lib

package
v0.0.0-...-76277b0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 4, 2025 License: MIT Imports: 38 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Client           *http.Client // 标准HTTP客户端
	ClientNoRedirect *http.Client // 不自动跟随重定向的HTTP客户端

)

全局HTTP客户端变量

View Source 
var (
	// CheckContent 是经过base64编码的Shiro序列化对象
	CheckContent = "" /* 152-byte string literal not displayed */
	// Content 是解码后的原始内容
	Content, _ = base64.StdEncoding.DecodeString(CheckContent)
)
View Source 
var File_http_proto protoreflect.FileDescriptor

Functions

func AES_CBC_Encrypt 

func AES_CBC_Encrypt(shirokey string) string

AES_CBC_Encrypt 使用AES-CBC模式加密

func AES_GCM_Encrypt 

func AES_GCM_Encrypt(shirokey string) string

AES_GCM_Encrypt 使用AES-GCM模式加密(Shiro 1.4.2+)

func CheckInfoPoc 

func CheckInfoPoc(infostr string) string

CheckInfoPoc 检查POC信息并返回别名

func CheckMultiPoc 

func CheckMultiPoc(req *http.Request, pocs []*Poc, workers int)

CheckMultiPoc 并发执行多个POC检测 参数说明: - req: HTTP请求对象 - pocs: POC检测脚本列表 - workers: 并发工作协程数量

func Combo 

func Combo(input ListMap) [][]string

Combo 生成参数组合

func Evaluate 

func Evaluate(env *cel.Env, expression string, params map[string]interface{}) (ref.Val, error)

Evaluate 评估 CEL 表达式

func GetHeader 

func GetHeader(header map[string]string) string

GetHeader 将HTTP头转换为字符串格式

func GetShrioCookie 

func GetShrioCookie(key, mode string) string

GetShrioCookie 获取加密后的Shiro Cookie值

func InitHttpClient 

func InitHttpClient(ThreadsNum int, DownProxy string, Timeout time.Duration) error

InitHttpClient 创建HTTP客户端

func Inithttp 

func Inithttp()

Inithttp 初始化HTTP客户端配置

func MakeData 

func MakeData(base [][]string, nextData []string) [][]string

MakeData 将新的参数值与已有的组合进行组合

func NewEnv 

func NewEnv(c *CustomLib) (*cel.Env, error)

NewEnv 创建一个新的 CEL 环境

func Padding 

func Padding(plainText []byte, blockSize int) []byte

Padding 对明文进行PKCS7填充

func RandomStr 

func RandomStr(randSource *rand.Rand, letterBytes string, n int) string

RandomStr 生成指定长度的随机字符串

func SelectPoc 

func SelectPoc(Pocs embed.FS, pocname string) []string

SelectPoc 根据名称关键字选择POC文件

func UrlTypeToString 

func UrlTypeToString(u *UrlType) string

UrlTypeToString 将 TargetURL 结构体转换为字符串

Types

type CustomLib 

type CustomLib struct {
	// contains filtered or unexported fields
}

func NewEnvOption 

func NewEnvOption() CustomLib

func (*CustomLib) CompileOptions 

func (c *CustomLib) CompileOptions() []cel.EnvOption

CompileOptions 返回环境编译选项

func (*CustomLib) ProgramOptions 

func (c *CustomLib) ProgramOptions() []cel.ProgramOption

ProgramOptions 返回程序运行选项

func (*CustomLib) UpdateCompileOptions 

func (c *CustomLib) UpdateCompileOptions(args StrMap)

UpdateCompileOptions 更新编译选项,处理不同类型的变量声明

type Detail 

type Detail struct {
	Author      string   `yaml:"author"`      // POC作者
	Links       []string `yaml:"links"`       // 相关链接
	Description string   `yaml:"description"` // POC描述
	Version     string   `yaml:"version"`     // POC版本
}

Detail 定义POC详情结构

type ListItem 

type ListItem struct {
	Key   string   // 键名
	Value []string // 值列表
}

ListItem 字符串键列表值对

type ListMap 

type ListMap []ListItem // 字符串键列表值映射

自定义映射类型

func (*ListMap) UnmarshalYAML 

func (r *ListMap) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML 实现ListMap的YAML解析接口 参数:

  • unmarshal: YAML解析函数

返回:

  • error: 解析错误

type MapSlice 

type MapSlice = yaml.MapSlice

MapSlice 用于解析YAML的通用映射类型

type Poc 

type Poc struct {
	Name   string  `yaml:"name"`   // POC名称
	Set    StrMap  `yaml:"set"`    // 单值配置映射
	Sets   ListMap `yaml:"sets"`   // 列表值配置映射
	Rules  []Rules `yaml:"rules"`  // 检测规则列表
	Groups RuleMap `yaml:"groups"` // 规则组映射
	Detail Detail  `yaml:"detail"` // 漏洞详情
}

Poc 定义漏洞检测配置结构

func LoadMultiPoc 

func LoadMultiPoc(Pocs embed.FS, pocname string) []*Poc

LoadMultiPoc 加载多个POC文件

func LoadPoc 

func LoadPoc(fileName string, Pocs embed.FS) (*Poc, error)

LoadPoc 从内嵌文件系统加载单个POC

func LoadPocbyPath 

func LoadPocbyPath(fileName string) (*Poc, error)

LoadPocbyPath 从文件系统路径加载POC

type Request 

type Request struct {
	Url         *UrlType          `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
	Method      string            `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"`
	Headers     map[string]string `` /* 155-byte string literal not displayed */
	ContentType string            `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"`
	Body        []byte            `protobuf:"bytes,5,opt,name=body,proto3" json:"body,omitempty"`
	// contains filtered or unexported fields
}

func ParseRequest 

func ParseRequest(oReq *http.Request) (*Request, error)

ParseRequest 将标准 HTTP 请求转换为自定义请求对象

func (*Request) Descriptor deprecated 

func (*Request) Descriptor() ([]byte, []int)

Deprecated: Use Request.ProtoReflect.Descriptor instead.

func (*Request) GetBody 

func (x *Request) GetBody() []byte

func (*Request) GetContentType 

func (x *Request) GetContentType() string

func (*Request) GetHeaders 

func (x *Request) GetHeaders() map[string]string

func (*Request) GetMethod 

func (x *Request) GetMethod() string

func (*Request) GetUrl 

func (x *Request) GetUrl() *UrlType

func (*Request) ProtoMessage 

func (*Request) ProtoMessage()

func (*Request) ProtoReflect 

func (x *Request) ProtoReflect() protoreflect.Message

func (*Request) Reset 

func (x *Request) Reset()

func (*Request) String 

func (x *Request) String() string

type Response 

type Response struct {
	Url         *UrlType          `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
	Status      int32             `protobuf:"varint,2,opt,name=status,proto3" json:"status,omitempty"`
	Headers     map[string]string `` /* 155-byte string literal not displayed */
	ContentType string            `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"`
	Body        []byte            `protobuf:"bytes,5,opt,name=body,proto3" json:"body,omitempty"`
	Duration    float64           `protobuf:"fixed64,6,opt,name=duration,proto3" json:"duration,omitempty"`
	// contains filtered or unexported fields
}

func DoRequest 

func DoRequest(req *http.Request, redirect bool) (*Response, error)

DoRequest 执行 HTTP 请求

func ParseResponse 

func ParseResponse(oResp *http.Response) (*Response, error)

ParseResponse 将标准 HTTP 响应转换为自定义响应对象

func (*Response) Descriptor deprecated 

func (*Response) Descriptor() ([]byte, []int)

Deprecated: Use Response.ProtoReflect.Descriptor instead.

func (*Response) GetBody 

func (x *Response) GetBody() []byte

func (*Response) GetContentType 

func (x *Response) GetContentType() string

func (*Response) GetDuration 

func (x *Response) GetDuration() float64

func (*Response) GetHeaders 

func (x *Response) GetHeaders() map[string]string

func (*Response) GetStatus 

func (x *Response) GetStatus() int32

func (*Response) GetUrl 

func (x *Response) GetUrl() *UrlType

func (*Response) ProtoMessage 

func (*Response) ProtoMessage()

func (*Response) ProtoReflect 

func (x *Response) ProtoReflect() protoreflect.Message

func (*Response) Reset 

func (x *Response) Reset()

func (*Response) String 

func (x *Response) String() string

type Reverse 

type Reverse struct {
	Url                string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
	Domain             string `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"`
	Ip                 string `protobuf:"bytes,3,opt,name=ip,proto3" json:"ip,omitempty"`
	IsDomainNameServer bool   `protobuf:"varint,4,opt,name=is_domain_name_server,json=isDomainNameServer,proto3" json:"is_domain_name_server,omitempty"`
	// contains filtered or unexported fields
}

func (*Reverse) Descriptor deprecated 

func (*Reverse) Descriptor() ([]byte, []int)

Deprecated: Use Reverse.ProtoReflect.Descriptor instead.

func (*Reverse) GetDomain 

func (x *Reverse) GetDomain() string

func (*Reverse) GetIp 

func (x *Reverse) GetIp() string

func (*Reverse) GetIsDomainNameServer 

func (x *Reverse) GetIsDomainNameServer() bool

func (*Reverse) GetUrl 

func (x *Reverse) GetUrl() string

func (*Reverse) ProtoMessage 

func (*Reverse) ProtoMessage()

func (*Reverse) ProtoReflect 

func (x *Reverse) ProtoReflect() protoreflect.Message

func (*Reverse) Reset 

func (x *Reverse) Reset()

func (*Reverse) String 

func (x *Reverse) String() string

type RuleItem 

type RuleItem struct {
	Key   string  // 键名
	Value []Rules // 规则列表
}

RuleItem 字符串键规则列表对

type RuleMap 

type RuleMap []RuleItem // 字符串键规则列表映射

自定义映射类型

func (*RuleMap) UnmarshalYAML 

func (r *RuleMap) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML 实现RuleMap的YAML解析接口 参数:

  • unmarshal: YAML解析函数

返回:

  • error: 解析错误

type Rules 

type Rules struct {
	Method          string            `yaml:"method"`           // HTTP请求方法
	Path            string            `yaml:"path"`             // 请求路径
	Headers         map[string]string `yaml:"headers"`          // 请求头
	Body            string            `yaml:"body"`             // 请求体
	Search          string            `yaml:"search"`           // 搜索模式
	FollowRedirects bool              `yaml:"follow_redirects"` // 是否跟随重定向
	Expression      string            `yaml:"expression"`       // 匹配表达式
	Continue        bool              `yaml:"continue"`         // 是否继续执行
}

Rules 定义POC检测规则结构

type StrItem 

type StrItem struct {
	Key   string // 键名
	Value string // 值
}

StrItem 字符串键值对

type StrMap 

type StrMap []StrItem // 字符串键值对映射

自定义映射类型

func (*StrMap) UnmarshalYAML 

func (r *StrMap) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML 实现StrMap的YAML解析接口

type Task 

type Task struct {
	Req *http.Request // HTTP请求对象
	Poc *Poc          // POC检测脚本
}

Task 定义单个POC检测任务的结构体

type UrlType 

type UrlType struct {
	Scheme   string `protobuf:"bytes,1,opt,name=scheme,proto3" json:"scheme,omitempty"`
	Domain   string `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"`
	Host     string `protobuf:"bytes,3,opt,name=host,proto3" json:"host,omitempty"`
	Port     string `protobuf:"bytes,4,opt,name=port,proto3" json:"port,omitempty"`
	Path     string `protobuf:"bytes,5,opt,name=path,proto3" json:"path,omitempty"`
	Query    string `protobuf:"bytes,6,opt,name=query,proto3" json:"query,omitempty"`
	Fragment string `protobuf:"bytes,7,opt,name=fragment,proto3" json:"fragment,omitempty"`
	// contains filtered or unexported fields
}

func ParseUrl 

func ParseUrl(u *url.URL) *UrlType

ParseUrl 解析 TargetURL 并转换为自定义 TargetURL 类型

func (*UrlType) Descriptor deprecated 

func (*UrlType) Descriptor() ([]byte, []int)

Deprecated: Use UrlType.ProtoReflect.Descriptor instead.

func (*UrlType) GetDomain 

func (x *UrlType) GetDomain() string

func (*UrlType) GetFragment 

func (x *UrlType) GetFragment() string

func (*UrlType) GetHost 

func (x *UrlType) GetHost() string

func (*UrlType) GetPath 

func (x *UrlType) GetPath() string

func (*UrlType) GetPort 

func (x *UrlType) GetPort() string

func (*UrlType) GetQuery 

func (x *UrlType) GetQuery() string

func (*UrlType) GetScheme 

func (x *UrlType) GetScheme() string

func (*UrlType) ProtoMessage 

func (*UrlType) ProtoMessage()

func (*UrlType) ProtoReflect 

func (x *UrlType) ProtoReflect() protoreflect.Message

func (*UrlType) Reset 

func (x *UrlType) Reset()

func (*UrlType) String 

func (x *UrlType) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.