Documentation

Index

Constants

This section is empty.

Variables

View Source
var DefaultDialer = &RestrictedDialer{}

    DefaultDialer is a global instance of a RestrictedDialer

    Functions

    func Dialer

    func Dialer() *net.Dialer

      Dialer returns a net.Dialer that restricts outbound connections to only the addresses allowed by the DefaultDialer.

      func SetAllowedHosts

      func SetAllowedHosts(allowed []string)

        SetAllowedHosts sets the list of allowed hosts or IP ranges for the default dialer.

        Types

        type RestrictedDialer

        type RestrictedDialer struct {
        	// contains filtered or unexported fields
        }

          RestrictedDialer is used to create a net.Dialer which restricts outbound connections to only allowlisted IP ranges.

          func (*RestrictedDialer) AllowedHosts

          func (d *RestrictedDialer) AllowedHosts() []string

            AllowedHosts returns the configured hosts that are allowed for the dialer.

            func (*RestrictedDialer) Dialer

            func (d *RestrictedDialer) Dialer() *net.Dialer

              Dialer returns a net.Dialer that restricts outbound connections to only the allowed addresses over TCP.

              By default, since Gophish anticipates connections originating to hosts on the local network, we only deny access to the link-local addresses at 169.254.0.0/16.

              If hosts are provided, then Gophish blocks access to all local addresses except the ones provided.

              This implementation is based on the blog post by Andrew Ayer at https://www.agwa.name/blog/post/preventing_server_side_request_forgery_in_golang

              func (*RestrictedDialer) SetAllowedHosts

              func (d *RestrictedDialer) SetAllowedHosts(allowed []string) error

                SetAllowedHosts sets the list of allowed hosts or IP ranges for the dialer.

                Source Files