diff --git a/core/plugins/plugin_scan_poc_xray/lib/check.go b/core/plugins/plugin_scan_poc_xray/lib/check.go index ef24e5c..46def0e 100644 --- a/core/plugins/plugin_scan_poc_xray/lib/check.go +++ b/core/plugins/plugin_scan_poc_xray/lib/check.go @@ -3,7 +3,6 @@ package lib import ( "fmt" "github.com/google/cel-go/cel" - "github.com/inbug-team/SweetBabyScan/core/plugins/plugin_scan_poc_xray/models" dModels "github.com/inbug-team/SweetBabyScan/models" "math/rand" "net/http" @@ -73,7 +72,7 @@ func ExecutePoc(oReq *http.Request, p *dModels.DataPocXray) (bool, error, string continue } switch value := out.Value().(type) { - case *models.UrlType: + case *UrlType: variableMap[k] = UrlTypeToString(value) case int64: variableMap[k] = int(value) @@ -244,17 +243,17 @@ func doSearch(re string, body string) map[string]string { return nil } -func newReverse() *models.Reverse { +func newReverse() *Reverse { letters := "1234567890abcdefghijklmnopqrstuvwxyz" randSource := rand.New(rand.NewSource(time.Now().Unix())) sub := RandomStr(randSource, letters, 8) if true { //默认不开启dns解析 - return &models.Reverse{} + return &Reverse{} } urlStr := fmt.Sprintf("http://%s.%s", sub, ceYeDomain) u, _ := url.Parse(urlStr) - return &models.Reverse{ + return &Reverse{ Url: ParseUrl(u), Domain: u.Hostname(), Ip: "", @@ -262,7 +261,7 @@ func newReverse() *models.Reverse { } } -func clusterPoc(oReq *http.Request, p *dModels.DataPocXray, variableMap map[string]interface{}, req *models.Request, env *cel.Env, sLen int, keys []string) (success bool, err error) { +func clusterPoc(oReq *http.Request, p *dModels.DataPocXray, variableMap map[string]interface{}, req *Request, env *cel.Env, sLen int, keys []string) (success bool, err error) { for _, rule := range p.Rules { for k1, v1 := range variableMap { if IsContain(keys, k1) { @@ -387,7 +386,7 @@ func clusterPoc(oReq *http.Request, p *dModels.DataPocXray, variableMap map[stri return success, nil } -func clusterPoc1(oReq *http.Request, p *dModels.DataPocXray, variableMap map[string]interface{}, req *models.Request, env *cel.Env, keys []string) (success bool, err error) { +func clusterPoc1(oReq *http.Request, p *dModels.DataPocXray, variableMap map[string]interface{}, req *Request, env *cel.Env, keys []string) (success bool, err error) { setMap := make(map[string]interface{}) for k := range p.Sets { setMap[k] = p.Sets[k][0] @@ -575,7 +574,7 @@ func clusterPoc1(oReq *http.Request, p *dModels.DataPocXray, variableMap map[str return success, nil } -func clusterSend(oReq *http.Request, variableMap map[string]interface{}, req *models.Request, env *cel.Env, rule dModels.Rules) (bool, error) { +func clusterSend(oReq *http.Request, variableMap map[string]interface{}, req *Request, env *cel.Env, rule dModels.Rules) (bool, error) { if oReq.URL.Path != "" && oReq.URL.Path != "/" { req.Url.Path = fmt.Sprint(oReq.URL.Path, rule.Path) } else { @@ -666,7 +665,7 @@ func evalSet(env *cel.Env, variableMap map[string]interface{}) { continue } switch value := out.Value().(type) { - case *models.UrlType: + case *UrlType: variableMap[k] = UrlTypeToString(value) case int64: variableMap[k] = fmt.Sprintf("%v", value) diff --git a/core/plugins/plugin_scan_poc_xray/lib/eval.go b/core/plugins/plugin_scan_poc_xray/lib/eval.go index 272f858..a6991d3 100644 --- a/core/plugins/plugin_scan_poc_xray/lib/eval.go +++ b/core/plugins/plugin_scan_poc_xray/lib/eval.go @@ -11,7 +11,6 @@ import ( "github.com/google/cel-go/common/types" "github.com/google/cel-go/common/types/ref" "github.com/google/cel-go/interpreter/functions" - "github.com/inbug-team/SweetBabyScan/core/plugins/plugin_scan_poc_xray/models" "github.com/inbug-team/SweetBabyScan/initializes/initialize_http_client" exprPb "google.golang.org/genproto/googleapis/api/expr/v1alpha1" "io" @@ -50,7 +49,7 @@ func Evaluate(env *cel.Env, expression string, params map[string]interface{}) (r return out, nil } -func UrlTypeToString(u *models.UrlType) string { +func UrlTypeToString(u *UrlType) string { var buf strings.Builder if u.Scheme != "" { buf.WriteString(u.Scheme) @@ -93,14 +92,13 @@ type CustomLib struct { func NewEnvOption() CustomLib { c := CustomLib{} - c.envOptions = []cel.EnvOption{ cel.Container("lib"), cel.Types( - &models.UrlType{}, - &models.Request{}, - &models.Response{}, - &models.Reverse{}, + &UrlType{}, + &Request{}, + &Response{}, + &Reverse{}, ), cel.Declarations( decls.NewVar("request", decls.NewObjectType("lib.Request")), @@ -179,6 +177,7 @@ func NewEnvOption() CustomLib { decls.Bool)), ), } + c.programOptions = []cel.ProgramOption{ cel.Functions( &functions.Overload{ @@ -383,7 +382,7 @@ func NewEnvOption() CustomLib { &functions.Overload{ Operator: "reverse_wait_int", Binary: func(lhs ref.Val, rhs ref.Val) ref.Val { - reverse, ok := lhs.Value().(*models.Reverse) + reverse, ok := lhs.Value().(*Reverse) if !ok { return types.ValOrErr(lhs, "unexpected type '%v' passed to 'wait'", lhs.Type()) } @@ -411,6 +410,7 @@ func NewEnvOption() CustomLib { }, ), } + return c } @@ -451,7 +451,7 @@ func randomUppercase(n int) string { return RandomStr(randSource, lowercase, n) } -func reverseCheck(r *models.Reverse, timeout int64) bool { +func reverseCheck(r *Reverse, timeout int64) bool { if ceYeApi == "" || r.Domain == "" { return false } @@ -493,7 +493,7 @@ func RandomStr(randSource *rand.Rand, letterBytes string, n int) string { return string(randBytes) } -func DoRequest(req *http.Request, redirect bool) (*models.Response, error) { +func DoRequest(req *http.Request, redirect bool) (*Response, error) { if req.Body == nil || req.Body == http.NoBody { } else { req.Header.Set("Content-Length", strconv.Itoa(int(req.ContentLength))) @@ -520,8 +520,8 @@ func DoRequest(req *http.Request, redirect bool) (*models.Response, error) { return resp, err } -func ParseUrl(u *url.URL) *models.UrlType { - nu := &models.UrlType{} +func ParseUrl(u *url.URL) *UrlType { + nu := &UrlType{} nu.Scheme = u.Scheme nu.Domain = u.Hostname() nu.Host = u.Host @@ -532,8 +532,8 @@ func ParseUrl(u *url.URL) *models.UrlType { return nu } -func ParseRequest(oReq *http.Request) (*models.Request, error) { - req := &models.Request{} +func ParseRequest(oReq *http.Request) (*Request, error) { + req := &Request{} req.Method = oReq.Method req.Url = ParseUrl(oReq.URL) header := make(map[string]string) @@ -554,8 +554,8 @@ func ParseRequest(oReq *http.Request) (*models.Request, error) { return req, nil } -func ParseResponse(oResp *http.Response) (*models.Response, error) { - var resp models.Response +func ParseResponse(oResp *http.Response) (*Response, error) { + var resp Response header := make(map[string]string) resp.Status = int32(oResp.StatusCode) resp.Url = ParseUrl(oResp.Request.URL) diff --git a/core/plugins/plugin_scan_poc_xray/lib/http.pb.go b/core/plugins/plugin_scan_poc_xray/lib/http.pb.go new file mode 100644 index 0000000..480646e --- /dev/null +++ b/core/plugins/plugin_scan_poc_xray/lib/http.pb.go @@ -0,0 +1,510 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.28.0 +// protoc v3.19.4 +// source: http.proto + +package lib + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type UrlType struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Scheme string `protobuf:"bytes,1,opt,name=scheme,proto3" json:"scheme,omitempty"` + Domain string `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"` + Host string `protobuf:"bytes,3,opt,name=host,proto3" json:"host,omitempty"` + Port string `protobuf:"bytes,4,opt,name=port,proto3" json:"port,omitempty"` + Path string `protobuf:"bytes,5,opt,name=path,proto3" json:"path,omitempty"` + Query string `protobuf:"bytes,6,opt,name=query,proto3" json:"query,omitempty"` + Fragment string `protobuf:"bytes,7,opt,name=fragment,proto3" json:"fragment,omitempty"` +} + +func (x *UrlType) Reset() { + *x = UrlType{} + if protoimpl.UnsafeEnabled { + mi := &file_http_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *UrlType) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UrlType) ProtoMessage() {} + +func (x *UrlType) ProtoReflect() protoreflect.Message { + mi := &file_http_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UrlType.ProtoReflect.Descriptor instead. +func (*UrlType) Descriptor() ([]byte, []int) { + return file_http_proto_rawDescGZIP(), []int{0} +} + +func (x *UrlType) GetScheme() string { + if x != nil { + return x.Scheme + } + return "" +} + +func (x *UrlType) GetDomain() string { + if x != nil { + return x.Domain + } + return "" +} + +func (x *UrlType) GetHost() string { + if x != nil { + return x.Host + } + return "" +} + +func (x *UrlType) GetPort() string { + if x != nil { + return x.Port + } + return "" +} + +func (x *UrlType) GetPath() string { + if x != nil { + return x.Path + } + return "" +} + +func (x *UrlType) GetQuery() string { + if x != nil { + return x.Query + } + return "" +} + +func (x *UrlType) GetFragment() string { + if x != nil { + return x.Fragment + } + return "" +} + +type Request struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Url *UrlType `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` + Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"` + Headers map[string]string `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + ContentType string `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"` + Body []byte `protobuf:"bytes,5,opt,name=body,proto3" json:"body,omitempty"` +} + +func (x *Request) Reset() { + *x = Request{} + if protoimpl.UnsafeEnabled { + mi := &file_http_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Request) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Request) ProtoMessage() {} + +func (x *Request) ProtoReflect() protoreflect.Message { + mi := &file_http_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Request.ProtoReflect.Descriptor instead. +func (*Request) Descriptor() ([]byte, []int) { + return file_http_proto_rawDescGZIP(), []int{1} +} + +func (x *Request) GetUrl() *UrlType { + if x != nil { + return x.Url + } + return nil +} + +func (x *Request) GetMethod() string { + if x != nil { + return x.Method + } + return "" +} + +func (x *Request) GetHeaders() map[string]string { + if x != nil { + return x.Headers + } + return nil +} + +func (x *Request) GetContentType() string { + if x != nil { + return x.ContentType + } + return "" +} + +func (x *Request) GetBody() []byte { + if x != nil { + return x.Body + } + return nil +} + +type Response struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Url *UrlType `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` + Status int32 `protobuf:"varint,2,opt,name=status,proto3" json:"status,omitempty"` + Headers map[string]string `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + ContentType string `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"` + Body []byte `protobuf:"bytes,5,opt,name=body,proto3" json:"body,omitempty"` +} + +func (x *Response) Reset() { + *x = Response{} + if protoimpl.UnsafeEnabled { + mi := &file_http_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Response) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Response) ProtoMessage() {} + +func (x *Response) ProtoReflect() protoreflect.Message { + mi := &file_http_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Response.ProtoReflect.Descriptor instead. +func (*Response) Descriptor() ([]byte, []int) { + return file_http_proto_rawDescGZIP(), []int{2} +} + +func (x *Response) GetUrl() *UrlType { + if x != nil { + return x.Url + } + return nil +} + +func (x *Response) GetStatus() int32 { + if x != nil { + return x.Status + } + return 0 +} + +func (x *Response) GetHeaders() map[string]string { + if x != nil { + return x.Headers + } + return nil +} + +func (x *Response) GetContentType() string { + if x != nil { + return x.ContentType + } + return "" +} + +func (x *Response) GetBody() []byte { + if x != nil { + return x.Body + } + return nil +} + +type Reverse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Url *UrlType `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` + Domain string `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"` + Ip string `protobuf:"bytes,3,opt,name=ip,proto3" json:"ip,omitempty"` + IsDomainNameServer bool `protobuf:"varint,4,opt,name=is_domain_name_server,json=isDomainNameServer,proto3" json:"is_domain_name_server,omitempty"` +} + +func (x *Reverse) Reset() { + *x = Reverse{} + if protoimpl.UnsafeEnabled { + mi := &file_http_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *Reverse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Reverse) ProtoMessage() {} + +func (x *Reverse) ProtoReflect() protoreflect.Message { + mi := &file_http_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Reverse.ProtoReflect.Descriptor instead. +func (*Reverse) Descriptor() ([]byte, []int) { + return file_http_proto_rawDescGZIP(), []int{3} +} + +func (x *Reverse) GetUrl() *UrlType { + if x != nil { + return x.Url + } + return nil +} + +func (x *Reverse) GetDomain() string { + if x != nil { + return x.Domain + } + return "" +} + +func (x *Reverse) GetIp() string { + if x != nil { + return x.Ip + } + return "" +} + +func (x *Reverse) GetIsDomainNameServer() bool { + if x != nil { + return x.IsDomainNameServer + } + return false +} + +var File_http_proto protoreflect.FileDescriptor + +var file_http_proto_rawDesc = []byte{ + 0x0a, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x03, 0x6c, 0x69, + 0x62, 0x22, 0xa7, 0x01, 0x0a, 0x07, 0x55, 0x72, 0x6c, 0x54, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, + 0x06, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, + 0x63, 0x68, 0x65, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x12, 0x0a, + 0x04, 0x68, 0x6f, 0x73, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x6f, 0x73, + 0x74, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x6f, 0x72, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x04, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x14, 0x0a, 0x05, 0x71, 0x75, 0x65, + 0x72, 0x79, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x71, 0x75, 0x65, 0x72, 0x79, 0x12, + 0x1a, 0x0a, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x22, 0xe9, 0x01, 0x0a, 0x07, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0c, 0x2e, 0x6c, 0x69, 0x62, 0x2e, 0x55, 0x72, 0x6c, 0x54, 0x79, + 0x70, 0x65, 0x52, 0x03, 0x75, 0x72, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, + 0x33, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x19, 0x2e, 0x6c, 0x69, 0x62, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x2e, 0x48, + 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x68, 0x65, 0x61, + 0x64, 0x65, 0x72, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x5f, + 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x74, + 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x1a, 0x3a, 0x0a, 0x0c, 0x48, + 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, + 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, + 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0xeb, 0x01, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1e, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x0c, 0x2e, 0x6c, 0x69, 0x62, 0x2e, 0x55, 0x72, 0x6c, 0x54, 0x79, 0x70, 0x65, 0x52, + 0x03, 0x75, 0x72, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x34, 0x0a, 0x07, + 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, + 0x6c, 0x69, 0x62, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x2e, 0x48, 0x65, 0x61, + 0x64, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, + 0x72, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x5f, 0x74, 0x79, + 0x70, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, + 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x1a, 0x3a, 0x0a, 0x0c, 0x48, 0x65, 0x61, + 0x64, 0x65, 0x72, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, + 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, + 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x84, 0x01, 0x0a, 0x07, 0x52, 0x65, 0x76, 0x65, 0x72, 0x73, + 0x65, 0x12, 0x1e, 0x0a, 0x03, 0x75, 0x72, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0c, + 0x2e, 0x6c, 0x69, 0x62, 0x2e, 0x55, 0x72, 0x6c, 0x54, 0x79, 0x70, 0x65, 0x52, 0x03, 0x75, 0x72, + 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x06, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x70, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x70, 0x12, 0x31, 0x0a, 0x15, 0x69, 0x73, 0x5f, + 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x69, 0x73, 0x44, 0x6f, 0x6d, 0x61, + 0x69, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x42, 0x08, 0x5a, 0x06, + 0x2e, 0x2f, 0x3b, 0x6c, 0x69, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_http_proto_rawDescOnce sync.Once + file_http_proto_rawDescData = file_http_proto_rawDesc +) + +func file_http_proto_rawDescGZIP() []byte { + file_http_proto_rawDescOnce.Do(func() { + file_http_proto_rawDescData = protoimpl.X.CompressGZIP(file_http_proto_rawDescData) + }) + return file_http_proto_rawDescData +} + +var file_http_proto_msgTypes = make([]protoimpl.MessageInfo, 6) +var file_http_proto_goTypes = []interface{}{ + (*UrlType)(nil), // 0: lib.UrlType + (*Request)(nil), // 1: lib.Request + (*Response)(nil), // 2: lib.Response + (*Reverse)(nil), // 3: lib.Reverse + nil, // 4: lib.Request.HeadersEntry + nil, // 5: lib.Response.HeadersEntry +} +var file_http_proto_depIdxs = []int32{ + 0, // 0: lib.Request.url:type_name -> lib.UrlType + 4, // 1: lib.Request.headers:type_name -> lib.Request.HeadersEntry + 0, // 2: lib.Response.url:type_name -> lib.UrlType + 5, // 3: lib.Response.headers:type_name -> lib.Response.HeadersEntry + 0, // 4: lib.Reverse.url:type_name -> lib.UrlType + 5, // [5:5] is the sub-list for method output_type + 5, // [5:5] is the sub-list for method input_type + 5, // [5:5] is the sub-list for extension type_name + 5, // [5:5] is the sub-list for extension extendee + 0, // [0:5] is the sub-list for field type_name +} + +func init() { file_http_proto_init() } +func file_http_proto_init() { + if File_http_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_http_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*UrlType); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_http_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Request); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_http_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Response); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_http_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Reverse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_http_proto_rawDesc, + NumEnums: 0, + NumMessages: 6, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_http_proto_goTypes, + DependencyIndexes: file_http_proto_depIdxs, + MessageInfos: file_http_proto_msgTypes, + }.Build() + File_http_proto = out.File + file_http_proto_rawDesc = nil + file_http_proto_goTypes = nil + file_http_proto_depIdxs = nil +} diff --git a/core/plugins/plugin_scan_poc_xray/models/http.proto b/core/plugins/plugin_scan_poc_xray/lib/http.proto similarity index 95% rename from core/plugins/plugin_scan_poc_xray/models/http.proto rename to core/plugins/plugin_scan_poc_xray/lib/http.proto index dca8df2..5406c96 100644 --- a/core/plugins/plugin_scan_poc_xray/models/http.proto +++ b/core/plugins/plugin_scan_poc_xray/lib/http.proto @@ -1,6 +1,8 @@ syntax = "proto3"; package lib; +option go_package = "./;lib"; + message UrlType { string scheme = 1; string domain = 2; diff --git a/core/plugins/plugin_scan_poc_xray/models/http.pb.go b/core/plugins/plugin_scan_poc_xray/models/http.pb.go deleted file mode 100644 index 579c610..0000000 --- a/core/plugins/plugin_scan_poc_xray/models/http.pb.go +++ /dev/null @@ -1,354 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// source: http.proto - -package models - -import ( - "fmt" - "github.com/golang/protobuf/proto" - "math" -) - -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package - -type UrlType struct { - Scheme string `protobuf:"bytes,1,opt,name=scheme,proto3" json:"scheme,omitempty"` - Domain string `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"` - Host string `protobuf:"bytes,3,opt,name=host,proto3" json:"host,omitempty"` - Port string `protobuf:"bytes,4,opt,name=port,proto3" json:"port,omitempty"` - Path string `protobuf:"bytes,5,opt,name=path,proto3" json:"path,omitempty"` - Query string `protobuf:"bytes,6,opt,name=query,proto3" json:"query,omitempty"` - Fragment string `protobuf:"bytes,7,opt,name=fragment,proto3" json:"fragment,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *UrlType) Reset() { *m = UrlType{} } -func (m *UrlType) String() string { return proto.CompactTextString(m) } -func (*UrlType) ProtoMessage() {} -func (*UrlType) Descriptor() ([]byte, []int) { - return fileDescriptor_983e7097e43cc633, []int{0} -} - -func (m *UrlType) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_UrlType.Unmarshal(m, b) -} -func (m *UrlType) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_UrlType.Marshal(b, m, deterministic) -} -func (m *UrlType) XXX_Merge(src proto.Message) { - xxx_messageInfo_UrlType.Merge(m, src) -} -func (m *UrlType) XXX_Size() int { - return xxx_messageInfo_UrlType.Size(m) -} -func (m *UrlType) XXX_DiscardUnknown() { - xxx_messageInfo_UrlType.DiscardUnknown(m) -} - -var xxx_messageInfo_UrlType proto.InternalMessageInfo - -func (m *UrlType) GetScheme() string { - if m != nil { - return m.Scheme - } - return "" -} - -func (m *UrlType) GetDomain() string { - if m != nil { - return m.Domain - } - return "" -} - -func (m *UrlType) GetHost() string { - if m != nil { - return m.Host - } - return "" -} - -func (m *UrlType) GetPort() string { - if m != nil { - return m.Port - } - return "" -} - -func (m *UrlType) GetPath() string { - if m != nil { - return m.Path - } - return "" -} - -func (m *UrlType) GetQuery() string { - if m != nil { - return m.Query - } - return "" -} - -func (m *UrlType) GetFragment() string { - if m != nil { - return m.Fragment - } - return "" -} - -type Request struct { - Url *UrlType `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` - Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"` - Headers map[string]string `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - ContentType string `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"` - Body []byte `protobuf:"bytes,5,opt,name=body,proto3" json:"body,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Request) Reset() { *m = Request{} } -func (m *Request) String() string { return proto.CompactTextString(m) } -func (*Request) ProtoMessage() {} -func (*Request) Descriptor() ([]byte, []int) { - return fileDescriptor_983e7097e43cc633, []int{1} -} - -func (m *Request) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Request.Unmarshal(m, b) -} -func (m *Request) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Request.Marshal(b, m, deterministic) -} -func (m *Request) XXX_Merge(src proto.Message) { - xxx_messageInfo_Request.Merge(m, src) -} -func (m *Request) XXX_Size() int { - return xxx_messageInfo_Request.Size(m) -} -func (m *Request) XXX_DiscardUnknown() { - xxx_messageInfo_Request.DiscardUnknown(m) -} - -var xxx_messageInfo_Request proto.InternalMessageInfo - -func (m *Request) GetUrl() *UrlType { - if m != nil { - return m.Url - } - return nil -} - -func (m *Request) GetMethod() string { - if m != nil { - return m.Method - } - return "" -} - -func (m *Request) GetHeaders() map[string]string { - if m != nil { - return m.Headers - } - return nil -} - -func (m *Request) GetContentType() string { - if m != nil { - return m.ContentType - } - return "" -} - -func (m *Request) GetBody() []byte { - if m != nil { - return m.Body - } - return nil -} - -type Response struct { - Url *UrlType `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` - Status int32 `protobuf:"varint,2,opt,name=status,proto3" json:"status,omitempty"` - Headers map[string]string `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - ContentType string `protobuf:"bytes,4,opt,name=content_type,json=contentType,proto3" json:"content_type,omitempty"` - Body []byte `protobuf:"bytes,5,opt,name=body,proto3" json:"body,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Response) Reset() { *m = Response{} } -func (m *Response) String() string { return proto.CompactTextString(m) } -func (*Response) ProtoMessage() {} -func (*Response) Descriptor() ([]byte, []int) { - return fileDescriptor_983e7097e43cc633, []int{2} -} - -func (m *Response) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Response.Unmarshal(m, b) -} -func (m *Response) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Response.Marshal(b, m, deterministic) -} -func (m *Response) XXX_Merge(src proto.Message) { - xxx_messageInfo_Response.Merge(m, src) -} -func (m *Response) XXX_Size() int { - return xxx_messageInfo_Response.Size(m) -} -func (m *Response) XXX_DiscardUnknown() { - xxx_messageInfo_Response.DiscardUnknown(m) -} - -var xxx_messageInfo_Response proto.InternalMessageInfo - -func (m *Response) GetUrl() *UrlType { - if m != nil { - return m.Url - } - return nil -} - -func (m *Response) GetStatus() int32 { - if m != nil { - return m.Status - } - return 0 -} - -func (m *Response) GetHeaders() map[string]string { - if m != nil { - return m.Headers - } - return nil -} - -func (m *Response) GetContentType() string { - if m != nil { - return m.ContentType - } - return "" -} - -func (m *Response) GetBody() []byte { - if m != nil { - return m.Body - } - return nil -} - -type Reverse struct { - Url *UrlType `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"` - Domain string `protobuf:"bytes,2,opt,name=domain,proto3" json:"domain,omitempty"` - Ip string `protobuf:"bytes,3,opt,name=ip,proto3" json:"ip,omitempty"` - IsDomainNameServer bool `protobuf:"varint,4,opt,name=is_domain_name_server,json=isDomainNameServer,proto3" json:"is_domain_name_server,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Reverse) Reset() { *m = Reverse{} } -func (m *Reverse) String() string { return proto.CompactTextString(m) } -func (*Reverse) ProtoMessage() {} -func (*Reverse) Descriptor() ([]byte, []int) { - return fileDescriptor_983e7097e43cc633, []int{3} -} - -func (m *Reverse) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Reverse.Unmarshal(m, b) -} -func (m *Reverse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Reverse.Marshal(b, m, deterministic) -} -func (m *Reverse) XXX_Merge(src proto.Message) { - xxx_messageInfo_Reverse.Merge(m, src) -} -func (m *Reverse) XXX_Size() int { - return xxx_messageInfo_Reverse.Size(m) -} -func (m *Reverse) XXX_DiscardUnknown() { - xxx_messageInfo_Reverse.DiscardUnknown(m) -} - -var xxx_messageInfo_Reverse proto.InternalMessageInfo - -func (m *Reverse) GetUrl() *UrlType { - if m != nil { - return m.Url - } - return nil -} - -func (m *Reverse) GetDomain() string { - if m != nil { - return m.Domain - } - return "" -} - -func (m *Reverse) GetIp() string { - if m != nil { - return m.Ip - } - return "" -} - -func (m *Reverse) GetIsDomainNameServer() bool { - if m != nil { - return m.IsDomainNameServer - } - return false -} - -func init() { - proto.RegisterType((*UrlType)(nil), "lib.UrlType") - proto.RegisterType((*Request)(nil), "lib.Request") - proto.RegisterMapType((map[string]string)(nil), "lib.Request.HeadersEntry") - proto.RegisterType((*Response)(nil), "lib.Response") - proto.RegisterMapType((map[string]string)(nil), "lib.Response.HeadersEntry") - proto.RegisterType((*Reverse)(nil), "lib.Reverse") -} - -func init() { - proto.RegisterFile("http.proto", fileDescriptor_983e7097e43cc633) -} - -var fileDescriptor_983e7097e43cc633 = []byte{ - // 378 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x93, 0xb1, 0x8e, 0xd3, 0x40, - 0x10, 0x86, 0x65, 0x3b, 0x89, 0xc3, 0xc4, 0x42, 0x68, 0x05, 0x68, 0x49, 0x81, 0x8e, 0x54, 0x57, - 0x59, 0xe2, 0x8e, 0x02, 0x5d, 0x0d, 0x12, 0x15, 0xc5, 0x02, 0xb5, 0xb5, 0x3e, 0x0f, 0xd8, 0xc2, - 0xf6, 0x6e, 0x76, 0xc7, 0x91, 0xdc, 0xf3, 0x2e, 0x3c, 0x1b, 0xe2, 0x25, 0x90, 0x67, 0x37, 0x08, - 0x21, 0x8a, 0x94, 0x74, 0xf3, 0xff, 0xbf, 0x3d, 0x9a, 0x6f, 0x3c, 0x06, 0x68, 0x89, 0x6c, 0x69, - 0x9d, 0x21, 0x23, 0xb2, 0xbe, 0xab, 0x0f, 0xdf, 0x13, 0xc8, 0x3f, 0xb9, 0xfe, 0xe3, 0x6c, 0x51, - 0x3c, 0x85, 0x8d, 0xbf, 0x6f, 0x71, 0x40, 0x99, 0x5c, 0x25, 0xd7, 0x0f, 0x54, 0x54, 0x8b, 0xdf, - 0x98, 0x41, 0x77, 0xa3, 0x4c, 0x83, 0x1f, 0x94, 0x10, 0xb0, 0x6a, 0x8d, 0x27, 0x99, 0xb1, 0xcb, - 0xf5, 0xe2, 0x59, 0xe3, 0x48, 0xae, 0x82, 0xb7, 0xd4, 0xec, 0x69, 0x6a, 0xe5, 0x3a, 0x7a, 0x9a, - 0x5a, 0xf1, 0x18, 0xd6, 0xc7, 0x09, 0xdd, 0x2c, 0x37, 0x6c, 0x06, 0x21, 0xf6, 0xb0, 0xfd, 0xec, - 0xf4, 0x97, 0x01, 0x47, 0x92, 0x39, 0x07, 0xbf, 0xf5, 0xe1, 0x47, 0x02, 0xb9, 0xc2, 0xe3, 0x84, - 0x9e, 0xc4, 0x73, 0xc8, 0x26, 0xd7, 0xf3, 0x98, 0xbb, 0x9b, 0xa2, 0xec, 0xbb, 0xba, 0x8c, 0x10, - 0x6a, 0x09, 0x96, 0x89, 0x07, 0xa4, 0xd6, 0x34, 0xe7, 0x89, 0x83, 0x12, 0xb7, 0x90, 0xb7, 0xa8, - 0x1b, 0x74, 0x5e, 0x66, 0x57, 0xd9, 0xf5, 0xee, 0xe6, 0x19, 0xbf, 0x1b, 0xdb, 0x96, 0xef, 0x42, - 0xf6, 0x76, 0x24, 0x37, 0xab, 0xf3, 0x93, 0xe2, 0x05, 0x14, 0xf7, 0x66, 0x24, 0x1c, 0xa9, 0xa2, - 0xd9, 0x62, 0x44, 0xdb, 0x45, 0x8f, 0x37, 0x27, 0x60, 0x55, 0x9b, 0x66, 0x66, 0xc2, 0x42, 0x71, - 0xbd, 0xbf, 0x83, 0xe2, 0xcf, 0x7e, 0xe2, 0x11, 0x64, 0x5f, 0x71, 0x8e, 0xab, 0x5d, 0xca, 0x65, - 0x07, 0x27, 0xdd, 0x4f, 0x18, 0x87, 0x0c, 0xe2, 0x2e, 0x7d, 0x9d, 0x1c, 0x7e, 0x26, 0xb0, 0x55, - 0xe8, 0xad, 0x19, 0x3d, 0x5e, 0x02, 0xeb, 0x49, 0xd3, 0xe4, 0xb9, 0xcf, 0x5a, 0x45, 0x25, 0x5e, - 0xfd, 0x0d, 0xbb, 0x8f, 0xb0, 0xa1, 0xef, 0xff, 0x43, 0xfb, 0x8d, 0xbf, 0xec, 0x09, 0xdd, 0x65, - 0xb0, 0xff, 0xbc, 0xc5, 0x87, 0x90, 0x76, 0x36, 0x5e, 0x62, 0xda, 0x59, 0xf1, 0x12, 0x9e, 0x74, - 0xbe, 0x0a, 0x61, 0x35, 0xea, 0x01, 0x2b, 0x8f, 0xee, 0x84, 0x8e, 0x79, 0xb6, 0x4a, 0x74, 0xfe, - 0x0d, 0x67, 0xef, 0xf5, 0x80, 0x1f, 0x38, 0xa9, 0x37, 0xfc, 0x5b, 0xdc, 0xfe, 0x0a, 0x00, 0x00, - 0xff, 0xff, 0x2a, 0xe0, 0x6d, 0x45, 0x24, 0x03, 0x00, 0x00, -} diff --git a/core/tasks/task_scan_host/task.go b/core/tasks/task_scan_host/task.go index 9ee5076..1d83cf9 100644 --- a/core/tasks/task_scan_host/task.go +++ b/core/tasks/task_scan_host/task.go @@ -17,15 +17,10 @@ type taskScanHost struct { params models.Params } -type IpRangeStruct struct { - Key string - Value int -} - var ip []string var ( - IpRange = map[string]int{} + ipRange = map[string]int{} ) // 1.迭代方法 @@ -72,10 +67,10 @@ func (t *taskScanHost) doTask(wg *sync.WaitGroup, worker chan bool, result chan // 3.保存结果 func (t *taskScanHost) doDone(item interface{}) error { result := item.(models.ScanHost) - if _, ok := IpRange[result.IpRange]; ok { - IpRange[result.IpRange] += 1 + if _, ok := ipRange[result.IpRange]; ok { + ipRange[result.IpRange] += 1 } else { - IpRange[result.IpRange] = 1 + ipRange[result.IpRange] = 1 } ip = append(ip, result.Ip) @@ -118,10 +113,10 @@ func DoTaskScanHost(req models.Params) []string { //"主机存活检测中", "完成主机存活检测", func() { - var listIpRange []IpRangeStruct + var listIpRange []models.IpRangeStruct total := 0 - for k, v := range IpRange { - listIpRange = append(listIpRange, IpRangeStruct{Key: k, Value: v}) + for k, v := range ipRange { + listIpRange = append(listIpRange, models.IpRangeStruct{Key: k, Value: v}) total += v } sort.Slice(listIpRange, func(i, j int) bool { diff --git a/core/tasks/task_scan_port/task.go b/core/tasks/task_scan_port/task.go index 19e290d..cc611bb 100644 --- a/core/tasks/task_scan_port/task.go +++ b/core/tasks/task_scan_port/task.go @@ -6,6 +6,7 @@ import ( "github.com/inbug-team/SweetBabyScan/models" "github.com/inbug-team/SweetBabyScan/utils" "math" + "sort" "strconv" "strings" "sync" @@ -23,6 +24,8 @@ var vulData []models.WaitScanVul var weakData []models.WaitScanWeak var index = 2 var savePorts = map[string]interface{}{} +var aliveIps = map[string]string{} +var ipRange = map[string]int{} // 1.迭代方法 func (t *taskScanPort) doIter(wg *sync.WaitGroup, worker chan bool, result chan utils.CountResult, task utils.Task, data ...interface{}) { @@ -129,6 +132,16 @@ func (t *taskScanPort) doDone(item interface{}) error { savePorts[fmt.Sprintf("D%d", index)] = data.Probe index++ + if t.params.NoScanHost { + aliveIps[data.Ip] = "1" + + if _, ok := ipRange[data.Ip]; ok { + ipRange[data.IpRange] += 1 + } else { + ipRange[data.IpRange] = 1 + } + } + if data.Port == "135" || data.Port == "139" || data.Port == "445" { vulData = append(vulData, models.WaitScanVul{ IP: data.Ip, @@ -222,6 +235,35 @@ func DoTaskScanPort(req models.Params) ([]string, []models.WaitScanVul, []models func() { // 保存数据-端口信息 utils.SaveData(req.SaveFile, "端口信息", savePorts) + + if req.NoScanHost { + // 保存数据-IP段 + var listIpRange []models.IpRangeStruct + for k, v := range ipRange { + listIpRange = append(listIpRange, models.IpRangeStruct{Key: k, Value: v}) + } + sort.Slice(listIpRange, func(i, j int) bool { + return listIpRange[i].Value > listIpRange[j].Value + }) + indexIpSegments := 2 + saveIpSegments := map[string]interface{}{} + for _, v := range listIpRange { + saveIpSegments[fmt.Sprintf("A%d", indexIpSegments)] = v.Key + saveIpSegments[fmt.Sprintf("B%d", indexIpSegments)] = v.Value + indexIpSegments++ + } + utils.SaveData(req.SaveFile, "IP段", saveIpSegments) + + // 保存数据-存活IP + saveIps := map[string]interface{}{} + indexIps := 2 + for v := range aliveIps { + saveIps[fmt.Sprintf("A%d", indexIps)] = v + indexIps++ + } + utils.SaveData(req.SaveFile, "存活IP", saveIps) + } + }, ips, ports, diff --git a/main.go b/main.go index d9b73f0..d0b48dd 100644 --- a/main.go +++ b/main.go @@ -92,17 +92,27 @@ func findPocsXray(p models.Params) { func doTask(p models.Params) { fmt.Println("Loading......,Please be patient !") now := time.Now() + + // 定义保存文件 p.SaveFile = fmt.Sprintf("./result-%s.xlsx", now.Format("20060102150405")) + + // 加载探针指纹 p.RuleProbe = config.RuleProbe + + // 加载乱序IP p.IPs = utils.GetIps(p.Host, p.HostBlack) + + // 初始化excel utils.InitExcel(p.SaveFile, config.TmpExcel) + // 加载POC等级 if p.FilterVulLevel == "" { p.FilterVulLevel = "critical,high" } else if p.FilterVulLevel == "all" { p.FilterVulLevel = "critical,high,medium,low,info,unknown" } + // 加载端口 portsMap := map[string]string{ "tiny": "21,22,53,80,135,137,139,161,443,445,1443,1900,3306,3389,5353,5432,6379,8080,8983,9000,27017", "normal": "7,11,13,15,17,19,21,22,23,25,26,30,31,32,36,37,38,43,49,51,53,67,69,70,79,80,81,82,83,84,85,86,88,89,98,102,104,110,111,113,119,121,123,135,137,138,139,143,161,162,175,179,199,211,264,280,311,389,391,443,444,445,449,465,500,502,503,505,512,515,520,523,540,548,554,564,587,620,623,626,631,636,646,666,705,771,777,789,800,801,808,853,873,876,880,888,898,900,901,902,990,992,993,994,995,999,1000,1010,1022,1023,1024,1025,1026,1027,1042,1080,1099,1177,1194,1200,1201,1212,1214,1234,1241,1248,1260,1290,1311,1314,1344,1400,1433,1434,1443,1471,1494,1503,1505,1515,1521,1554,1588,1604,1610,1645,1701,1720,1723,1741,1777,1812,1830,1863,1880,1883,1900,1901,1911,1935,1947,1962,1967,1991,1993,2000,2001,2002,2010,2020,2022,2030,2049,2051,2052,2053,2055,2064,2077,2080,2082,2083,2086,2087,2094,2095,2096,2121,2123,2152,2160,2181,2222,2223,2252,2306,2323,2332,2375,2376,2379,2396,2401,2404,2406,2424,2425,2427,2443,2455,2480,2491,2501,2525,2600,2601,2628,2715,2809,2869,3000,3001,3002,3005,3052,3075,3097,3128,3260,3280,3283,3288,3299,3306,3307,3310,3311,3312,3333,3337,3352,3372,3388,3389,3390,3391,3443,3460,3520,3522,3523,3524,3525,3528,3531,3541,3542,3671,3689,3690,3702,3749,3780,3784,3790,4000,4022,4040,4050,4063,4064,4070,4155,4300,4369,4430,4433,4440,4443,4444,4500,4505,4506,4567,4660,4664,4711,4712,4730,4782,4786,4800,4840,4842,4848,4880,4911,4949,5000,5001,5002,5004,5005,5006,5007,5008,5009,5050,5051,5060,5061,5084,5093,5094,5095,5111,5222,5258,5269,5280,5351,5353,5357,5400,5427,5432,5443,5550,5554,5555,5560,5577,5598,5601,5631,5632,5672,5673,5678,5683,5800,5801,5802,5820,5900,5901,5902,5903,5938,5984,5985,5986,6000,6001,6002,6003,6006,6060,6068,6080,6103,6346,6363,6379,6443,6488,6544,6560,6565,6581,6588,6590,6600,6664,6665,6666,6667,6668,6669,6697,6699,6780,6782,6881,6969,6998,7000", @@ -111,13 +121,13 @@ func doTask(p models.Params) { "iot": "21,22,23,25,80,81,82,83,84,88,137,143,443,445,554,631,1080,1883,1900,2000,2323,4433,4443,4567,5222,5683,7474,7547,8000,8023,8080,8081,8443,8088,8883,8888,9000,9090,9999,10000,37777,49152", "all": "1-65535", } - if value, ok := portsMap[p.Port]; ok { p.Ports = utils.ParsePort(value) } else { p.Ports = utils.ParsePort(p.Port) } + // 加载协议 switch p.Protocol { case "tcp": p.Protocols = []string{"tcp"} @@ -127,21 +137,45 @@ func doTask(p models.Params) { p.Protocols = []string{"tcp", "udp"} } + // 加载筛选POC Nuclei pocNuclei := plugin_scan_poc_nuclei.ParsePocNucleiFiles(config.DirPocNuclei) p.PocNuclei, _ = plugin_scan_poc_nuclei.FilterPocNucleiData(pocNuclei, fnFilterNuclei, p) + // 加载筛选POC Xray pocXray := load.ParsePocXrayFiles(config.DirPocXray) p.PocXray, _ = load.FilterPocXrayData(pocXray, fnFilterXray, p) + // 加载弱口令字典 p.UserPass = plugin_scan_weak.ParseUserPass(config.Passwords) - p.IPs = task_scan_host.DoTaskScanHost(p) + // 1.主机存活检测 + if !p.NoScanHost { + p.IPs = task_scan_host.DoTaskScanHost(p) + } + + // 2.端口服务扫描 p.Urls, p.WaitVul, p.WaitWeak = task_scan_port.DoTaskScanPort(p) + + // 3.网站内容爬虫 p.Sites = task_scan_site.DoTaskScanSite(p) - index := task_scan_poc_nuclei.DoTaskScanPocNuclei(p) - task_scan_poc_xray.DoTaskScanPocXray(p, index) - task_scan_vul.DoTaskScanVul(p) - task_scan_weak.DoTaskScanWeak(p) + + // 4.POC Nuclei+Xray漏洞探测 + if !p.NoScanPoc { + index := task_scan_poc_nuclei.DoTaskScanPocNuclei(p) + task_scan_poc_xray.DoTaskScanPocXray(p, index) + } + + // 6.高危系统漏洞探测 + if !p.NoScanVul { + task_scan_vul.DoTaskScanVul(p) + } + + // 7.弱口令爆破 + if !p.NoScanWeak { + task_scan_weak.DoTaskScanWeak(p) + } + + fmt.Println(fmt.Sprintf("Save File:%s", p.SaveFile)) } func main() { @@ -199,6 +233,10 @@ func main() { flagSet.IntVarP(&p.WorkerScanWeak, "workerScanWeak", "wsw", 6, "爆破并发") flagSet.IntVarP(&p.GroupScanWeak, "groupScanWeak", "gsw", 10, "爆破分组") flagSet.IntVarP(&p.TimeOutScanWeak, "timeOutScanWeak", "tsw", 6, "爆破超时") + flagSet.BoolVarP(&p.NoScanHost, "noScanHost", "nsh", false, "跳过主机存活检测") + flagSet.BoolVarP(&p.NoScanWeak, "noScanWeak", "nsw", false, "跳过弱口令爆破") + flagSet.BoolVarP(&p.NoScanPoc, "noScanPoc", "nsp", false, "跳过POC漏洞验证") + flagSet.BoolVarP(&p.NoScanVul, "noScanVul", "nsv", false, "跳过高危系统漏洞探测") flagSet.Parse() diff --git a/models/model.go b/models/model.go index b88c80f..a07e9de 100644 --- a/models/model.go +++ b/models/model.go @@ -81,6 +81,12 @@ type OutputFingerprint struct { Icon string `json:"icon"` } +// IP段统计 +type IpRangeStruct struct { + Key string + Value int +} + // 命令行参数 type Params struct { SaveFile string // 保存文件 @@ -124,6 +130,10 @@ type Params struct { WorkerScanWeak int // 爆破并发 GroupScanWeak int // 爆破分组 TimeOutScanWeak int // 爆破超时 + NoScanHost bool + NoScanWeak bool + NoScanVul bool + NoScanPoc bool } // 主机存活结构 diff --git a/readme.md b/readme.md index f9efe64..f463a7c 100644 --- a/readme.md +++ b/readme.md @@ -125,7 +125,6 @@ Flags: -pt, -protocol string 端口范围:tcp、udp、tcp+udp (default "tcp+udp") -hb, -hostBlack string 排除网段 -msh, -methodScanHost string 验存方式:PING、ICMP (default "PING") - -if, -iFace string 出口网卡 -wsh, -workerScanHost int 存活并发 (default 250) -tsh, -timeOutScanHost int 存活超时 (default 3) -r, -rarity int 优先级 (default 10) @@ -144,14 +143,23 @@ Flags: -fvl, -filterVulLevel string 筛选POC严重等级:critical[严重] > high[高危] > medium[中危] > low[低危] > info[信息]、unknown[未知]、all[全部],多个关键字英文逗号隔开 -tspn, -timeOutScanPocNuclei int PocNuclei扫描超时 (default 6) -wsPoc, -workerScanPoc int Poc并发 (default 100) - -wsw, -workerScanWeak int 爆破并发 (default 20) + -wsw, -workerScanWeak int 爆破并发 (default 6) -gsw, -groupScanWeak int 爆破分组 (default 10) -tsw, -timeOutScanWeak int 爆破超时 (default 6) + -nsh, -noScanHost 跳过主机存活检测 + -nsw, -noScanWeak 跳过弱口令爆破 + -nsp, -noScanPoc 跳过POC漏洞验证 + -nsv, -noScanVul 跳过高危系统漏洞探测 ``` ### 四、更新日志 ```text +2022-06-01(v0.0.4) + [x]1.修复POC Xray扫描引擎 + [x]2.修复外网是否可以达?可达下载chrome并截图 + [+]3.优化进度条 + [+]4.新增跳过(主机存活、弱口令、POC、高危漏洞)参数 2022-05-29(v0.0.3) [x]1.修改弱口令爆破阻塞bug [x]2.优化进度条显示 diff --git a/test/main.go b/test/main.go index 8f02dd5..7905807 100644 --- a/test/main.go +++ b/test/main.go @@ -1,11 +1,5 @@ package main -import ( - "fmt" - "github.com/inbug-team/SweetBabyScan/core/plugins/plugin_scan_host" -) - func main() { - status := plugin_scan_host.ScanHostByPing("www.goolasasas.com") - fmt.Println(status) + } diff --git a/utils/util_multi_task.go b/utils/util_multi_task.go index 932fd34..48a388a 100644 --- a/utils/util_multi_task.go +++ b/utils/util_multi_task.go @@ -88,6 +88,7 @@ func MultiTask( bar.Set("leftTime", fmt.Sprintf("LeftTime: %s", StaticLeftTime(leftTime))) // 完成计数 if ingTask == totalTask { + bar.Set("leftTime", "") after(doneTask) goto Loop }