Merge pull request #155 from vulncheck-oss/ua-update

#154 Initial version of UA fetch, sorting, cleaning, and embedding

.github/workflows/useragent-update.yml

@@ -0,0 +1,40 @@
+name: User-Agent Update
+
+on:
+   workflow_dispatch:
+   schedule:
+     - cron: '0 0 * * 0'
+
+jobs:
+   build:
+     runs-on: ubuntu-latest
+     steps:
+       - name: Checkout Repo
+         uses: actions/checkout@v4
+         with:
+           fetch-depth: 0
+
+       - name: Setup golang
+         uses: actions/setup-go@v4
+         with:
+           go-version: 1.21.x
+
+       - name: Fetch and Sort UA Data
+         run: |
+           go get github.com/buger/jsonparser
+           go run .
+         working-directory: _uaupdate
+
+       - name: Create local changes
+         run: |
+           git add protocol/http-user-agent.txt
+       - name: Commit files
+         run: |
+           git config --local user.email "[email protected]"
+           git config --local user.name "GitHub Action"
+           git commit --allow-empty -m "HTTP User Agent update"
+       - name: Push changes
+         uses: ad-m/github-push-action@master
+         with:
+           github_token: ${{ secrets.GH_TOKEN }}
+           branch: ${{ github.ref }} 

_uaupdate/README.md

@@ -0,0 +1,11 @@
+# Updating the go-exploit HTTP User Agent
+
+This main.go fetches user agents from the Project Discovery [useragent](https://github.com/projectdiscovery/useragent) package (using the [MIT license](https://github.com/projectdiscovery/useragent/blob/main/LICENSE)), and filters them down to the most recent Windows Chrome User-Agent. The output is written to `./protocol/http-user-agent.txt`.
+
+Usage example:
+
+```console
+albinolobster@mournland:~/go-exploit/_uaupdate$ go run .
+albinolobster@mournland:~/go-exploit/_uaupdate$ cat ../protocol/http-user-agent.txt 
+Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
+```

_uaupdate/main.go

@@ -0,0 +1,56 @@
+package main
+
+import (
+	"os"
+	"regexp"
+	"strconv"
+
+	"github.com/buger/jsonparser"
+	"github.com/vulncheck-oss/go-exploit/output"
+	"github.com/vulncheck-oss/go-exploit/protocol"
+)
+
+func main() {
+	uri := "https://raw.githubusercontent.com/projectdiscovery/useragent/main/useragent_data.json"
+	resp, body, ok := protocol.HTTPSendAndRecv("GET", uri, "")
+	if !ok {
+		return
+	}
+
+	if resp.StatusCode != 200 {
+		output.PrintfError("Unexpected status code: %d %s", resp.StatusCode, body)
+
+		return
+	}
+
+	// looking in tags for the latest Chrome on Windows whatever
+	chromePattern := regexp.MustCompile(`^Chrome (\d+) on Windows \d+$`)
+
+	// pattern to find the Safari string so we can drop everything after
+	safariPattern := regexp.MustCompile(`^.*Safari/[\d\.]+`)
+
+	// store the newest version as we loop through the data
+	latestChromeUA := ""
+	latestChromeVer := 0
+
+	_, _ = jsonparser.ArrayEach([]byte(body), func(entry []byte, _ jsonparser.ValueType, _ int, _ error) {
+		_, _ = jsonparser.ArrayEach(entry, func(tag []byte, _ jsonparser.ValueType, _ int, _ error) {
+			matches := chromePattern.FindStringSubmatch(string(tag))
+			if len(matches) == 2 {
+				version, _ := strconv.Atoi(matches[1])
+				if version > latestChromeVer {
+					ua, _ := jsonparser.GetString(entry, "Raw")
+					cleanedUA := safariPattern.FindString(ua)
+					if cleanedUA != "" {
+						latestChromeUA = cleanedUA
+						latestChromeVer = version
+					}
+				}
+			}
+		}, "Tags")
+	})
+
+	if len(latestChromeUA) != 0 {
+		_ = os.WriteFile("../protocol/http-user-agent.txt", []byte(latestChromeUA), 0o644)
+	}
+}

go.mod

@@ -1,21 +1,11 @@
 module github.com/vulncheck-oss/go-exploit
 
-go 1.21
+go 1.22.2
 
 require (
 	github.com/lor00x/goldap v0.0.0-20240304151906-8d785c64d1c8
-	github.com/projectdiscovery/useragent v0.0.55
 	github.com/vjeantet/ldapserver v1.0.2-0.20240305064909-a417792e2906
 	golang.org/x/crypto v0.24.0
 	golang.org/x/net v0.26.0
 	golang.org/x/text v0.16.0
-)
-
-require (
-	github.com/aymerick/douceur v0.2.0 // indirect
-	github.com/gorilla/css v1.0.0 // indirect
-	github.com/microcosm-cc/bluemonday v1.0.25 // indirect
-	github.com/projectdiscovery/blackrock v0.0.1 // indirect
-	github.com/projectdiscovery/utils v0.1.1 // indirect
-	github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect
-)
+)

go.sum

@@ -1,26 +1,6 @@
-github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
-github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
-github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
-github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c=
 github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0=
 github.com/lor00x/goldap v0.0.0-20240304151906-8d785c64d1c8 h1:z9RDOBcFcf3f2hSfKuoM3/FmJpt8M+w0fOy4wKneBmc=
 github.com/lor00x/goldap v0.0.0-20240304151906-8d785c64d1c8/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0=
-github.com/microcosm-cc/bluemonday v1.0.25 h1:4NEwSfiJ+Wva0VxN5B8OwMicaJvD8r9tlJWm9rtloEg=
-github.com/microcosm-cc/bluemonday v1.0.25/go.mod h1:ZIOjCQp1OrzBBPIJmfX4qDYFuhU02nx4bn030ixfHLE=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/projectdiscovery/blackrock v0.0.1 h1:lHQqhaaEFjgf5WkuItbpeCZv2DUIE45k0VbGJyft6LQ=
-github.com/projectdiscovery/blackrock v0.0.1/go.mod h1:ANUtjDfaVrqB453bzToU+YB4cUbvBRpLvEwoWIwlTss=
-github.com/projectdiscovery/useragent v0.0.55 h1:SBeH+O9CTAgqRN96bAaOVw/ZyIILnMmcxE9xc+zWRYY=
-github.com/projectdiscovery/useragent v0.0.55/go.mod h1:WCUCKjalMFtnn7Xq2z33/CoWm1gbO9jeZkFLEFC6ChA=
-github.com/projectdiscovery/utils v0.1.1 h1:iQ/DyrClxbIbKMUCXfXLA1lFkqprrUM9Ti/nMU5dQj4=
-github.com/projectdiscovery/utils v0.1.1/go.mod h1:EPuSvVIvp61nXJD5EO65vaCv82OuhO+wfZpWAWA0q3o=
-github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d h1:hrujxIzL1woJ7AwssoOcM/tq5JjjG2yYOc8odClEiXA=
-github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d/go.mod h1:uugorj2VCxiV1x+LzaIdVa9b4S4qGAcH6cbhh4qVxOU=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/vjeantet/ldapserver v1.0.2-0.20240305064909-a417792e2906 h1:qHFp1iRg6qE8xYel3bQT9x70pyxsdPLbJnM40HG3Oig=
 github.com/vjeantet/ldapserver v1.0.2-0.20240305064909-a417792e2906/go.mod h1:YvUqhu5vYhmbcLReMLrm/Tq3S7Yj43kSVFvvol6Lh6k=
 golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
@@ -29,5 +9,3 @@ golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
 golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
 golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
-gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

protocol/http-user-agent.txt

@@ -0,0 +1 @@
+Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

protocol/httphelper.go

@@ -2,6 +2,8 @@ package protocol
 
 import (
 	"crypto/tls"
+	// vscode desperately wants to remove this.
+	_ "embed"
 	"fmt"
 	"io"
 	"mime/multipart"
@@ -13,27 +15,18 @@ import (
 	"strings"
 	"time"
 
-	"github.com/projectdiscovery/useragent"
 	"github.com/vulncheck-oss/go-exploit/output"
 	"github.com/vulncheck-oss/go-exploit/transform"
 )
 
-// GlobalUA is the default User-Agent for all go-exploit comms.
-var GlobalUA = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" +
-	"(KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.33"
+// GlobalUA is the default User-Agent for all go-exploit comms
+//
+//go:embed http-user-agent.txt
+var GlobalUA string
 
 // GlobalCommTimeout is the default timeout for all socket communications.
 var GlobalCommTimeout = 10
 
-func init() {
-	agent, err := useragent.PickWithFilters(1, []useragent.Filter{useragent.Chrome}...)
-	if err != nil {
-		output.PrintFrameworkWarn("Couldn't select a User-Agent. Falling back to default.")
-	} else {
-		GlobalUA = agent[0].String()
-	}
-}
-
 // Returns a valid HTTP/HTTPS URL provided the given input.
 func GenerateURL(rhost string, rport int, ssl bool, uri string) string {
 	url := ""