diff options
| author | Shulhan <ms@kilabit.info> | 2023-05-16 13:42:56 +0700 |
|---|---|---|
| committer | Shulhan <ms@kilabit.info> | 2023-05-16 13:42:56 +0700 |
| commit | 147fd4eb7a76d387a4c23bcac399971b8b099232 (patch) | |
| tree | 5d8a25ccaa42a8041647eb99737bae97d4968fab /http_server.go | |
| parent | 361358eec4853cb75600b11a99ad0894dd8e83b0 (diff) | |
| download | gorankusu-147fd4eb7a76d387a4c23bcac399971b8b099232.tar.xz | |
all: implement HTTP API to run and cancel attack on HTTP target
This endpoints similar that we have in the WebSocket.
The idea is to replace the WebSocket endpoints with this one.
Diffstat (limited to 'http_server.go')
| -rw-r--r-- | http_server.go | 115 |
1 files changed, 113 insertions, 2 deletions
diff --git a/http_server.go b/http_server.go index 43d166d..d737352 100644 --- a/http_server.go +++ b/http_server.go @@ -21,15 +21,28 @@ var ( ResponseType: libhttp.ResponseTypeJSON, } + apiAttackHttp = libhttp.Endpoint{ + Method: libhttp.RequestMethodPost, + Path: `/_trunks/api/attack/http`, + RequestType: libhttp.RequestTypeJSON, + ResponseType: libhttp.ResponseTypeJSON, + } + apiAttackHttpCancel = libhttp.Endpoint{ + Method: libhttp.RequestMethodDelete, + Path: `/_trunks/api/attack/http`, + RequestType: libhttp.RequestTypeJSON, + ResponseType: libhttp.ResponseTypeJSON, + } + apiAttackResultDelete = &libhttp.Endpoint{ Method: libhttp.RequestMethodDelete, - Path: apiAttackResult, + Path: pathApiAttackResult, RequestType: libhttp.RequestTypeJSON, ResponseType: libhttp.ResponseTypeJSON, } apiAttackResultGet = &libhttp.Endpoint{ Method: libhttp.RequestMethodGet, - Path: apiAttackResult, + Path: pathApiAttackResult, RequestType: libhttp.RequestTypeQuery, ResponseType: libhttp.ResponseTypeJSON, } @@ -97,6 +110,18 @@ func (trunks *Trunks) initHttpServer(isDevelopment bool) (err error) { return fmt.Errorf("%s: %w", logp, err) } + apiAttackHttp.Call = trunks.apiAttackHttp + err = trunks.Httpd.RegisterEndpoint(&apiAttackHttp) + if err != nil { + return fmt.Errorf(`%s: %w`, logp, err) + } + + apiAttackHttpCancel.Call = trunks.apiAttackHttpCancel + err = trunks.Httpd.RegisterEndpoint(&apiAttackHttpCancel) + if err != nil { + return fmt.Errorf(`%s: %w`, logp, err) + } + apiAttackResultDelete.Call = trunks.apiAttackResultDelete err = trunks.Httpd.RegisterEndpoint(apiAttackResultDelete) if err != nil { @@ -142,6 +167,92 @@ func (trunks *Trunks) apiEnvironmentGet(epr *libhttp.EndpointRequest) (resbody [ return json.Marshal(&res) } +// apiAttackHttp request to attack HTTP target. +// +// Request format, +// +// POST /_trunks/api/attack/http +// Content-Type: application/json +// +// <RunRequest> +// +// Response format, +// +// Content-Type: application/json +// +// {"data":<RunRequest>} +// +// Response codes, +// - 200 OK: success. +// - 500 ERR_INTERNAL: internal server error. +func (trunks *Trunks) apiAttackHttp(epr *libhttp.EndpointRequest) (resbody []byte, err error) { + var ( + logp = `apiAttackHttp` + runRequest = &RunRequest{} + ) + + err = json.Unmarshal(epr.RequestBody, runRequest) + if err != nil { + return nil, fmt.Errorf(`%s: %w`, logp, err) + } + + err = trunks.AttackHttp(runRequest) + if err != nil { + return nil, fmt.Errorf(`%s: %w`, logp, err) + } + + var res = &libhttp.EndpointResponse{} + res.Code = http.StatusOK + res.Name = `OK_ATTACK_HTTP` + res.Data = runRequest + + resbody, err = json.Marshal(res) + if err != nil { + return nil, fmt.Errorf(`%s: %w`, logp, err) + } + return resbody, nil +} + +// apiAttackHttpCancel request to cancel the running attack on HTTP target. +// +// Request format, +// +// DELETE /_trunks/api/attack/http +// +// Response format, +// +// Content-Type: application/json +// +// {"data":<RunRequest>} +// +// Response codes, +// - 200 OK: success, return the RunRequest object that has been cancelled. +// - 500 ERR_INTERNAL: internal server error. +func (trunks *Trunks) apiAttackHttpCancel(epr *libhttp.EndpointRequest) (resbody []byte, err error) { + var ( + logp = `apiAttackHttpCancel` + runRequest *RunRequest + ) + + runRequest, err = trunks.AttackHttpCancel() + if err != nil { + return nil, fmt.Errorf(`%s: %w`, logp, err) + } + + var res = &libhttp.EndpointResponse{} + res.Code = http.StatusOK + res.Name = `OK_ATTACK_HTTP_CANCEL` + res.Message = fmt.Sprintf(`Attack on target "%s/%s" has been canceled`, + runRequest.Target.Name, runRequest.HttpTarget.Name) + res.Data = runRequest + + resbody, err = json.Marshal(res) + if err != nil { + return nil, fmt.Errorf(`%s: %w`, logp, err) + } + return resbody, nil +} + func (trunks *Trunks) apiAttackResultDelete(epr *libhttp.EndpointRequest) (resbody []byte, err error) { name := epr.HttpRequest.Form.Get(paramNameName) if len(name) == 0 { |
