update v3

zan8in · Mar 16, 2024 · 35740b6 · 35740b6
1 parent 02b09d9
commit 35740b6
Show file tree

Hide file tree

Showing 50 changed files with 1,013 additions and 257 deletions.
diff --git a/.gitignore b/.gitignore
@@ -14,7 +14,7 @@
 logs
 urls*
 *.txt
-*.html
+*/reports/*.html
 *.json
 
 # Dependency directories (remove the comment below to include it)

diff --git a/README.md b/README.md
@@ -7,17 +7,17 @@
 
 <p align="center">
 <img src="https://img.shields.io/github/go-mod/go-version/zan8in/afrog?filename=go.mod">
-<a href="https://github.com/zan8in/afrog/releases"><img src="https://img.shields.io/github/downloads/zan8in/afrog/total">
-<a href="https://github.com/zan8in/afrog/graphs/contributors"><img src="https://img.shields.io/github/contributors-anon/zan8in/afrog">
-<a href="https://github.com/zan8in/afrog/releases/"><img src="https://img.shields.io/github/release/zan8in/afrog">
-<a href="https://github.com/zan8in/afrog/issues"><img src="https://img.shields.io/github/issues-raw/zan8in/afrog">
-<a href="https://github.com/zan8in/afrog/discussions"><img src="https://img.shields.io/github/discussions/zan8in/afrog">
+<a href="https://github.com/zan8in/afrog/v3/releases"><img src="https://img.shields.io/github/downloads/zan8in/afrog/total">
+<a href="https://github.com/zan8in/afrog/v3/graphs/contributors"><img src="https://img.shields.io/github/contributors-anon/zan8in/afrog">
+<a href="https://github.com/zan8in/afrog/v3/releases/"><img src="https://img.shields.io/github/release/zan8in/afrog">
+<a href="https://github.com/zan8in/afrog/v3/issues"><img src="https://img.shields.io/github/issues-raw/zan8in/afrog">
+<a href="https://github.com/zan8in/afrog/v3/discussions"><img src="https://img.shields.io/github/discussions/zan8in/afrog">
 </p>
 
 <p align="center" dir="auto">
-  <a href="https://github.com/zan8in/afrog/releases">Download</a> •
-  <a href="https://github.com/zan8in/afrog/wiki">Wiki</a> •
-  <a href="https://github.com/zan8in/afrog/blob/main/afrog-helper-function.md">Helper Function</a>
+  <a href="https://github.com/zan8in/afrog/v3/releases">Download</a> •
+  <a href="https://github.com/zan8in/afrog/v3/wiki">Wiki</a> •
+  <a href="https://github.com/zan8in/afrog/v3/blob/main/afrog-helper-function.md">Helper Function</a>
 
 </p>
 
@@ -441,7 +441,7 @@ you can install it with:
 
 **Binary**
 ```sh
-$ https://github.com/zan8in/afrog/releases/latest
+$ https://github.com/zan8in/afrog/v3/releases/latest
 ```
 
 **Github**
@@ -454,7 +454,7 @@ $ ./afrog -h
 
 **Go**
 ```sh
-$ go install -v github.com/zan8in/afrog/cmd/afrog@latest
+$ go install -v github.com/zan8in/afrog/v3/cmd/afrog@latest
 ```
 
 ## Running afrog
@@ -553,14 +553,14 @@ The JNDI vulnerability refers to security vulnerabilities that exploit the JNDI
 
 To obtain JNDI, follow these steps:
 
-- To obtain the source code and compile the JAR file, please visit the official website [github.com/r00tSe7en/JNDIMonitor](https://github.com/r00tSe7en/JNDIMonitor). Alternatively, you can go to the official afrog website [afrog/helper/jndi](https://github.com/zan8in/afrog/tree/main/helper/jndi) to download the pre-compiled JAR file
+- To obtain the source code and compile the JAR file, please visit the official website [github.com/r00tSe7en/JNDIMonitor](https://github.com/r00tSe7en/JNDIMonitor). Alternatively, you can go to the official afrog website [afrog/helper/jndi](https://github.com/zan8in/afrog/v3/tree/main/helper/jndi) to download the pre-compiled JAR file
 - Upload the `JNDIMonitor-2.0.1-SNAPSHOT.jar` file to the server (such as a VPS server), and execute the following startup command:
 
 ```sh
 java -jar ./JNDIMonitor-2.0.1-SNAPSHOT.jar -i 0.0.0.0 -l 1389 -p 3456
 ```
 
-Below are example methods for writing POCs. [Please click to view](https://github.com/zan8in/afrog/wiki/Examples#solr-log4j-rce).
+Below are example methods for writing POCs. [Please click to view](https://github.com/zan8in/afrog/v3/wiki/Examples#solr-log4j-rce).
 
 ## Json Output (For developers)
 
@@ -587,9 +587,9 @@ afrog -t https://example.com -ja result.json
 
 ## Screenshot
 
-![](https://github.com/zan8in/afrog/blob/main/images/1.png)
+![](https://github.com/zan8in/afrog/v3/blob/main/images/1.png)
 
-<!-- ![](https://github.com/zan8in/afrog/blob/main/images/report-new.png) -->
+<!-- ![](https://github.com/zan8in/afrog/v3/blob/main/images/report-new.png) -->
 
 ## As Library
 
@@ -623,7 +623,7 @@ More examples:
 
 To join the afrog communication group on WeChat, please first add the afrog personal account and mark it as **afrog**. Then, you will be added to the group by the administrator.
 
-<img src="https://github.com/zan8in/afrog/blob/main/images/discussion.jpg" width="33%" />
+<img src="https://github.com/zan8in/afrog/v3/blob/main/images/discussion.jpg" width="33%" />
 
 ## 404Starlink
 <img src="https://github.com/knownsec/404StarLink-Project/raw/master/logo.png" width="30%">

diff --git a/afrog-helper-function.md b/afrog-helper-function.md
@@ -23,7 +23,7 @@ rules:
 expression: r0()
 
 ```
-正确用法是首先在 set 内声明，详细用法请参考 [md5 函数示例](https://github.com/zan8in/afrog/blob/main/afrog-helper-function.md#md5)
+正确用法是首先在 set 内声明，详细用法请参考 [md5 函数示例](https://github.com/zan8in/afrog/v3/blob/main/afrog-helper-function.md#md5)
 
 内置函数源码位置：`v2\pkg\runner\celcompile.go`
 
@@ -829,15 +829,15 @@ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
 ysoserial(payload, command, encode)
 ```
 
-payload: 攻击载荷，[支持payload列表](https://github.com/zan8in/afrog/blob/main/v2/pkg/utils/ysoserial.go)
+payload: 攻击载荷，[支持payload列表](https://github.com/zan8in/afrog/v3/blob/main/v2/pkg/utils/ysoserial.go)
 
 command: 执行的命令，比如 xxx.dnslog.cn
 
 encode: 加密方法，目前支持：base64 和 hex
 
 参考示例
 
-[CVE-2023-49070](https://github.com/zan8in/afrog/blob/46404e7527ca8d5752a9679ce13c83f7fd7b9e5b/v2/pocs/afrog-pocs/CVE/2023/CVE-2023-49070.yaml#L2)、[CVE-2021-29200](https://github.com/zan8in/afrog/blob/46404e7527ca8d5752a9679ce13c83f7fd7b9e5b/v2/pocs/afrog-pocs/CVE/2021/CVE-2021-29200.yaml)
+[CVE-2023-49070](https://github.com/zan8in/afrog/v3/blob/46404e7527ca8d5752a9679ce13c83f7fd7b9e5b/v2/pocs/afrog-pocs/CVE/2023/CVE-2023-49070.yaml#L2)、[CVE-2021-29200](https://github.com/zan8in/afrog/v3/blob/46404e7527ca8d5752a9679ce13c83f7fd7b9e5b/v2/pocs/afrog-pocs/CVE/2021/CVE-2021-29200.yaml)
 
 ### AesCBC
 用于 aes cbc 加密的 PoC
@@ -856,4 +856,4 @@ iv: 加密 iv
 
 参考示例 
 
-[CVE-2023-20888](https://github.com/zan8in/afrog/blob/46404e7527ca8d5752a9679ce13c83f7fd7b9e5b/v2/pocs/afrog-pocs/CVE/2023/CVE-2023-20888.yaml)
+[CVE-2023-20888](https://github.com/zan8in/afrog/v3/blob/46404e7527ca8d5752a9679ce13c83f7fd7b9e5b/v2/pocs/afrog-pocs/CVE/2023/CVE-2023-20888.yaml)
diff --git a/afrog.go b/afrog.go
@@ -8,10 +8,10 @@ import (
 	"sync/atomic"
 	"time"
 
-	"github.com/zan8in/afrog/pkg/config"
-	"github.com/zan8in/afrog/pkg/result"
-	"github.com/zan8in/afrog/pkg/runner"
-	"github.com/zan8in/afrog/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/config"
+	"github.com/zan8in/afrog/v3/pkg/result"
+	"github.com/zan8in/afrog/v3/pkg/runner"
+	"github.com/zan8in/afrog/v3/pkg/utils"
 	"github.com/zan8in/goflags"
 	"github.com/zan8in/gologger"
 )

diff --git a/cmd/afrog/main.go b/cmd/afrog/main.go
@@ -11,12 +11,12 @@ import (
 
 	_ "net/http/pprof"
 
-	"github.com/zan8in/afrog/pkg/config"
-	"github.com/zan8in/afrog/pkg/db/sqlite"
-	"github.com/zan8in/afrog/pkg/progress"
-	"github.com/zan8in/afrog/pkg/result"
-	"github.com/zan8in/afrog/pkg/runner"
-	"github.com/zan8in/afrog/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/config"
+	"github.com/zan8in/afrog/v3/pkg/db/sqlite"
+	"github.com/zan8in/afrog/v3/pkg/progress"
+	"github.com/zan8in/afrog/v3/pkg/result"
+	"github.com/zan8in/afrog/v3/pkg/runner"
+	"github.com/zan8in/afrog/v3/pkg/utils"
 	"github.com/zan8in/gologger"
 )
 

diff --git a/examples/basic_scan/main.go b/examples/basic_scan/main.go
@@ -3,7 +3,7 @@ package main
 import (
 	"fmt"
 
-	"github.com/zan8in/afrog"
+	"github.com/zan8in/afrog/v3"
 )
 
 func main() {

diff --git a/examples/batch_scan/main.go b/examples/batch_scan/main.go
@@ -3,7 +3,7 @@ package main
 import (
 	"fmt"
 
-	"github.com/zan8in/afrog"
+	"github.com/zan8in/afrog/v3"
 )
 
 func main() {

diff --git a/go.mod b/go.mod
@@ -1,4 +1,4 @@
-module github.com/zan8in/afrog
+module github.com/zan8in/afrog/v3
 
 go 1.20
 

diff --git a/go.sum b/go.sum
@@ -1222,8 +1222,6 @@ github.com/zan8in/gologger v0.0.0-20220917062627-c34a83c0a373 h1:T2YD/hp647jDauu
 github.com/zan8in/gologger v0.0.0-20220917062627-c34a83c0a373/go.mod h1:z3Zn3+DLpcfFKNqhAdYECiFeFK+o1EW3Gh0DEhFZ+v4=
 github.com/zan8in/goupdate v1.0.0 h1:H3ZVndassN6jNkJROAEkGFHbiyax0yG1RSKXMhzvgLY=
 github.com/zan8in/goupdate v1.0.0/go.mod h1:lB3IFGNY/wLFj1qfPOyee2m7lplg/mSDpsng+ax7sc8=
-github.com/zan8in/oobadapter v0.0.0-20240228064213-611d47d14009 h1:WH7mV3GXvh8PRzevq/p0o6oRpw2Q6j0WbU2xLdZpa6Q=
-github.com/zan8in/oobadapter v0.0.0-20240228064213-611d47d14009/go.mod h1:q9M+0H/FBTo9G2XZIsi3IDawHcwgEGDWCabCPoEpZ/I=
 github.com/zan8in/oobadapter v0.0.0-20240316010032-90d51fe61219 h1:oDGMh0SoiUYMOyKUrJ6i+mBu+MQs0cY0uLacdlosogM=
 github.com/zan8in/oobadapter v0.0.0-20240316010032-90d51fe61219/go.mod h1:q9M+0H/FBTo9G2XZIsi3IDawHcwgEGDWCabCPoEpZ/I=
 github.com/zan8in/pins v0.0.0-20231009082442-920437d7fa86 h1:sAwnml3XSZlSYr0yMUvGUgtNQ1fJoU6AdwyMh1mKHwc=

diff --git a/pkg/config/afrogupdate.go b/pkg/config/afrogupdate.go
@@ -9,8 +9,8 @@ import (
 	"strings"
 
 	"github.com/cavaliergopher/grab/v3"
-	"github.com/zan8in/afrog/pkg/poc"
-	"github.com/zan8in/afrog/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/poc"
+	"github.com/zan8in/afrog/v3/pkg/utils"
 	"github.com/zan8in/gologger"
 )
 

diff --git a/pkg/config/banner.go b/pkg/config/banner.go
@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/zan8in/afrog/pkg/log"
-	"github.com/zan8in/afrog/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/log"
+	"github.com/zan8in/afrog/v3/pkg/utils"
 	"github.com/zan8in/gologger"
 )
 

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -5,7 +5,7 @@ import (
 	"path/filepath"
 
 	"github.com/pkg/errors"
-	"github.com/zan8in/afrog/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/utils"
 	"gopkg.in/yaml.v2"
 )
 

diff --git a/pkg/config/options.go b/pkg/config/options.go
@@ -8,13 +8,13 @@ import (
 	"strings"
 	"sync"
 
-	"github.com/zan8in/afrog/pkg/log"
-	"github.com/zan8in/afrog/pkg/output"
-	"github.com/zan8in/afrog/pkg/poc"
-	"github.com/zan8in/afrog/pkg/utils"
-	"github.com/zan8in/afrog/pkg/web"
-	"github.com/zan8in/afrog/pkg/webhook/dingtalk"
-	"github.com/zan8in/afrog/pocs"
+	"github.com/zan8in/afrog/v3/pkg/log"
+	"github.com/zan8in/afrog/v3/pkg/output"
+	"github.com/zan8in/afrog/v3/pkg/poc"
+	"github.com/zan8in/afrog/v3/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/web"
+	"github.com/zan8in/afrog/v3/pkg/webhook/dingtalk"
+	"github.com/zan8in/afrog/v3/pocs"
 	"github.com/zan8in/goflags"
 	"github.com/zan8in/gologger"
 	fileutil "github.com/zan8in/pins/file"

diff --git a/pkg/cyberspace/cyberspace.go b/pkg/cyberspace/cyberspace.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/zan8in/afrog/pkg/config"
+	"github.com/zan8in/afrog/v3/pkg/config"
 	"github.com/zan8in/gologger"
 	zoom_eyes "github.com/zan8in/zoomeye/pkg/runner"
 )

diff --git a/pkg/db/db.go b/pkg/db/db.go
@@ -7,8 +7,8 @@ import (
 	"path/filepath"
 	"time"
 
-	"github.com/zan8in/afrog/pkg/poc"
-	"github.com/zan8in/afrog/pkg/utils"
+	"github.com/zan8in/afrog/v3/pkg/poc"
+	"github.com/zan8in/afrog/v3/pkg/utils"
 	"gopkg.in/yaml.v2"
 )
-Original file line number
+Diff line change
@@ Expand Up / @@ -14,7 +14,7 @@ @@
     logs
     urls*
     *.txt
-    *.html
+    */reports/*.html
     *.json
     # Dependency directories (remove the comment below to include it)
@@ Expand Down @@