util

package
v0.0.0-...-269099d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 30, 2023 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var InVulnerableResult = ScanResult{
	Vulnerable: false,
}

没漏洞时返回的结果

Functions

func CopyRequest

func CopyRequest(req *http.Request, dstRequest *fasthttp.Request, data []byte) error

func DealMultipart

func DealMultipart(contentType string, ruleBody string) (result string, err error)

func DoFasthttpRequest

func DoFasthttpRequest(req *fasthttp.Request, redirect bool) (*proto.Response, error)

func GenOriginalReq

func GenOriginalReq(target string) (*http.Request, error)

func GenerateToken

func GenerateToken(username, password string) (string, error)

func GetOriginalReqBody

func GetOriginalReqBody(originalReq *http.Request) ([]byte, error)

func InitRate

func InitRate()

func LimitWait

func LimitWait()

func ParseFasthttpResponse

func ParseFasthttpResponse(originalResp *fasthttp.Response, req *fasthttp.Request) (*proto.Response, error)

func ParseUrl

func ParseUrl(u *url.URL) *proto.UrlType

func RandFromChoices

func RandFromChoices(n int, choices string) string

RandFromChoices 从choices里面随机获取

func RandLetterNumbers

func RandLetterNumbers(n int) string

RandLetterNumbers 随机大小写字母和数字

func RandLetters

func RandLetters(n int) string

RandLetters 随机小写字母

func RandLowLetterNumber

func RandLowLetterNumber(n int) string

RandLowLetterNumber 随机小写字母和数字

func RequestGet

func RequestGet() *proto.Request

func RequestPut

func RequestPut(r *proto.Request)

func RespGet

func RespGet() *proto.Response

func ResponsePut

func ResponsePut(resp *proto.Response)

func ResponsesPut

func ResponsesPut(responses []*proto.Response)

func Setup

func Setup()

func SingleVersionCompare

func SingleVersionCompare(verCurrent string, verVul string) (int, error)

SingleVersionCompare 版本对比方法 <=0没有漏洞 >0有漏洞

func TcpSend

func TcpSend(targetAddr string, data []byte) ([]byte, error)

TcpSend 指定目标发送tcp报文,返回结果(仅适用于一次交互即可判断漏洞的场景)

func TcpTlsSend

func TcpTlsSend(targetAddr string, data []byte) ([]byte, error)

TcpSend 指定目标发送tls嵌套的tcp报文,返回结果(仅适用于一次交互即可判断漏洞的场景)

func UnzipResponseBody

func UnzipResponseBody(response *fasthttp.Response) ([]byte, error)

UnzipResponseBody 返回解压缩的 Body : 目前支持 identity gzip deflate

func UrlTypeToString

func UrlTypeToString(u *proto.UrlType) string

func VerifyInputTarget

func VerifyInputTarget(target string) (bool, string)

func VerifyPortConnection

func VerifyPortConnection(targetAddr string) bool

Types

type Claims

type Claims struct {
	Username string `json:"username"`
	Password string `json:"password"`
	jwt.StandardClaims
}

func ParseToken

func ParseToken(authHeader string) (*Claims, error)

type FormatString

type FormatString struct {
	Raw string `json:"raw"`
}

type ReqFormat

type ReqFormat struct {
	Req *fasthttp.Request
}

func (*ReqFormat) FormatContent

func (r *ReqFormat) FormatContent() string

dump 请求报文

type RespFormat

type RespFormat struct {
	Resp *fasthttp.Response
}

func (*RespFormat) FormatContent

func (r *RespFormat) FormatContent() string

dump 响应报文

type ScanResult

type ScanResult struct {
	Vulnerable bool     `json:"vulnerable"` // 是否存在漏洞
	Target     string   `json:"target"`     // 漏洞url
	Output     string   `json:"output"`     // 一些说明
	ReqMsg     []string `json:"req_msg"`    // 请求列表
	RespMsg    []string `json:"resp_msg"`   // 响应列表
}

保存扫描结果

func DebugVulnerableHttpResult

func DebugVulnerableHttpResult(target string, output string, respList []*proto.Response) *ScanResult

debug没漏洞返回的结果(http)

func VulnerableHttpResult

func VulnerableHttpResult(target string, output string, respList []*proto.Response) *ScanResult

有漏洞时返回的结果(http)

func VulnerableTcpOrUdpResult

func VulnerableTcpOrUdpResult(target string, output string, payload []string, resp []string) *ScanResult

有漏洞时返回的结果(tcp/udp)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL