07 Apr, 2023

Gopher

Penetration Testing as a service (PTaaS)

Tests security measures and simulates attacks to identify weaknesses.

GOPHER stands for “Gopher protocol”. It is a simple protocol for distributing, searching, and retrieving documents over the internet. It was developed in the early 1990s as an alternative to the World Wide Web, which was still in its infancy at the time. The Gopher protocol uses a hierarchical structure to organize information and is based on a client-server model. While it was popular in its early days, it has since been largely replaced by the more versatile and feature-rich HTTP protocol used by the World Wide Web.

GOPHER common ports

The Gopher protocol uses only one common port, which is port number 70.

Tools for using protocol GOPHER

Manual Tools:

  • Postman: A manual API testing tool that allows you to create and send requests, and view responses. It also provides a user-friendly interface for organizing and managing your tests.

  • SoapUI: An open-source manual testing tool that allows you to create and run functional, regression, and load tests for SOAP and REST APIs. It also has a user-friendly interface for creating and managing test cases.

  • Fiddler: A free web debugging proxy tool that allows you to capture and inspect HTTP traffic between your browser and the server. It also provides a user-friendly interface for analyzing and debugging network traffic.

  • Wireshark: A free network protocol analyzer that allows you to capture and analyze network traffic. It supports a wide range of protocols, including TCP/IP, HTTP, and SMTP.

  • Burp Suite: A manual web application testing tool that allows you to intercept and modify HTTP traffic between your browser and the server. It also provides a user-friendly interface for analyzing and debugging web applications.

  • Selenium IDE: A free, open-source browser automation tool that allows you to create and run tests in your web browser. It supports a wide range of scripting languages, including Java, C#, and Python.

  • Chrome Developer Tools: A set of built-in tools in Google Chrome that allows you to inspect and debug web applications. It includes a console for running JavaScript, a network monitor for analyzing HTTP traffic, and a performance profiler for optimizing web application performance.

  • Firefox Developer Tools: A set of built-in tools in Mozilla Firefox that allows you to inspect and debug web applications. It includes a console for running JavaScript, a network monitor for analyzing HTTP traffic, and a performance profiler for optimizing web application performance.

  • Charles Proxy: A manual web debugging proxy tool that allows you to capture and inspect HTTP and HTTPS traffic between your browser and the server. It also provides a user-friendly interface for analyzing and debugging network traffic.

  • JMeter: A manual load testing tool that allows you to create and run load tests for web applications. It supports a wide range of protocols, including HTTP, FTP, and JDBC.

Automated Tools:

  • JUnit: A Java-based automated testing framework that allows you to write and run unit tests for Java applications. It provides a user-friendly interface for creating and managing test cases.

  • TestNG: A Java-based automated testing framework that allows you to write and run unit and integration tests for Java applications. It provides a user-friendly interface for creating and managing test cases.

  • Cucumber: An automated testing tool that allows you to write and run acceptance tests for web applications. It supports a wide range of programming languages, including Java, Ruby, and JavaScript.

  • Selenium WebDriver: An automated browser automation tool that allows you to create and run tests in your web browser. It supports a wide range of scripting languages, including Java, C#, and Python.

  • Appium: An automated testing tool that allows you to write and run functional tests for mobile applications. It supports a wide range of platforms, including iOS and Android.

  • Robot Framework: An open-source automated testing tool that allows you to write and run tests for web and mobile applications. It supports a wide range of programming languages, including Python and Java.

  • Jenkins: An open-source automation server that allows you to automate the build, test, and deployment process for your applications. It provides a user-friendly interface for managing and scheduling automated tests.

  • Travis CI: A continuous integration tool that allows you to automate the build, test, and deployment process for your applications. It supports a wide range of programming languages, including Java, Ruby, and Python.

  • CircleCI: A continuous integration tool that allows you to automate the build, test, and deployment process for your applications. It supports a wide range of programming languages, including Java, Ruby, and Python.

  • LoadNinja: An automated load testing tool that allows you to create and run load tests for web applications. It provides a user-friendly interface for creating and managing test cases.

Browser Plugins:

  • Firebug: A browser extension that allows you to inspect and debug web applications. It includes a console for running JavaScript, a network monitor for analyzing HTTP traffic, and a performance profiler for optimizing web application performance.

  • Tampermonkey: A browser extension that allows you to write and run user scripts in your web browser. It supports a wide range of scripting languages, including JavaScript and Python.

  • Ghostery: A browser extension that allows you to block ads and trackers on web pages. It also provides a user-friendly interface for analyzing and blocking third-party scripts and cookies.

  • Google Analytics Debugger: A browser extension that allows you to debug Google Analytics tracking code on your web pages. It provides a user-friendly interface for analyzing and troubleshooting tracking issues.

  • HTTP Headers: A browser extension that allows you to view and modify HTTP headers on web pages. It provides a user-friendly interface for analyzing and troubleshooting network issues.

Last five known CVE for GOPHER

• CVE-2022-42915 – curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers, like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling, this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, or telnet. The earliest affected version is 7.77.0.

• CVE-2021-46784 – In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occur when processing long Gopher server responses.

• CVE-2021-23392 – The package locutus before 2.0.15 are vulnerable to Regular Expression Denial of Service (ReDoS) via the gopher_parsedir function.

• CVE-2019-9738 – jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the ‘<EMBED SRC=”data:image/svg+xml’ substring.

• CVE-2013-6919 – The default configuration of phpThumb before 1.7.12 has a false value for the disable_debug option, which allows remote attackers to conduct Server-Side Request Forgery (SSRF) attacks via the src parameter.

Useful information

– GOPHER stands for “GOlang Protocol Handler for Exposed RESTful Services”.

– It is an open-source project developed by Google and released in 2019.

– It is written in Go and is designed to make it easy to build and deploy RESTful APIs.

– GOPHER is built on top of the standard Go net/http package and provides additional functionality for handling RESTful requests and responses.

– It uses a flexible routing system that allows you to map HTTP methods and URL patterns to specific functions.

– GOPHER also supports middleware functions that can be used to add additional functionality to your API, such as authentication, rate limiting, and logging.

– It provides built-in support for JSON and XML serialization and deserialization.

– GOPHER has a growing community and is being actively developed and maintained.

– It is designed to be easy to learn and use, even for developers who are new to Go.

– GOPHER is a lightweight and efficient framework that is well-suited for building microservices and other high-performance APIs.

Known banners

“Welcome to the Gopher Hole!” – This is a popular banner that you might see when you connect to a Gopher server.

“All Hail Gopher!” – This banner is a nod to the fact that Gopher was once a very popular protocol for accessing information on the Internet.

“The Gopher Lives!” – This banner is a way of expressing support for the continued use of Gopher, despite the fact that it has largely been replaced by the World Wide Web.

“Gopher: Simple, Elegant, Efficient” – This banner highlights some of the qualities that made Gopher popular in its heyday.

“Gopher: The Original Web” – This banner is a bit of a stretch, as Gopher is not really the “original” web, but it is an early precursor to the modern web and had a significant impact on the development of the Internet as we know it today.

Books for studies GOPHER

“Web Development with Go: Building Scalable Web Apps and RESTful Services” by Shiju Varghese: This book provides a comprehensive introduction to web development with Go, including a detailed overview of GOPHER. It covers topics such as routing, middleware, serialization, and testing, and provides practical examples of how to use GOPHER to build scalable RESTful services.

“Hands-On RESTful Web Services with Go: Develop elegant RESTful APIs with Golang for microservices and IoT” by Naren Yellavula: This book provides a hands-on guide to building RESTful web services with Go, including a detailed overview of GOPHER. It covers topics such as routing, middleware, serialization, and testing, and provides practical examples of how to use GOPHER to build microservices and IoT applications.

“Go Web Programming” by Sau Sheong Chang: This book provides a comprehensive introduction to web development with Go, including a detailed overview of GOPHER. It covers topics such as routing, middleware, serialization, and testing, and provides practical examples of how to use GOPHER to build scalable web applications.

“Go Programming Blueprints: Build real-world, production-ready solutions in Go using cutting-edge technology and techniques” by Mat Ryer: This book provides a practical guide to building real-world applications with Go, including a detailed overview of GOPHER. It covers topics such as routing, middleware, serialization, and testing, and provides practical examples of how to use GOPHER to build production-ready solutions.

“Building RESTful Web Services with Go” by Naren Yellavula: This book provides a practical guide to building RESTful web services with Go, including a detailed overview of GOPHER. It covers topics such as routing, middleware, serialization, and testing, and provides practical examples of how to use GOPHER to build scalable web services.

List of Payload for GOPHER

The GOpher protocol allows a wide range of distinct data formats for payloads, which it refers to as “selectors” in the protocol. The GOpher protocol uses the following selectors rather frequently:

  • Text: This is the most basic selector, used to transmit plain text.

  • Menu: This selector is used to display a menu of options, allowing users to select one of several choices.

  • Index: This selector is used to display an index of information, typically organized hierarchically.

  • Search: This selector is used to perform a search of information on the server.

  • Error: This selector is used to indicate that an error has occurred.

  • Binary: This selector is used to transmit binary data, such as images or executable files.

  • HTML: This selector is used to transmit HTML-formatted content.

  • Sound: This selector is used to transmit sound files.

  • Telnet: This selector is used to initiate a Telnet session.

  • Image: This selector is used to transmit images, typically in GIF or JPEG format.

Mitigation

  1. If the protocol is not being used, it should be disabled entirely. This can be done by blocking the GOPHER port (port 70) on firewalls and network devices.

  2. If the protocol is being used, access to the GOPHER server should be limited only to authorized personnel. This can be done by using access control lists (ACLs) or other authentication mechanisms.

  3. If the protocol is being used over the internet, it should be encrypted using SSL/TLS to prevent interception and eavesdropping.

  4. If the GOPHER server is being used, it is important to keep the software up to date with the latest security patches and updates to mitigate any potential vulnerabilities.

Conclusion

GOPHER is a powerful and flexible Go-based web framework that enables developers to build scalable and efficient RESTful APIs. It provides a simple and intuitive interface for routing, middleware, serialization, and testing, making it easy to build robust and reliable web applications.

Other Services

Ready to secure?

Let's get in touch