Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JSON output enhancement + Optional probe flag #319

Closed
2 tasks
nil0x42 opened this issue Jul 12, 2021 · 7 comments · Fixed by #323 or #347
Closed
2 tasks

JSON output enhancement + Optional probe flag #319

nil0x42 opened this issue Jul 12, 2021 · 7 comments · Fixed by #323 or #347
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.

Comments

@nil0x42
Copy link

nil0x42 commented Jul 12, 2021
edited
Loading

proposal:

add a original-input key-value pair to json output:

{"original-input": "www.google.com"...}

being able to know which input returned a result makes use of httpx way more reliable for automation.

another useful feature for automation would be ability to return json even if no website was found, for example:
echo thisisinvalid.notatld | httpx -json

{"original-input": "thisisinvalid.notatld", "failed": true}
  • Exposing input host in the JSON output (default)
echo hackerone.com | httpx -json | jq .

   "timestamp": "2021-07-12T18:19:54.158334+05:30",
   "scheme": "https",
+  "host": "hackerone.com",
   "port": "443",
   "path": "/",
  • Exposing probe stats in JSON output (optional)
echo notavalidhackerone.com | httpx -json -status | jq .

     "timestamp": "2021-07-12T18:19:54.158334+05:30",
     "scheme": "https",
     "host": "notavalidhackerone.com",
     "port": "443",
     "path": "/",
+    "status": "failed"
@ehsandeep ehsandeep changed the title json improvements: return original input on json output, and failed results JSON output enhancement Jul 12, 2021
@ehsandeep
Copy link
Member

thank you @nil0x42, I've updated the issue with more details around the feature you suggested here.

@ehsandeep ehsandeep added the Type: Enhancement Most issues will probably ask for additions or changes. label Jul 12, 2021
@nil0x42
Copy link
Author

nil0x42 commented Jul 12, 2021

i proposed "original-input" as key name because "host" is already used in json output, and gives which IP was used to make the request

also, considering that httpx accepts IPs, domains, or URLs as input, the host keyname could be confusing, if it is a simple copy of the input string used by httpx

@Mzack9999 Mzack9999 linked a pull request Jul 20, 2021 that will close this issue
[Feature] Adding new status flag #323
Merged
@ehsandeep ehsandeep added the Status: Completed Nothing further to be done with this issue. Awaiting to be closed. label Jul 23, 2021
@ehsandeep
Copy link
Member

@nil0x42 both feature is now supported in dev branch.

> subfinder -d hackerone.com | ./httpx -probe

https://api.hackerone.com [SUCCESS]
https://support.hackerone.com [SUCCESS]
https://gslink.hackerone.com [SUCCESS]
https://resources.hackerone.com [SUCCESS]
https://docs.hackerone.com [SUCCESS]
http://events.hackerone.com [FAILED]
http://o1.email.hackerone.com [FAILED]
http://go.hackerone.com [FAILED]
http://o2.email.hackerone.com [FAILED]
{
  "timestamp": "2021-07-24T15:50:27.608389+05:30",
  "url": "http://b.ns.hackerone.com",
  "input": "b.ns.hackerone.com",
  "error": "no address found for host (Client.Timeout exceeded while awaiting headers)",
  "failed": true
}

@ehsandeep ehsandeep changed the title JSON output enhancement JSON output enhancement + Optional probe flag Jul 24, 2021
@ehsandeep ehsandeep linked a pull request Aug 7, 2021 that will close this issue
v1.1.1 release preparation #347
Merged
@nil0x42
Copy link
Author

nil0x42 commented Aug 9, 2021
edited
Loading

Hi ! I've just tested v1.1.1. It has many new cool features.
Therefore, the behavior of input is different from what i expected:

echo thisisinvalid.com | ./httpx -silent -random-agent -title -web-server -tech-detect -follow-redirects -json -ports 443 -ip -probe | gron
json = {};
json.error = "no address found for host";
json.failed = true;
json.input = "https://thisisinvalid.com:443";
json.timestamp = "2021-08-09T16:42:01.485342456Z";
json.url = "http://thisisinvalid.com:443";

Here, input is the default URL built from input for making http probes, but not the actual input (which is thisisinvalid.com)
Is this the expected behavior ?

@ehsandeep
Copy link
Member

thank you @nil0x42, the expected is this:-

echo thisisinvalid.com | httpx -silent -random-agent -title -web-server -tech-detect -follow-redirects -json -ip -probe | gron

json = {};
json.error = "no address found for host";
json.failed = true;
json.input = "thisisinvalid.com";
json.timestamp = "2021-08-09T22:29:28.254645+05:30";
json.url = "http://thisisinvalid.com";

However, it appears that the input value is adjusted when used in conjunction with ports, with that said, we will have it corrected the next time.

@nil0x42
Copy link
Author

nil0x42 commented Aug 10, 2021

ah ok ! indeed without -ports it works, thank you

@nil0x42
Copy link
Author

nil0x42 commented Aug 10, 2021

I just found another case where input is changed, it happens when using -no-fallback-scheme:

echo http://192.168.0.1 | httpx -silent -no-fallback-scheme -probe -json | gron
json = {};
json.error = "context deadline exceeded (Client.Timeout exceeded while awaiting headers)";
json.failed = true;
json.input = "192.168.0.1:80";
json.timestamp = "2021-08-10T16:42:45.915270519Z";
json.url = "http://192.168.0.1:80";

@ehsandeep ehsandeep mentioned this issue Aug 15, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
2 participants
@nil0x42 @ehsandeep