companyIndex, privateTLDsAreEnabled)
 475 | 					if err != nil {
 476 | 						crash("Error parsing the company "+company, err)
 477 | 					}
 478 | 
 479 | 					inscopeLines = append(inscopeLines, tempinscopeLines...)
 480 | 					noscopeLines = append(noscopeLines, tempnoscopeLines...)
 481 | 
 482 | 				}
 483 | 			} else {
 484 | 				// The user chose a specific company
 485 | 				// Use userChoiceAsInt as an index for the matchingCompanyList 2D slice, and save the company index
 486 | 				companyCounter := matchingCompanyList[userChoiceAsInt].companyIndex
 487 | 				inscopeLines, noscopeLines, err = getCompanyScopes(firebountyJSONPath, &companyCounter, privateTLDsAreEnabled)
 488 | 				if err != nil {
 489 | 					crash("Error parsing the company "+company, err)
 490 | 				}
 491 | 			}
 492 | 
 493 | 		} else {
 494 | 			//Only 1 company matched the query
 495 | 			if !chainMode {
 496 | 				fmt.Print("[+] Search for \"" + company + "\" matched the company " + string(colorGreen) + matchingCompanyList[0].companyName + string(colorReset) + "!\n")
 497 | 			}
 498 | 			inscopeLines, noscopeLines, err = getCompanyScopes(firebountyJSONPath, &matchingCompanyList[0].companyIndex, privateTLDsAreEnabled)
 499 | 			if err != nil {
 500 | 				crash("Error parsing the company "+company, err)
 501 | 			}
 502 | 		}
 503 | 
 504 | 	} else {
 505 | 		//user chose to use their own scope list
 506 | 		if _, err := os.Stat(scopesListFilepath); err == nil {
 507 | 			// path/to/whatever exists
 508 | 
 509 | 			// Load the user-supplied inscopes file into memory
 510 | 			inscopeLines, err = readFileLines(scopesListFilepath)
 511 | 			if err != nil {
 512 | 				crash("Error reading the file "+scopesListFilepath, err)
 513 | 			}
 514 | 
 515 | 			// The outofScopesListFilepath might, or might not have been specified.
 516 | 			// If a custom outofScopesListFilepath was specified...
 517 | 			if outofScopesListFilepath != "" {
 518 | 				// Load the user-supplied noscopes file into memory
 519 | 				noscopeLines, err = readFileLines(outofScopesListFilepath)
 520 | 				if err != nil {
 521 | 					crash("Error reading the file "+outofScopesListFilepath, err)
 522 | 				}
 523 | 			}
 524 | 
 525 | 		} else if errors.Is(err, os.ErrNotExist) {
 526 | 			//path/to/whatever does not exist
 527 | 			err = nil
 528 | 			crash(scopesListFilepath+" does not exist.", err)
 529 | 
 530 | 		} else {
 531 | 			// Schrodinger: file may or may not exist. See err for details.
 532 | 			panic(err)
 533 | 		}
 534 | 	}
 535 | 
 536 | 	// Parse all inscopeLines lines
 537 | 	inscopeScopes, err := parseAllLines(inscopeLines, true)
 538 | 	if err != nil {
 539 | 		crash("Unable to parse any inscope entries as scopes", err)
 540 | 	}
 541 | 
 542 | 	// Parse all noscopeLines lines
 543 | 	noscopeScopes, err := parseAllLines(noscopeLines, true)
 544 | 	if err != nil {
 545 | 		warning("Unable to parse any noscope entries as scopes")
 546 | 	}
 547 | 
 548 | 	// Variables for writing the output to a file if necessary.
 549 | 	var writer *bufio.Writer
 550 | 	var f *os.File
 551 | 
 552 | 	if inscopeOutputFile != "" {
 553 | 		f, err := os.OpenFile(inscopeOutputFile, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600) // #nosec G304 -- inscopeOutputFile is a CLI argument specified by the user running the program. It is not unsafe to allow them to open any file in their own system.
 554 | 		if err != nil {
 555 | 			crash("Unable to read output file", err)
 556 | 		}
 557 | 
 558 | 		// Use bufio.Writer for efficient disk writes
 559 | 		writer = bufio.NewWriter(f)
 560 | 	}
 561 | 
 562 | 	// Parse all targetsInput lines concurrently
 563 | 	numWorkers := runtime.NumCPU()
 564 | 	inputChan := make(chan int, numWorkers)
 565 | 	outputChan := make(chan targetResult, len(targetsInput))
 566 | 
 567 | 	var wg sync.WaitGroup
 568 | 
 569 | 	for i := 0; i < numWorkers; i++ {
 570 | 		wg.Add(1)
 571 | 		go func() {
 572 | 			defer wg.Done()
 573 | 			for idx := range inputChan {
 574 | 				parsedTarget, err := parseLine(targetsInput[idx], false)
 575 | 				res := targetResult{
 576 | 					index:        idx,
 577 | 					parsedTarget: parsedTarget,
 578 | 					err:          err,
 579 | 					targetStr:    targetsInput[idx],
 580 | 				}
 581 | 				if err == nil {
 582 | 					isInsideScope, isUnsure := parseScopes(&inscopeScopes, &noscopeScopes, &parsedTarget, &inscopeExplicitLevel, &noscopeExplicitLevel, includeUnsure)
 583 | 					res.isInsideScope = isInsideScope
 584 | 					res.isUnsure = isUnsure
 585 | 				}
 586 | 				outputChan <- res
 587 | 			}
 588 | 		}()
 589 | 	}
 590 | 
 591 | 	// Feed indices to workers
 592 | 	go func() {
 593 | 		for i := range targetsInput {
 594 | 			inputChan <- i
 595 | 		}
 596 | 		close(inputChan)
 597 | 	}()
 598 | 
 599 | 	go func() {
 600 | 		wg.Wait()
 601 | 		close(outputChan)
 602 | 	}()
 603 | 
 604 | 	// Variables for writing the output to a file if necessary.
 605 | 	var target string
 606 | 	results := make([]targetResult, len(targetsInput))
 607 | 	for res := range outputChan {
 608 | 		results[res.index] = res
 609 | 	}
 610 | 
 611 | 	// Output results in original order
 612 | 	for _, res := range results {
 613 | 		if res.err != nil {
 614 | 			warning("Unable to parse the string '" + res.targetStr + "' as a target.")
 615 | 			continue
 616 | 		}
 617 | 		if res.isInsideScope {
 618 | 			if outputDomainsOnly {
 619 | 				switch assertedTarget := res.parsedTarget.(type) {
 620 | 				case *url.URL:
 621 | 					target = removePortFromHost(assertedTarget)
 622 | 				case *URLWithIPAddressHost:
 623 | 					target = assertedTarget.IPhost.String()
 624 | 				default:
 625 | 					target = res.targetStr
 626 | 				}
 627 | 			} else {
 628 | 				target = res.targetStr
 629 | 			}
 630 | 			if !quietMode {
 631 | 				if res.isUnsure && includeUnsure {
 632 | 					if !chainMode {
 633 | 						infoWarning("UNSURE: ", target)
 634 | 					} else {
 635 | 						fmt.Println(target)
 636 | 					}
 637 | 				} else {
 638 | 					if !chainMode {
 639 | 						infoGood("IN-SCOPE: ", target)
 640 | 					} else {
 641 | 						fmt.Println(target)
 642 | 					}
 643 | 				}
 644 | 			}
 645 | 			if inscopeOutputFile != "" {
 646 | 				_, err = writer.WriteString(target + "\n")
 647 | 				if err != nil {
 648 | 					crash("Unable to write to output file", err)
 649 | 				}
 650 | 			}
 651 | 		}
 652 | 	}
 653 | 	// ...existing code...
 654 | 
 655 | 	if inscopeOutputFile != "" {
 656 | 		// Flush any buffered data to disk
 657 | 		writer.Flush() // #nosec G104 -- No need to handle any writer errors, since we already crash upon encountering any writer error.
 658 | 
 659 | 		//Close the output file
 660 | 		f.Close() // #nosec G104 -- There's no harm done if we're unable to close the output file, since we're already at the end of the program.
 661 | 	}
 662 | 
 663 | 	StopBenchmark()
 664 | 
 665 | }
 666 | 
 667 | func updateFireBountyJSON() {
 668 | 	// path/to/whatever does *not* exist
 669 | 	//get the big JSON from the API
 670 | 	jason, err := http.Get(firebountyAPIURL)
 671 | 	if err != nil {
 672 | 		crash("Could not download scopes from firebounty at: "+firebountyAPIURL, err)
 673 | 	}
 674 | 
 675 | 	//read the contents of the request
 676 | 	body, err := io.ReadAll(jason.Body)
 677 | 	jason.Body.Close() // #nosec G104 -- There is no situation in which closing the body of the request will cause an error.
 678 | 	if err != nil {
 679 | 		fmt.Println(err)
 680 | 	}
 681 | 
 682 | 	//delete the previous file (if it even exists)
 683 | 	os.Remove(firebountyJSONPath) // #nosec G104 -- There is no need to handle any errors in deleting the file, as it will be created again in the next step.
 684 | 
 685 | 	//write to disk
 686 | 	err = os.WriteFile(firebountyJSONPath, []byte(string(body)), 0600)
 687 | 	if err != nil {
 688 | 		crash("Couldn't save firebounty json to disk as"+firebountyJSONPath, err)
 689 | 	}
 690 | 
 691 | 	if !chainMode {
 692 | 		fmt.Println("[INFO]: Scopes file saved to " + firebountyJSONPath)
 693 | 	}
 694 | 
 695 | }
 696 | 
 697 | func parseScopes(inscopeScopes *[]interface{}, noscopeScopes *[]interface{}, target *interface{}, inscopeExplicitLevel *int, noscopeExplicitLevel *int, includeUnsure bool) (isInsideScope bool, isUnsure bool) {
 698 | 	// This function is where we'll implement the --include-unsure logic
 699 | 
 700 | 	targetIsOutOfScope := isOutOfScope(noscopeScopes, target, noscopeExplicitLevel)
 701 | 	if !targetIsOutOfScope {
 702 | 		// We only need to check if the target is inscope if it isn't out of scope.
 703 | 		targetIsInscope := isInscope(inscopeScopes, target, inscopeExplicitLevel)
 704 | 		if targetIsInscope {
 705 | 			return true, false
 706 | 		} else if includeUnsure && !targetIsInscope {
 707 | 			return true, true
 708 | 		} else {
 709 | 			return false, false
 710 | 		}
 711 | 	} else {
 712 | 		return false, false
 713 | 	}
 714 | }
 715 | 
 716 | func crash(message string, err error) {
 717 | 	fmt.Fprintf(os.Stderr, string(colorRed)+"[ERROR]: "+message+string(colorReset)+"\n\n")
 718 | 	fmt.Fprintf(os.Stderr, string(colorRed)+"Error stacktrace: "+string(colorReset)+"\n")
 719 | 	panic(err)
 720 | }
 721 | 
 722 | func warning(message string) {
 723 | 	fmt.Fprintf(os.Stderr, string(colorYellow)+"[WARNING]: "+message+string(colorReset)+"\n")
 724 | }
 725 | 
 726 | func infoGood(prefix string, message string) {
 727 | 	fmt.Print(string(colorGreen) + "[+] " + prefix + string(colorReset) + message + "\n")
 728 | }
 729 | 
 730 | func infoWarning(prefix string, message string) {
 731 | 	fmt.Print(string(colorYellow) + "[-] " + prefix + string(colorReset) + message + "\n")
 732 | }
 733 | 
 734 | func removePortFromHost(myurl *url.URL) string {
 735 | 	portLength := len(myurl.Port())
 736 | 	if portLength != 0 {
 737 | 		hostLength := len(myurl.Host)
 738 | 		// The last "-1" removes the ":" character from the host.
 739 | 		portless := myurl.Host[:hostLength-portLength-1]
 740 | 		return portless
 741 | 	} else {
 742 | 		return myurl.Host
 743 | 	}
 744 | }
 745 | 
 746 | // out-of-scopes are parsed as --explicit-level==2
 747 | func isOutOfScope(noscopeScopes *[]interface{}, target *interface{}, explicitLevel *int) bool {
 748 | 	//if we got no matches for any outOfScope
 749 | 	return isInscope(noscopeScopes, target, explicitLevel)
 750 | }
 751 | 
 752 | //======================================================================================
 753 | // The following code is from tomnomnom's inscope project:
 754 | // https://github.com/tomnomnom/hacks/tree/master/inscope
 755 | 
 756 | func searchForFileBackwards(filename string) (string, error) {
 757 | 	pwd, err := filepath.Abs(".")
 758 | 	if err != nil {
 759 | 		return "", err
 760 | 	}
 761 | 
 762 | 	for {
 763 | 		_, err := os.Stat(filepath.Join(pwd, filename))
 764 | 
 765 | 		// found one!
 766 | 		if err == nil {
 767 | 			return filepath.Join(pwd, filename), nil
 768 | 		}
 769 | 
 770 | 		newPwd := filepath.Dir(pwd)
 771 | 		if newPwd == pwd {
 772 | 			break
 773 | 		}
 774 | 		pwd = newPwd
 775 | 	}
 776 | 
 777 | 	return "", errors.New("unable to locate a \".scope\" file")
 778 | }
 779 | 
 780 | //======================================================================================
 781 | 
 782 | // companyIndex is the numeric index of the company in the firebounty database, where 0 is the first company, 1 is the second company, etc
 783 | // Returns an error if no inscopeLines could be detected.
 784 | // Does not return an error if no noscopeLines could be detected.
 785 | func getCompanyScopes(firebountyJSONPath string, companyIndex *int, privateTLDsAreEnabled bool) (inscopeLines []string, noscopeLines []string, err error) {
 786 | 
 787 | 	prog, err := loadProgramByIndex(firebountyJSONPath, *companyIndex)
 788 | 	if err != nil {
 789 | 		crash("Couldn't load full program data", err)
 790 | 	}
 791 | 
 792 | 	//match found!
 793 | 	if !chainMode {
 794 | 
 795 | 		// Print the details of the matched company in a readable format
 796 | 
 797 | 		// Get the last date the cached database was updated
 798 | 		info, err := os.Stat(firebountyJSONPath)
 799 | 		if err != nil {
 800 | 			crash("Error getting file information for the database file at "+firebountyJSONFilename, err)
 801 | 		}
 802 | 		// info.Atime_ns now contains the last access time
 803 | 		// (in nanoseconds since the unix epoch)
 804 | 		// Convert the date to the format YYYY-MM-DD HH:MM
 805 | 		lastUpdated := time.Unix(info.ModTime().Unix(), 0).Format("2006-01-02 15:04:05")
 806 | 		fmt.Println("[+] Last updated: " + lastUpdated)
 807 | 
 808 | 		// Print the details of the matched company in a readable format
 809 | 		fmt.Println("[+] Firebounty URL: " + prog.Firebounty_url)
 810 | 		fmt.Println("[+] Program URL: " + prog.Url)
 811 | 
 812 | 		// Print the in-scope rules
 813 | 		fmt.Println("[+] In-scope rules: ")
 814 | 		for _, inscope := range prog.Scopes.In_scopes {
 815 | 			fmt.Println("\t[+] " + inscope.Scope_type + ": " + inscope.Scope)
 816 | 		}
 817 | 
 818 | 		// Print the out-of-scope rules
 819 | 		fmt.Println("\n[+] Out-of-scope rules: ")
 820 | 		for _, noscope := range prog.Scopes.Out_of_scopes {
 821 | 			fmt.Println("\t[+] " + noscope.Scope_type + ": " + noscope.Scope)
 822 | 		}
 823 | 
 824 | 		fmt.Println("\n[+] Analysis started...")
 825 | 
 826 | 	}
 827 | 
 828 | 	//for every InScope Scope in the program
 829 | 	for inscopeCounter := 0; inscopeCounter < len(prog.Scopes.In_scopes); inscopeCounter++ {
 830 | 		//if the scope type is "web_application" and it's not empty
 831 | 		if prog.Scopes.In_scopes[inscopeCounter].Scope_type == "web_application" && prog.Scopes.In_scopes[inscopeCounter].Scope != "" {
 832 | 
 833 | 			rawInScope := prog.Scopes.In_scopes[inscopeCounter].Scope
 834 | 
 835 | 			// TODO: Optimize this. It's very inneficient to be parsing this line twice. parseLine is already called within isAndroidPackageName, so we shouldn't call it again, that's redundant.
 836 | 			if !isAndroidPackageName(&rawInScope, privateTLDsAreEnabled) {
 837 | 				inscopeLines = append(inscopeLines, rawInScope)
 838 | 			}
 839 | 
 840 | 		}
 841 | 	}
 842 | 
 843 | 	if len(inscopeLines) == 0 {
 844 | 		return nil, nil, errors.New("Unable to parse any inscopes scopes from " + prog.Name)
 845 | 	}
 846 | 
 847 | 	//for every NoScope Scope in the program
 848 | 	for noscopeCounter := 0; noscopeCounter < len(prog.Scopes.Out_of_scopes); noscopeCounter++ {
 849 | 		//if the scope type is "web_application" and it's not empty
 850 | 		if prog.Scopes.Out_of_scopes[noscopeCounter].Scope_type == "web_application" && prog.Scopes.Out_of_scopes[noscopeCounter].Scope != "" {
 851 | 
 852 | 			rawNoScope := prog.Scopes.Out_of_scopes[noscopeCounter].Scope
 853 | 
 854 | 			if !isAndroidPackageName(&rawNoScope, privateTLDsAreEnabled) {
 855 | 				noscopeLines = append(noscopeLines, rawNoScope)
 856 | 			}
 857 | 
 858 | 		}
 859 | 	}
 860 | 
 861 | 	return inscopeLines, noscopeLines, nil
 862 | }
 863 | 
 864 | // This function receives a raw scope string, and returns true if it's an android package name.
 865 | // It's goal is to help detect any misconfigured bug-bounty programs
 866 | // Only scopes that have the type "web_application" but that we aren't sure if they are actually web_application resources should be sent into this function.
 867 | // Sometimes bug bounty programs set APK package names such as com.my.businness.gatewayportal as web_application resources instead of as android_application resources in their program scope, causing trouble for anyone using automatic tools. Hacker-Scoper automatically detects these errors and notifies the user.
 868 | func isAndroidPackageName(rawScope *string, privateTLDsAreEnabled bool) bool {
 869 | 
 870 | 	if privateTLDsAreEnabled {
 871 | 		return privateTLDsAreEnabled
 872 | 	}
 873 | 
 874 | 	// We begin the detection by trying to parse the given scope as an actual scope.
 875 | 	// The problem with url.Parse is that it rarely returns an error. It often times assumes that invalid domain names (such as "this.is.not.avaliddomain") actually have a "private Top-Level-Domain". This is extremely unlikely in reality
 876 | 	// TODO: Split parseLine into 3 functions, so we can directly try to parse the rawScope as a URL rather than wasting CPU cycles trying to parse CIDR Range -> IP Address -> URL.
 877 | 	inscope, err := parseLine(*rawScope, true)
 878 | 
 879 | 	if err != nil {
 880 | 		return false
 881 | 	} else if _, inscopeIsURL := inscope.(*url.URL); inscopeIsURL {
 882 | 		// If the type of inscope is *url.URL ...
 883 | 		portlessHostofCurrentTarget := removePortFromHost(inscope.(*url.URL))
 884 | 
 885 | 		//alert the user about potentially mis-configured bug-bounty program
 886 | 		_, scopeHasValidTLD := publicsuffix.PublicSuffix(portlessHostofCurrentTarget)
 887 | 
 888 | 		if !chainMode {
 889 | 			//alert the user about potentially mis-configured bug-bounty program
 890 | 			if (*rawScope)[0:4] == "com." || (*rawScope)[0:4] == "org." {
 891 | 				warning("The scope \"" + *rawScope + "\" starts with \"com.\" or \"org.\" This may be a sign of a misconfigured bug bounty program. Consider editing the \"" + firebountyJSONPath + " file and removing the faulty entries. Also, report the failure to the maintainers of the bug bounty program.")
 892 | 			}
 893 | 		}
 894 | 
 895 | 		if !scopeHasValidTLD && inscope.(*url.URL).Host != "" {
 896 | 			if !chainMode {
 897 | 				warning("The scope \"" + *rawScope + "\" does not have a public Top Level Domain (TLD). This may be a sign of a misconfigured bug bounty program. Consider editing the \"" + firebountyJSONPath + " file and removing the faulty entries. Also, report the failure to the mainters of the bug bounty program.")
 898 | 			}
 899 | 			return true
 900 | 		}
 901 | 	}
 902 | 
 903 | 	return false
 904 | }
 905 | 
 906 | // This function receives a filepath as a string, and returns a string with the contents of the file
 907 | // All lines are trimmed, and empty lines are removed
 908 | // All lines beginning with '#' or '//' are considered comments and are removed
 909 | func readFileLines(filepath string) ([]string, error) {
 910 | 	// Reads the whole file into memory
 911 | 	data, err := os.ReadFile(filepath) // #nosec G304 -- Intended functionality.
 912 | 	if err != nil {
 913 | 		return nil, err
 914 | 	}
 915 | 	rawLines := strings.Split(string(data), "\n")
 916 | 	var lines []string
 917 | 	for _, line := range rawLines {
 918 | 		line = strings.TrimSpace(line)
 919 | 		if line != "" && !strings.HasPrefix(line, "#") && !strings.HasPrefix(line, "//") {
 920 | 			lines = append(lines, line)
 921 | 		}
 922 | 	}
 923 | 	return lines, nil
 924 | }
 925 | 
 926 | // If isScope is true, ParseLine attempts to parse a string into either:
 927 | // - *net.IPNet		(CIDR notation)
 928 | // - *net.IP		(single IP address)
 929 | // - *string 		(hostname of a valid URL)
 930 | // - *regexp.Regexp (Regex)
 931 | // - *WildcardScope (Wildcard Scope)
 932 | //
 933 | // If isScope is false, ParseLine attempts to parse a string into either:
 934 | // - *net.IP				(single IP address)
 935 | // - *url.URL				(valid URL)
 936 | // - *URLWithIPAddressHost	(URL that has an IP host)
 937 | //
 938 | // This function returns the error ErrInvalidFormat if the string didn't match any of the listed formats.
 939 | func parseLine(line string, isScope bool) (interface{}, error) {
 940 | 
 941 | 	// TODO: Add a --optimize flag that when enabled will save all of the inscope, and noscope scopes in a separate file, with their type already determined, so we don't have to waste time guessing the scope type every time hacker-scoper is run. Maybe in CSV format. We could also use the file last-modified-at metadata to know whether the .inscope and .noscope files were modified. The --optimize flag should only have an effect when hacker-scoper is ran with .inscope and .noscope files, or with the firebounty db.It wouldn't make sense to optimize the input of stdin.
 942 | 
 943 | 	if isScope {
 944 | 		if strings.HasPrefix(line, "^") && strings.HasSuffix(line, "$") {
 945 | 			// Attempt to parse the scope as a regex
 946 | 			scopeRegex, err := regexp.Compile(line)
 947 | 			if err != nil {
 948 | 				if chainMode {
 949 | 					warning("There was an error parsing the scope \"" + line + "\" as a regex.")
 950 | 				}
 951 | 				return nil, ErrInvalidFormat
 952 | 			} else {
 953 | 				return scopeRegex, nil
 954 | 			}
 955 | 		} else if strings.Contains(line, "*") {
 956 | 			// If the line is a scope and contains a wildcard...
 957 | 			// Attempt to parse the scope as a regex
 958 | 			rawRegex := strings.Replace(line, ".", "\\.", -1)
 959 | 			rawRegex = strings.Replace(rawRegex, "*", ".*", -1)
 960 | 
 961 | 			scopeRegex, err := regexp.Compile(rawRegex)
 962 | 			if err != nil {
 963 | 				if chainMode {
 964 | 					warning("There was an error parsing the scope \"" + line + "\" (converted into \"" + rawRegex + "\") as a regex. This scope was parsed as a regex instead of as a URL because it has 1 or more wildcards.")
 965 | 				}
 966 | 				return nil, ErrInvalidFormat
 967 | 			} else {
 968 | 				return &(WildcardScope{scope: *scopeRegex}), nil
 969 | 			}
 970 | 		} else if isNmapIPRange(line) {
 971 | 			// Nmap octet range detection: must look like a.b.c.d with at least one range/comma
 972 | 			nmapRange, err := parseNmapIPRange(line)
 973 | 			if err != nil {
 974 | 				return nil, ErrInvalidFormat
 975 | 			}
 976 | 			return nmapRange, nil
 977 | 		} else {
 978 | 			// Try to parse as CIDR
 979 | 			if _, ipnet, err := net.ParseCIDR(line); err == nil {
 980 | 				return ipnet, nil
 981 | 			}
 982 | 		}
 983 | 
 984 | 	}
 985 | 
 986 | 	// Try plain IP
 987 | 	if ip := net.ParseIP(line); ip != nil {
 988 | 		return &ip, nil
 989 | 	}
 990 | 
 991 | 	// Try URL (with basic validation)
 992 | 	parsedURL, err := url.Parse(line)
 993 | 	// If parsedURL.Opaque has content, then this is a data URI. Data URI's are not supported by hacker-scoper.
 994 | 	parseAsURLFailed := (err != nil || parsedURL.Host == "" || parsedURL.Opaque != "")
 995 | 
 996 | 	if parseAsURLFailed {
 997 | 		// If the line doesn't already start with an "https://" prefix...
 998 | 		if !strings.HasPrefix(line, "https://") {
 999 | 			// Retry parsing but with a 'https://' prefix
1000 | 			parsedURL, err = url.Parse("https://" + line)
1001 | 			parseAsURLFailed = (err != nil || parsedURL.Host == "" || parsedURL.Opaque != "")
1002 | 			if parseAsURLFailed {
1003 | 				return nil, ErrInvalidFormat
1004 | 			}
1005 | 		} else {
1006 | 			return nil, ErrInvalidFormat
1007 | 		}
1008 | 	}
1009 | 
1010 | 	if !isScope {
1011 | 		// scopes will never be URLs with IP hostnames. It doesn't make sense to check for IP hostnames in URLs for scopes
1012 | 		// Try plain IP
1013 | 		if ip := net.ParseIP(removePortFromHost(parsedURL)); ip != nil {
1014 | 			myURLWithIPHostname := URLWithIPAddressHost{rawURL: line, IPhost: ip}
1015 | 			return &myURLWithIPHostname, nil
1016 | 		} else {
1017 | 			return parsedURL, nil
1018 | 		}
1019 | 	} else {
1020 | 		if parsedURL.Path == "" || parsedURL.Path == "/" {
1021 | 			return removePortFromHost(parsedURL), nil
1022 | 		} else {
1023 | 			if !chainMode {
1024 | 				warning("The text \"" + line + "\" was given as a scope, but it contains the path \"" + parsedURL.Path + "\". In order to properly match paths in your scope you have to use regex. This scope has been ignored.")
1025 | 			}
1026 | 			return nil, ErrInvalidFormat
1027 | 		}
1028 | 
1029 | 	}
1030 | 
1031 | }
1032 | 
1033 | // ParseAllLines processes each line individually, returning:
1034 | // - A slice of parsed objects (interface{} holding *net.IPNet, net.IP, or *url.URL)
1035 | // - An error if no lines could be parsed as a scope, otherwise nil.
1036 | // isScopes should be true if the lines to be parsed are scopes.
1037 | func parseAllLines(lines []string, isScopes bool) ([]interface{}, error) {
1038 | 	parsed := []interface{}{}
1039 | 
1040 | 	numWorkers := runtime.NumCPU()
1041 | 	inputChan := make(chan string, numWorkers)
1042 | 	outputChan := make(chan parseResult, len(lines))
1043 | 
1044 | 	var wg sync.WaitGroup
1045 | 
1046 | 	// Start workers
1047 | 	for i := 0; i < numWorkers; i++ {
1048 | 		wg.Add(1)
1049 | 		go func() {
1050 | 			defer wg.Done()
1051 | 			for line := range inputChan {
1052 | 				result, err := parseLine(line, isScopes)
1053 | 				if err != nil {
1054 | 					outputChan <- parseResult{value: result, line: line, err: err}
1055 | 				} else {
1056 | 					outputChan <- parseResult{value: result, line: "", err: err}
1057 | 				}
1058 | 			}
1059 | 		}()
1060 | 	}
1061 | 
1062 | 	// Feed lines to workers
1063 | 	go func() {
1064 | 		for _, line := range lines {
1065 | 			inputChan <- line
1066 | 		}
1067 | 		close(inputChan)
1068 | 	}()
1069 | 
1070 | 	// Wait for workers to finish
1071 | 	go func() {
1072 | 		wg.Wait()
1073 | 		close(outputChan)
1074 | 	}()
1075 | 
1076 | 	for res := range outputChan {
1077 | 		if res.err != nil {
1078 | 			if !chainMode {
1079 | 				warning("Unable to parse line: \"" + res.line + "\"")
1080 | 			}
1081 | 		} else if res.value != nil {
1082 | 			parsed = append(parsed, res.value)
1083 | 		}
1084 | 	}
1085 | 
1086 | 	if len(parsed) == 0 {
1087 | 		return nil, errors.New("unable to parse any lines as scopes")
1088 | 	}
1089 | 	return parsed, nil
1090 | }
1091 | 
1092 | func isInscope(inscopeScopes *[]interface{}, target *interface{}, explicitLevel *int) (result bool) {
1093 | 
1094 | 	// Here we use a switch-case on the type of target. So target is processed differently depending on which variable type it is.
1095 | 
1096 | 	switch assertedTarget := (*target).(type) {
1097 | 	// If the target is an IP Address...
1098 | 	case *net.IP:
1099 | 		return isInscopeIP(assertedTarget, inscopeScopes, explicitLevel)
1100 | 	case *URLWithIPAddressHost:
1101 | 		return isInscopeIP(&assertedTarget.IPhost, inscopeScopes, explicitLevel)
1102 | 
1103 | 	// If the target is a URL...
1104 | 	case *url.URL:
1105 | 		for i := range *inscopeScopes {
1106 | 			// We're only interested in comparing URL targets against URL scopes, and regex.
1107 | 			switch assertedScope := (*inscopeScopes)[i].(type) {
1108 | 			// If the i scope is a URL...
1109 | 			case string:
1110 | 				switch *explicitLevel {
1111 | 				case 1:
1112 | 					//if x is a subdomain of y
1113 | 					//ex: wordpress.example.com with a scope of *.example.com will give a match
1114 | 					//we DON'T do it by splitting on dots and matching, because that would cause errors with domains that have two top-level-domains (gov.br for example)
1115 | 					result = strings.HasSuffix(removePortFromHost(assertedTarget), assertedScope)
1116 | 
1117 | 				case 2, 3:
1118 | 					result = removePortFromHost(assertedTarget) == assertedScope
1119 | 				}
1120 | 
1121 | 			case *WildcardScope:
1122 | 				if *explicitLevel != 3 {
1123 | 					// If the i scope is a Wildcard Scope...
1124 | 					//if the current target host matches the regex...
1125 | 					result = (assertedScope.scope).MatchString(removePortFromHost(assertedTarget))
1126 | 				}
1127 | 
1128 | 			case *regexp.Regexp:
1129 | 				// If the i scope is a regex...
1130 | 				//if the current target matches the regex...
1131 | 				result = assertedScope.MatchString(assertedTarget.String())
1132 | 
1133 | 			}
1134 | 			if result {
1135 | 				return result
1136 | 			}
1137 | 		}
1138 | 	}
1139 | 
1140 | 	return false
1141 | }
1142 | 
1143 | func isInscopeIP(targetIP *net.IP, inscopeScopes *[]interface{}, explicitLevel *int) (result bool) {
1144 | 	if *explicitLevel == 3 {
1145 | 		// For each scope in inscopeScopes...
1146 | 		for i := range *inscopeScopes {
1147 | 			// We're only interested in comparing IP targets against IP addresses.
1148 | 			// CIDR scopes are disabled in --explicit-level=3
1149 | 			switch assertedScope := (*inscopeScopes)[i].(type) {
1150 | 
1151 | 			// If the i scope is an IP Address...
1152 | 			case *net.IP:
1153 | 				result = assertedScope.Equal(*targetIP)
1154 | 			}
1155 | 			if result {
1156 | 				return result
1157 | 			}
1158 | 		}
1159 | 		return false
1160 | 	} else {
1161 | 		// For each scope in inscopeScopes...
1162 | 		for i := range *inscopeScopes {
1163 | 			// We're only interested in comparing IP targets against CIDR networks and IP addresses.
1164 | 			switch assertedScope := (*inscopeScopes)[i].(type) {
1165 | 			// If the i scope is a CIDR network...
1166 | 			case *net.IPNet:
1167 | 				result = assertedScope.Contains(*targetIP)
1168 | 
1169 | 			// If the i scope is an IP Address...
1170 | 			case *net.IP:
1171 | 				result = assertedScope.Equal(*targetIP)
1172 | 
1173 | 			case *NmapIPRange:
1174 | 				ip := (*targetIP).To4()
1175 | 				if ip == nil {
1176 | 					continue
1177 | 				}
1178 | 				result = true
1179 | 				for i := range 4 {
1180 | 					found := false
1181 | 					for _, v := range assertedScope.Octets[i] {
1182 | 						if ip[i] == v {
1183 | 							found = true
1184 | 							break
1185 | 						}
1186 | 					}
1187 | 					if !found {
1188 | 						result = false
1189 | 						break
1190 | 					}
1191 | 				}
1192 | 
1193 | 			}
1194 | 			if result {
1195 | 				return result
1196 | 			}
1197 | 		}
1198 | 		return false
1199 | 	}
1200 | }
1201 | 
1202 | func isNmapIPRange(line string) bool {
1203 | 	// Quick heuristic: must have 3 dots and at least one '-' or ','
1204 | 	if strings.Count(line, ".") != 3 {
1205 | 		return false
1206 | 	}
1207 | 
1208 | 	// Return false if line contains any a-z or A-Z letters
1209 | 	if strings.IndexFunc(line, unicode.IsLetter) != -1 {
1210 | 		return false
1211 | 	}
1212 | 
1213 | 	return strings.ContainsAny(line, "-,")
1214 | }
1215 | 
1216 | func parseNmapIPRange(line string) (*NmapIPRange, error) {
1217 | 	parts := strings.Split(line, ".")
1218 | 	if len(parts) != 4 {
1219 | 		return nil, errors.New("invalid Nmap IP range format")
1220 | 	}
1221 | 	var octets [4][]uint8
1222 | 	for i, part := range parts {
1223 | 		vals, err := parseNmapOctet(part)
1224 | 		if err != nil {
1225 | 			return nil, err
1226 | 		}
1227 | 		octets[i] = vals
1228 | 	}
1229 | 	return &NmapIPRange{Octets: octets, Raw: line}, nil
1230 | }
1231 | 
1232 | func parseNmapOctet(part string) ([]uint8, error) {
1233 | 	var vals []uint8
1234 | 	for _, seg := range strings.Split(part, ",") {
1235 | 		seg = strings.TrimSpace(seg)
1236 | 		if seg == "-" {
1237 | 			seg = "0-255"
1238 | 		}
1239 | 		if strings.Contains(seg, "-") {
1240 | 			bounds := strings.SplitN(seg, "-", 2)
1241 | 			low := uint8(0)
1242 | 			high := uint8(255)
1243 | 			if bounds[0] != "" {
1244 | 				l, err := strconv.Atoi(bounds[0])
1245 | 				if err != nil || l < 0 || l > 255 {
1246 | 					return nil, errors.New("invalid octet range")
1247 | 				}
1248 | 				low = uint8(l)
1249 | 			}
1250 | 			if bounds[1] != "" {
1251 | 				h, err := strconv.Atoi(bounds[1])
1252 | 				if err != nil || h < 0 || h > 255 {
1253 | 					return nil, errors.New("invalid octet range")
1254 | 				}
1255 | 				high = uint8(h)
1256 | 			}
1257 | 			if low > high {
1258 | 				return nil, errors.New("octet range low > high")
1259 | 			}
1260 | 			for v := low; ; v++ {
1261 | 				vals = append(vals, v)
1262 | 				if v == high {
1263 | 					break
1264 | 				}
1265 | 			}
1266 | 		} else {
1267 | 			v, err := strconv.Atoi(seg)
1268 | 			if err != nil || v < 0 || v > 255 {
1269 | 				return nil, errors.New("invalid octet value")
1270 | 			}
1271 | 			vals = append(vals, uint8(v))
1272 | 		}
1273 | 	}
1274 | 	return vals, nil
1275 | }
1276 | 
1277 | // Function to extract company names only
1278 | func extractCompanyNames(jsonPath string) ([]string, error) {
1279 | 	file, err := os.Open(jsonPath)  // #nosec G304 -- Intended behavior
1280 | 	if err != nil {
1281 | 		return nil, err
1282 | 	}
1283 | 	defer file.Close()
1284 | 
1285 | 	var partial PartialFirebounty
1286 | 	decoder := json.NewDecoder(file)
1287 | 	if err := decoder.Decode(&partial); err != nil {
1288 | 		return nil, err
1289 | 	}
1290 | 
1291 | 	names := make([]string, len(partial.Pgms))
1292 | 	for i, p := range partial.Pgms {
1293 | 		names[i] = p.Name
1294 | 	}
1295 | 	return names, nil
1296 | }
1297 | 
1298 | // Efficiently load a single Program by index from the firebounty JSON
1299 | func loadProgramByIndex(jsonPath string, index int) (*Program, error) {
1300 | 	file, err := os.Open(jsonPath)  // #nosec G304 -- Intended behavior
1301 | 	if err != nil {
1302 | 		return nil, err
1303 | 	}
1304 | 	defer file.Close()
1305 | 
1306 | 	// Create a decoder and seek to the "pgms" array
1307 | 	decoder := json.NewDecoder(file)
1308 | 
1309 | 	// Advance to the "pgms" key
1310 | 	for {
1311 | 		t, err := decoder.Token()
1312 | 		if err != nil {
1313 | 			return nil, err
1314 | 		}
1315 | 		if t == "pgms" {
1316 | 			break
1317 | 		}
1318 | 	}
1319 | 
1320 | 	// Read the start of the array
1321 | 	if _, err := decoder.Token(); err != nil { // should be json.Delim('[')
1322 | 		return nil, err
1323 | 	}
1324 | 
1325 | 	// Iterate through the array until the desired index
1326 | 	for i := 0; decoder.More(); i++ {
1327 | 		var prog Program
1328 | 		if err := decoder.Decode(&prog); err != nil {
1329 | 			return nil, err
1330 | 		}
1331 | 		if i == index {
1332 | 			return &prog, nil
1333 | 		}
1334 | 	}
1335 | 
1336 | 	return nil, errors.New("program index out of range")
1337 | }
1338 | 


--------------------------------------------------------------------------------