Cyber security

Its-A-Trap : Building Secure Web Applications With A Golang Web Server For Authentication

Simple golang webserver that listens for basic auth or post requests and sends a notification when a user enters a password.

You need to add your custom templates and post the username and password parameter to /login when using the post mode.

Folder Layout

its-a-trap/custom
├── assets
│   └── styles.css
└── templates
    ├── finish.html
    └── index.html

This will serve index.html and show finish.html upon sending a post request. You can use the asset_folder to store your custom assets needed for the templates. In basic auth mode only finish.html is shown.

Basic Auth Example

{
  "server": {
    "listen": "127.0.0.1",
    "port": 8000
  },
  "method": "basic",
  "cloudflare": false,
  "timeout": "5s",
  "basic": {
    "realm": "restricted",
  },
  "template": {
    "folder": "./custom/templates",
    "index_template": "index.html",
    "finish_template": "finish.html",
    "asset_folder": "./custom/assets"
  }
}

Post Example

{
  "server": {
    "listen": "127.0.0.1",
    "port": 8000
  },
  "method": "post",
  "cloudflare": false,
  "timeout": "5s",
  "template": {
    "folder": "./custom/templates",
    "index_template": "index.html",
    "finish_template": "finish.html",
    "asset_folder": "./custom/assets"
  }
}

In POST mode you have access to the following variables inside the template:

  • {{ .LoginURL }} – The URL to post to
  • {{ .UsernameParameter }} – the username parameter name
  • {{ .PasswordParameter }} – the password parameter name

Example:

<form action="{{ .LoginURL }}" method="post">
  <label for="fname">Username:</label>
  <input type="text" id="fname" name="{{ .UsernameParameter }}"><br><br>
  <label for="fpass">Password:</label>
  <input type="password" id="fpass" name="{{ .PasswordParameter }}"><br><br>
  <input type="submit" value="Submit">
</form>
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityinformationsecurityIts-A-Trapkalilinuxkalilinuxtools
1 year ago

Recent Posts

The Growing Role of Digital Libraries in Remote Education

Learning Without Walls Remote education has long been a lifeline for students in rural areas…

17 hours ago

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

1 day ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

2 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

2 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

2 weeks ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

2 weeks ago