schema

package
v1.3.5-beta1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 2, 2024 License: AGPL-3.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source
const (
	KEY_SCHEMA_YAKIT_DATABASE uint8 = iota
	KEY_SCHEMA_PROFILE_DATABASE
	KEY_SCHEMA_CVE_DATABASE
	KEY_SCHEMA_CVE_DESCRIPTION_DATABASE
	KEY_SCHEMA_VULINBOX_DATABASE
	KEY_SCHEMA_SSA_DATABASE
)
View Source
const (
	REPORT_ITEM_TYPE_MARKDOWN             = "markdown"
	REPORT_ITEM_TYPE_DIVIDER              = "divider"
	REPORT_ITEM_TYPE_TABLE                = "json-table"
	REPORT_ITEM_SEARCH_TYPE_TABLE         = "search-json-table"
	REPORT_ITEM_TYPE_PIE_GRAPH            = "pie-graph"
	REPORT_ITEM_TYPE_VERTICAL_BAR_GRAPH   = "vertical-bar-graph"
	REPORT_ITEM_TYPE_HORIZONTAL_BAR_GRAPH = "horizontal-bar-graph"
	REPORT_ITEM_TYPE_RAW                  = "raw"
	REPORT_ITEM_TYPE_CODE                 = "code"
	REPORT_ITEM_TYPE_WORDCLOUD            = "wordcloud"
)
View Source
const COLORPREFIX = "YAKIT_COLOR_"

Variables

View Source
var ProfileTables = []interface{}{
	&YakScript{}, &Payload{}, &MenuItem{},
	&GeneralStorage{}, &MarkdownDoc{},
	&Project{},
	&NavigationBar{}, &NaslScript{},
	&WebFuzzerLabel{},
	&PluginGroup{},
	&CodecFlow{},
	&SyntaxFlowRule{},
}

ProfileTables 这些表是独立与项目之外的,每一个用户的数据都不一样

ProjectTables 这些表是和项目关联的,导出项目可以直接复制给用户

View Source
var (
	WebFuzzerResponseTTLCache = utils.NewTTLCache[*ypb.FuzzerResponse](30 * time.Minute)
)
View Source
var WebFuzzerTaskTTLCache = utils.NewTTLCache[*ypb.HistoryHTTPFuzzerTask](30 * time.Minute)

Functions

func AutoMigrate

func AutoMigrate(db *gorm.DB, key uint8)

func GetGormProfileDatabase

func GetGormProfileDatabase() *gorm.DB

func GetGormProjectDatabase

func GetGormProjectDatabase() *gorm.DB

func KeySchemaToName

func KeySchemaToName(i uint8) string

func RegisterDatabaseSchema

func RegisterDatabaseSchema(key uint8, schema ...any)

func SetBoardCast_Data

func SetBoardCast_Data(f func(typeString string, data any))

func SetGormProfileDatabase

func SetGormProfileDatabase(d *gorm.DB)

set from consts package

func SetGormProjectDatabase

func SetGormProjectDatabase(d *gorm.DB)

set from consts package

Types

type AliveHost

type AliveHost struct {
	gorm.Model

	Hash string `json:"hash"`

	IP        string `json:"ip"`
	IPInteger int64  `json:"ip_integer"`

	// 设置运行时 ID 为了关联具体漏洞
	RuntimeId string `json:"runtime_id"`
}

type BackProject

type BackProject struct {
	Project
	FolderName      string
	ChildFolderName string
}

func (*BackProject) BackGRPCModel

func (p *BackProject) BackGRPCModel() *ypb.ProjectDescription

type Briefing

type Briefing struct {
	gorm.Model

	SourceXmlUrl    string
	RssFeedHash     string
	Hash            string     `gorm:"columns:hash;unique_index"`
	Title           string     `json:"title,omitempty"`
	Description     string     `json:"description,omitempty"`
	Content         string     `json:"content,omitempty"`
	Link            string     `json:"link,omitempty"`
	Updated         string     `json:"updated,omitempty"`
	UpdatedParsed   *time.Time `json:"updatedParsed,omitempty"`
	Published       string     `json:"published,omitempty"`
	PublishedParsed *time.Time `json:"publishedParsed,omitempty"`
	Author          string     `json:"author,omitempty"`
	AuthorEmail     string     `json:"author_email,omitempty"`
	GUID            string     `json:"guid,omitempty"`
	ImageUrl        string     `json:"image_url,omitempty"`
	ImageName       string     `json:"image_name,omitempty"`
	Categories      string     `json:"categories,omitempty"`
	Tags            string     `json:"tags"`
	IsRead          bool       `json:"is_read"`
}

func (*Briefing) BeforeSave

func (b *Briefing) BeforeSave() error

func (*Briefing) CalcHash

func (b *Briefing) CalcHash() string

type CodecFlow

type CodecFlow struct {
	gorm.Model
	FlowName   string
	WorkFlow   []byte
	WorkFlowUI string
}

func (*CodecFlow) ToGRPC

func (cf *CodecFlow) ToGRPC() *ypb.CustomizeCodecFlow

type Domain

type Domain struct {
	gorm.Model

	Domain    string `json:"domain" gorm:"index"`
	IPAddr    string `json:"ip_addr"`
	IPInteger int64  `json:"ip_integer"`

	HTTPTitle string

	Hash string `json:"hash" gorm:"unique_index"`

	Tags string `json:"tags"`
}

func (*Domain) BeforeSave

func (d *Domain) BeforeSave() error

func (*Domain) CalcHash

func (d *Domain) CalcHash() string

func (*Domain) FillDomainHTTPInfo

func (d *Domain) FillDomainHTTPInfo()

type ExecHistory

type ExecHistory struct {
	gorm.Model

	Hash string `gorm:"unique_index"`

	RuntimeId     string `json:"runtime_id" gorm:"unique_index"`
	Script        string `json:"script"`
	ScriptId      string `json:"script_id" gorm:"index"`
	TimestampNano int64  `json:"timestamp"`
	FromYakModule string `json:"from_yak_module" gorm:"index"`
	DurationMs    int64  `json:"duration_ms"`
	Params        string `json:"params"`
	Stdout        string `json:"stdout"`
	Stderr        string `json:"stderr"`
	Ok            bool   `json:"ok"`
	Reason        string `json:"reason"`

	StdoutLen int64 `json:"stdout_len" gorm:"-"`
	StderrLen int64 `json:"stderr_len" gorm:"-"`

	// json
	Messages string `json:"messages"`
}

func (*ExecHistory) BeforeSave

func (f *ExecHistory) BeforeSave() error

func (*ExecHistory) CalcHash

func (f *ExecHistory) CalcHash() string

func (*ExecHistory) ToGRPCModel

func (f *ExecHistory) ToGRPCModel() *ypb.ExecHistoryRecord

type ExecResult

type ExecResult struct {
	gorm.Model

	YakScriptName string `json:"yak_script_name" gorm:"index"`
	Raw           string `json:"raw"`
}

func (*ExecResult) ToGRPCModel

func (e *ExecResult) ToGRPCModel() *ypb.ExecResult

type ExtractedData

type ExtractedData struct {
	gorm.Model

	// sourcetype 一般来说是标注数据来源
	SourceType string `gorm:"index"`

	// trace id 表示数据源的 ID
	TraceId string `gorm:"index"`

	// 提取数据的正则数据
	Regexp string

	// 规则 Verbose
	RuleVerbose string

	// UTF8 safe escape
	Data string

	// DataIndex 表示数据的位置
	DataIndex int

	// Length 表示数据的长度
	Length int

	// IsMatchRequest 表示是否是匹配请求
	IsMatchRequest bool
}

type GeneralStorage

type GeneralStorage struct {
	gorm.Model

	Key string `json:"key" gorm:"unique_index"`

	// 经过 JSON + Strconv
	Value string `json:"value"`

	// 过期时间
	ExpiredAt time.Time

	// YAKIT SUBPROC_ENV
	ProcessEnv bool

	// 帮助信息,描述这个变量是干嘛的
	Verbose string

	// 描述变量所在的组是啥
	Group string
}

func (*GeneralStorage) EnableProcessEnv

func (s *GeneralStorage) EnableProcessEnv()

func (*GeneralStorage) ToGRPCModel

func (s *GeneralStorage) ToGRPCModel() *ypb.GeneralStorage

type HTTPFlow

type HTTPFlow struct {
	gorm.Model

	HiddenIndex        string
	NoFixContentLength bool   `json:"no_fix_content_length"`
	Hash               string `gorm:"unique_index"`
	IsHTTPS            bool
	Url                string `gorm:"index"`
	Path               string
	Method             string
	BodyLength         int64
	ContentType        string
	StatusCode         int64
	SourceType         string
	Request            string
	Response           string
	GetParamsTotal     int
	PostParamsTotal    int
	CookieParamsTotal  int
	IPAddress          string
	RemoteAddr         string
	IPInteger          int
	Tags               string // 用来打标!
	Payload            string

	// Websocket 相关字段
	IsWebsocket bool
	// 用来计算 websocket hash, 每次连接都不一样,一般来说,内部对象 req 指针足够了
	WebsocketHash string

	RuntimeId  string
	FromPlugin string

	// friendly for gorm build instance, not for store
	// 这两个字段不参与数据库存储,但是在序列化的时候,会被覆盖
	// 主要用来标记用户的 Request 和 Response 是否超大
	IsRequestOversize  bool `gorm:"-"`
	IsResponseOversize bool `gorm:"-"`

	IsTooLargeResponse         bool
	TooLargeResponseHeaderFile string
	TooLargeResponseBodyFile   string
	// 同步到企业端
	UploadOnline bool `json:"upload_online"`
}

func (*HTTPFlow) AddTag

func (f *HTTPFlow) AddTag(appendTags ...string)

颜色与 Tag API

func (*HTTPFlow) AddTagToFirst

func (f *HTTPFlow) AddTagToFirst(appendTags ...string)

func (*HTTPFlow) AfterCreate

func (f *HTTPFlow) AfterCreate(tx *gorm.DB) (err error)

func (*HTTPFlow) AfterDelete

func (f *HTTPFlow) AfterDelete(tx *gorm.DB) (err error)

func (*HTTPFlow) AfterSave

func (f *HTTPFlow) AfterSave(tx *gorm.DB) (err error)

func (*HTTPFlow) AfterUpdate

func (f *HTTPFlow) AfterUpdate(tx *gorm.DB) (err error)

func (*HTTPFlow) BeforeSave

func (f *HTTPFlow) BeforeSave() error

func (*HTTPFlow) Blue

func (f *HTTPFlow) Blue()

func (*HTTPFlow) CalcCacheHash

func (f *HTTPFlow) CalcCacheHash(full bool) string

func (*HTTPFlow) CalcHash

func (f *HTTPFlow) CalcHash() string

func (*HTTPFlow) ColorSharp

func (f *HTTPFlow) ColorSharp(rgbHex string)

func (*HTTPFlow) Cyan

func (f *HTTPFlow) Cyan()

func (*HTTPFlow) Green

func (f *HTTPFlow) Green()

func (*HTTPFlow) Grey

func (f *HTTPFlow) Grey()

func (*HTTPFlow) Orange

func (f *HTTPFlow) Orange()

func (*HTTPFlow) Purple

func (f *HTTPFlow) Purple()

func (*HTTPFlow) Red

func (f *HTTPFlow) Red()

func (*HTTPFlow) RemoveColor

func (f *HTTPFlow) RemoveColor()

func (*HTTPFlow) Yellow

func (f *HTTPFlow) Yellow()

type Host

type Host struct {
	gorm.Model

	IP        string `json:"ip" gorm:"unique_index"`
	IPInteger int64  `json:"ip_integer"`

	IsInPublicNet bool

	// splite by comma
	Domains string
}

type HybridScanTask

type HybridScanTask struct {
	gorm.Model

	TaskId string `gorm:"unique_index"`
	// executing
	// paused
	// done
	Status              string
	Reason              string // user cancel / finished / recover failed so on
	SurvivalTaskIndexes string // 暂停的时候正在执行的任务

	// struct{ https bool; request bytes }[]
	Targets string
	// string[]
	Plugins         string
	TotalTargets    int64
	TotalPlugins    int64
	TotalTasks      int64
	FinishedTasks   int64
	FinishedTargets int64

	ScanConfig []byte

	HybridScanTaskSource string
}

type MarkdownDoc

type MarkdownDoc struct {
	gorm.Model

	YakScriptId   int64  `json:"yak_script_id" gorm:"index"`
	YakScriptName string `json:"yak_script_name" gorm:"index"`
	Markdown      string `json:"markdown"`
}
type MenuItem struct {
	gorm.Model

	Group         string `json:"group" `
	Verbose       string `json:"verbose"`
	YakScriptName string `json:"yak_script_name"`
	Hash          string `json:"-" gorm:"unique_index"`

	// quoted json
	BatchPluginFilterJson string `json:"batch_plugin_filter_json"`
	Mode                  string `json:"mode"`
	MenuSort              int64  `json:"menu_sort"`
	GroupSort             int64  `json:"group_sort"`
}
func (m *MenuItem) BeforeSave() error
func (m *MenuItem) CalcHash() string

type NaslScript

type NaslScript struct {
	gorm.Model
	OriginFileName  string `json:"origin_file_name"`
	Hash            string `json:"hash" gorm:"unique_index"`
	OID             string `json:"oid"`
	CVE             string `json:"cve"`
	ScriptName      string `json:"script_name"`
	Script          string `json:"script"`
	Tags            string `json:"tags,omitempty"`
	Version         string `json:"version"`
	Category        string `json:"category"`
	Family          string `json:"family"`
	Copyright       string `json:"copyright"`
	Dependencies    string `json:"dependencies,omitempty"`
	RequirePorts    string `json:"require_ports,omitempty"`
	RequireUdpPorts string `json:"require_udp_ports,omitempty"`
	ExcludeKeys     string `json:"exclude_keys,omitempty"`
	Xref            string `json:"xref,omitempty"`
	Preferences     string `json:"preferences,omitempty"`
	BugtraqId       string `json:"bugtraqId,omitempty"`
	MandatoryKeys   string `json:"mandatory_keys,omitempty"`
	Timeout         int    `json:"timeout,omitempty"`
	RequireKeys     string `json:"require_keys,omitempty"`
}

func (*NaslScript) CalcHash

func (p *NaslScript) CalcHash() string

func (*NaslScript) CreateOrUpdateNaslScript

func (p *NaslScript) CreateOrUpdateNaslScript(db *gorm.DB) error

func (*NaslScript) ToYakScript

func (p *NaslScript) ToYakScript() *YakScript
type NavigationBar struct {
	gorm.Model
	Group         string `json:"group" `
	YakScriptName string `json:"yak_script_name"`
	Hash          string `json:"-" gorm:"unique_index"`
	Mode          string `json:"mode"`
	VerboseSort   int64  `json:"verbose_sort"`
	GroupSort     int64  `json:"group_sort"`
	Route         string `json:"route"`
	Verbose       string `json:"verbose"`
	GroupLabel    string `json:"group_label"`
	VerboseLabel  string `json:"verbose_label"`
}
func (m *NavigationBar) CalcHash() string

type Payload

type Payload struct {
	gorm.Model

	// Must: payload group
	Group string `json:"group" gorm:"index"`

	// payload folder
	Folder     *string `json:"folder" gorm:"column:folder;default:''"`          // default empty string
	GroupIndex *int64  `json:"group_index" gorm:"column:group_index;default:0"` // default 0

	// strconv Quoted
	// Must: payload data
	Content *string `json:"content"`

	// hit count
	HitCount *int64 `json:"hit_count" gorm:"column:hit_count;default:0"` // default 0

	// the group save in file only contain one payload, and this `payload.IsFile = true` `payload.Content` is filepath
	IsFile *bool `json:"is_file" gorm:"column:is_file;default:false"` // default false

	// Hash string
	Hash string `json:"hash" gorm:"unique_index"`
}

func (*Payload) BeforeCreate

func (p *Payload) BeforeCreate() error

func (*Payload) BeforeSave

func (p *Payload) BeforeSave() error

func (*Payload) BeforeUpdate

func (p *Payload) BeforeUpdate() error

func (*Payload) CalcHash

func (p *Payload) CalcHash() string

type PluginGroup

type PluginGroup struct {
	gorm.Model

	YakScriptName string `json:"yak_script_name" gorm:"index"`
	Group         string `json:"group"`
	Hash          string `json:"hash" gorm:"unique_index"`
	TemporaryId   string `json:"temporary_id"`
	IsPocBuiltIn  bool   `json:"is_poc_built_in"`
}

func (*PluginGroup) CalcHash

func (p *PluginGroup) CalcHash() string

type Port

type Port struct {
	gorm.Model

	Host        string `json:"host" gorm:"index"`
	IPInteger   int    `json:"ip_integer" gorm:"column:ip_integer" json:"ip_integer"`
	Port        int    `json:"port" gorm:"index"`
	Proto       string `json:"proto"`
	ServiceType string `json:"service_type"`
	State       string `json:"state"`
	Reason      string `json:"reason"`
	Fingerprint string `json:"fingerprint"`
	CPE         string `json:"cpe"`
	HtmlTitle   string `json:"html_title"`
	From        string `json:"from"`
	Hash        string `json:"hash"`
	TaskName    string `json:"task_name"`

	// runtime id 运行时 ID
	RuntimeId string `json:"runtime_id"`
}

func (*Port) BeforeSave

func (p *Port) BeforeSave() error

func (*Port) CalcHash

func (p *Port) CalcHash() string

type Progress

type Progress struct {
	gorm.Model
	RuntimeId            string
	CurrentProgress      float64
	YakScriptOnlineGroup string
	// 记录指针
	LastRecordPtr int64
	TaskName      string
	// 额外信息
	ExtraInfo string

	ProgressSource string

	// 任务记录的参数
	ProgressTaskParam []byte

	// 目标 大部分的progress都应该有制定目标,所以尝试提取出来作为单独的数据使用
	Target string
}

type Project

type Project struct {
	gorm.Model

	ProjectName  string
	Description  string
	DatabasePath string

	IsCurrentProject bool
	FolderID         int64
	ChildFolderID    int64
	Type             string
}

Project 描述一个 Yakit 项目 一般项目数据都是应该用 ProjectDatabase 作为连接的 但是项目本身的元数据应该存在 ProfileDatabase 中

func (*Project) CalcHash

func (p *Project) CalcHash() string

type ProjectGeneralStorage

type ProjectGeneralStorage struct {
	gorm.Model

	Key string `json:"key" gorm:"unique_index"`

	// 经过 JSON + Strconv
	Value string `json:"value"`

	// 过期时间
	ExpiredAt time.Time

	// YAKIT SUBPROC_ENV
	ProcessEnv bool

	// 帮助信息,描述这个变量是干嘛的
	Verbose string

	// 描述变量所在的组是啥
	Group string
}

type Report

type Report struct {
	TitleValue string        `json:"title"`
	OwnerValue string        `json:"owner"`
	FromValue  string        `json:"from"`
	Items      []*ReportItem `json:"items"`
}

func (*Report) BarGraphHorizontal

func (r *Report) BarGraphHorizontal(items ...interface{})

func (*Report) BarGraphVertical

func (r *Report) BarGraphVertical(items ...interface{})

func (*Report) Code

func (r *Report) Code(items interface{})

func (*Report) Divider

func (r *Report) Divider()

func (*Report) From

func (r *Report) From(i interface{}, items ...interface{})

func (*Report) Markdown

func (r *Report) Markdown(i string)

func (*Report) Owner

func (r *Report) Owner(i interface{}, items ...interface{})

func (*Report) PieGraph

func (r *Report) PieGraph(items ...interface{})

func (*Report) Raw

func (r *Report) Raw(items interface{})

func (*Report) Save

func (r *Report) Save() int

func (*Report) SearchTable

func (r *Report) SearchTable(i interface{}, raw ...interface{})

func (*Report) Table

func (r *Report) Table(i interface{}, raw ...interface{})

func (*Report) Title

func (r *Report) Title(i interface{}, items ...interface{})

func (*Report) ToRecord

func (r *Report) ToRecord() (*ReportRecord, error)

func (*Report) WordCloud

func (r *Report) WordCloud(items ...interface{})

type ReportItem

type ReportItem struct {
	Type    string `json:"type"`
	Content string `json:"content"`
}

type ReportRecord

type ReportRecord struct {
	gorm.Model

	Title       string
	PublishedAt time.Time `json:"published_at"`
	Hash        string    `json:"hash" gorm:"unique_index"`
	Owner       string    `json:"owner"`
	From        string    `json:"from"`
	QuotedJson  string    `json:"quoted_json"`
}

func (*ReportRecord) BeforeSave

func (r *ReportRecord) BeforeSave()

func (*ReportRecord) CalcHash

func (r *ReportRecord) CalcHash() string

func (*ReportRecord) ToGRPCModel

func (i *ReportRecord) ToGRPCModel() *ypb.Report

func (*ReportRecord) ToReport

func (r *ReportRecord) ToReport() (*Report, error)

type Risk

type Risk struct {
	gorm.Model

	Hash string `json:"hash"`

	// essential
	IP        string `json:"ip"`
	IPInteger int64  `json:"ip_integer"`

	// extraTargets
	Url  string `json:"url"`
	Port int    `json:"port"`
	Host string `json:"host"`

	//
	Title           string `json:"title"`
	TitleVerbose    string `json:"title_verbose"`
	Description     string `json:"description"`
	Solution        string `json:"solution"`
	RiskType        string `json:"risk_type"`
	RiskTypeVerbose string `json:"risk_verbose"`
	Parameter       string `json:"parameter"`
	Payload         string `json:"payload"`
	Details         string `json:"details"`
	Severity        string `json:"severity"`

	// 来源于哪个插件?
	FromYakScript string `json:"from_yak_script"`
	YakScriptUUID string `json:"yak_script_uuid"`

	// 等待验证中?
	WaitingVerified bool `json:"waiting_verified"`
	// 用于验证的 ReverseToken
	ReverseToken string `json:"reverse_token"`

	// 设置运行时 ID 为了关联具体漏洞
	RuntimeId      string `json:"runtime_id"`
	QuotedRequest  string `json:"quoted_request"`
	QuotedResponse string `json:"quoted_response"`

	// 潜在威胁:用于输出合规性质的漏洞内容
	IsPotential bool `json:"is_potential"`

	CVE                 string `json:"cve"`
	IsRead              bool   `json:"is_read"`
	Ignore              bool   `json:"ignore"`
	UploadOnline        bool   `json:"upload_online"`
	TaskName            string `json:"task_name"`
	CveAccessVector     string `json:"cve_access_vector"`
	CveAccessComplexity string `json:"cve_access_complexity"`
	Tags                string `json:"tags"`
}

func (*Risk) AfterCreate

func (r *Risk) AfterCreate(tx *gorm.DB) (err error)

func (*Risk) AfterDelete

func (r *Risk) AfterDelete(tx *gorm.DB) (err error)

func (*Risk) AfterSave

func (r *Risk) AfterSave(tx *gorm.DB) (err error)

func (*Risk) AfterUpdate

func (r *Risk) AfterUpdate(tx *gorm.DB) (err error)

func (*Risk) BeforeSave

func (p *Risk) BeforeSave() error

func (*Risk) ColorizedShow

func (p *Risk) ColorizedShow()

func (*Risk) ToGRPCModel

func (p *Risk) ToGRPCModel() *ypb.Risk

type RssFeed

type RssFeed struct {
	gorm.Model

	SourceXmlUrl    string
	Hash            string     `gorm:"columns:hash;unique_index"`
	Title           string     `json:"title,omitempty"`
	Description     string     `json:"description,omitempty"`
	Link            string     `json:"link,omitempty"`
	FeedLink        string     `json:"feedLink,omitempty"`
	Updated         string     `json:"updated,omitempty"`
	UpdatedParsed   *time.Time `json:"updatedParsed,omitempty"`
	Published       string     `json:"published,omitempty"`
	PublishedParsed *time.Time `json:"publishedParsed,omitempty"`
	Author          string     `json:"author,omitempty"`
	AuthorEmail     string     `json:"author_email,omitempty"`
	Language        string     `json:"language,omitempty"`
	ImageUrl        string     `json:"image_url,omitempty"`
	ImageName       string     `json:"image_name,omitempty"`
	Copyright       string     `json:"copyright,omitempty"`
	Generator       string     `json:"generator,omitempty"`
	Categories      string     `json:"categories,omitempty"`
	FeedType        string     `json:"feedType"`
	FeedVersion     string     `json:"feedVersion"`
}

func (*RssFeed) BeforeSave

func (b *RssFeed) BeforeSave() error

func (*RssFeed) CalcHash

func (b *RssFeed) CalcHash() string

type ScreenRecorder

type ScreenRecorder struct {
	gorm.Model

	// 保存到本地的路径
	Filename  string
	NoteInfo  string
	Project   string
	Hash      string `json:"hash" gorm:"unique_index"`
	VideoName string
	Cover     string `gorm:"type:longtext"`
	Duration  string
}

func (*ScreenRecorder) BeforeSave

func (s *ScreenRecorder) BeforeSave() error

func (*ScreenRecorder) CalcHash

func (s *ScreenRecorder) CalcHash() string

type SyntaxFlowRule

type SyntaxFlowRule struct {
	gorm.Model

	// Language is the language of the rule.
	// if the rule is not set, all languages will be used.
	Language string

	RuleName    string
	Title       string
	TitleZh     string
	Description string

	// yak or sf
	Type    SyntaxFlowRuleType
	Content string

	// Purpose is the purpose of the rule.
	// audit / vuln / config / security / information
	Purpose SyntaxFlowRulePurposeType

	// DemoFileSystem will description the file system of the rule.
	// This is a json string.
	//    save map[string]quotedString
	TypicalHitFileSystem []byte
	Verified             bool

	// AllowIncluded is the rule can be included by other rules.
	// If the rule is included by other rules, the rule will not be shown in the result.
	AllowIncluded bool
	IncludedName  string

	Hash string `json:"hash" gorm:"unique_index"`
}

func (*SyntaxFlowRule) BeforeSave

func (s *SyntaxFlowRule) BeforeSave() error

func (*SyntaxFlowRule) CalcHash

func (s *SyntaxFlowRule) CalcHash() string

type SyntaxFlowRulePurposeType

type SyntaxFlowRulePurposeType string
const (
	SFR_PURPOSE_AUDIT    SyntaxFlowRulePurposeType = "audit"
	SFR_PURPOSE_VULN     SyntaxFlowRulePurposeType = "vuln"
	SFR_PURPOSE_CONFIG   SyntaxFlowRulePurposeType = "config"
	SFR_PURPOSE_SECURITY SyntaxFlowRulePurposeType = "securiy"
)

func ValidPurpose

func ValidPurpose(i any) SyntaxFlowRulePurposeType

type SyntaxFlowRuleType

type SyntaxFlowRuleType string
const (
	SFR_RULE_TYPE_YAK SyntaxFlowRuleType = "yak"
	SFR_RULE_TYPE_SF  SyntaxFlowRuleType = "sf"
)

func ValidRuleType

func ValidRuleType(i any) SyntaxFlowRuleType

type TrafficPacket

type TrafficPacket struct {
	gorm.Model

	SessionUuid string `gorm:"index"`

	LinkLayerType        string
	NetworkLayerType     string
	TransportLayerType   string
	ApplicationLayerType string
	Payload              string

	// QuotedRaw contains the raw bytes of the packet, quoted such that it can be
	// caution: QuotedRaw is (maybe) not an utf8-valid string
	// quoted-used for save to database
	QuotedRaw string

	EthernetEndpointHardwareAddrSrc string
	EthernetEndpointHardwareAddrDst string
	IsIpv4                          bool
	IsIpv6                          bool
	NetworkEndpointIPSrc            string
	NetworkEndpointIPDst            string
	TransportEndpointPortSrc        int
	TransportEndpointPortDst        int
}

type TrafficSession

type TrafficSession struct {
	gorm.Model

	Uuid string `gorm:"index"`

	// Traffic SessionType Means a TCP Session / ICMP Request-Response / UDP Request-Response
	// DNS Request-Response
	// HTTP Request-Response
	// we can't treat Proto as any transport layer proto or application layer proto
	// because we can't know the proto of a packet before we parse it
	//
	// just use session type as a hint / verbose to group some frames(packets).
	//
	// 1. tcp (reassembled)
	// 2. udp (try figure out request-response)
	// 3. dns
	// 4. http (flow)
	// 5. icmp (request-response)
	// 6. sni (tls client hello)
	SessionType string `gorm:"index"`

	DeviceName string `gorm:"index"`
	DeviceType string

	// LinkLayer physical layer
	IsLinkLayerEthernet bool
	LinkLayerSrc        string
	LinkLayerDst        string

	// NetworkLayer network layer
	IsIpv4          bool
	IsIpv6          bool
	NetworkSrcIP    string
	NetworkSrcIPInt int64
	NetworkDstIP    string
	NetworkDstIPInt int64

	// TransportLayer transport layer
	IsTcpIpStack          bool
	TransportLayerSrcPort int
	TransportLayerDstPort int

	// TCP State Flags
	// PDU Reassembled
	IsTCPReassembled bool
	// TCP SYN Detected? If so, it's a new TCP Session
	// 'half' means we haven't seen a FIN or RST
	IsHalfOpen bool
	// TCP FIN Detected
	IsClosed bool
	// TCP RST Detected
	IsForceClosed bool

	// TLS ClientHello
	HaveClientHello bool
	SNI             string
}

type TrafficTCPReassembledFrame

type TrafficTCPReassembledFrame struct {
	gorm.Model

	SessionUuid string `gorm:"index"`
	QuotedData  string
	Seq         int64
	Timestamp   int64
	Source      string
	Destination string
}

type WebFuzzerLabel

type WebFuzzerLabel struct {
	gorm.Model
	Label string `json:"label"`
	// 模版数据唯一标识,用来兼容做对比
	DefaultDescription string `json:"default_description"`
	Description        string `json:"description"`
	Hash               string `gorm:"unique_index"`
}

func (*WebFuzzerLabel) CalcHash

func (w *WebFuzzerLabel) CalcHash() string

type WebFuzzerResponse

type WebFuzzerResponse struct {
	gorm.Model

	WebFuzzerTaskId int    `json:"web_fuzzer_task_id" gorm:"index"`
	OK              bool   `json:"ok"`
	Request         string `json:"request"`
	Content         string `json:"content"`
	Payload         string `json:"payload"`
	Url             string `json:"url"`
	StatusCode      int    `json:"status_code"`
	DurationMs      int    `json:"duration_ms"`
	Timestamp       int64  `json:"timestamp"`
	HiddenIndex     string `json:"hidden_index"`
}

func (*WebFuzzerResponse) CalcCacheHash

func (w *WebFuzzerResponse) CalcCacheHash() string

func (*WebFuzzerResponse) ToGRPCModel

func (w *WebFuzzerResponse) ToGRPCModel() (*ypb.FuzzerResponse, error)

type WebFuzzerTask

type WebFuzzerTask struct {
	gorm.Model

	// 原始请求 json+quote
	RawFuzzTaskRequest string `json:"raw_fuzz_task_request"`

	// 对应前端的组织形式
	FuzzerIndex    string `json:"fuzzer_index"`
	FuzzerTabIndex string `json:"fuzzer_tab_index"`

	// HTTP 数据流总量
	HTTPFlowTotal        int    `json:"http_flow_total"`
	HTTPFlowSuccessCount int    `json:"http_flow_success_count"`
	HTTPFlowFailedCount  int    `json:"http_flow_failed_count"`
	Ok                   bool   `json:"ok"`
	Reason               string `json:"reason"` // if not ok
	Host                 string `json:"host"`
	Port                 int    `json:"port"`
	// retry 相关
	RetryRootID uint `json:"retry_root_id"`
}

这个结构用于保存当前测试的结果

包含:基本参数+请求数据

耗时+执行结果

执行结果包含,失败原因与执行成功的原因。

总共有多少个请求

func (*WebFuzzerTask) CalcCacheHash

func (w *WebFuzzerTask) CalcCacheHash() string

func (*WebFuzzerTask) ToGRPCModel

func (w *WebFuzzerTask) ToGRPCModel() *ypb.HistoryHTTPFuzzerTask

func (*WebFuzzerTask) ToGRPCModelDetail

func (w *WebFuzzerTask) ToGRPCModelDetail() *ypb.HistoryHTTPFuzzerTaskDetail

type WebShell

type WebShell struct {
	gorm.Model
	Url string `json:"url" gorm:"index" `
	// pass=payload
	Pass string `json:"pass"`
	// 加密密钥
	SecretKey string `json:"secret_key" gorm:"not null"`
	// 加密模式
	EncryptedMode string `json:"enc_mode" gorm:"column:enc_mode"`
	// 字符集编码
	Charset string `json:"charset" gorm:"default:'UTF-8'"`
	// 冰蝎还是哥斯拉,或者是其他
	ShellType string `json:"shell_type"`
	// 脚本语言
	ShellScript      string `json:"shell_script"`
	Headers          string `json:"headers" gorm:"type:json"`
	Posts            string `json:"posts" gorm:"type:json"`
	Status           bool   `json:"status"`
	Tag              string `json:"tag"`
	Proxy            string `json:"proxy"`
	Remark           string `json:"remark"`
	Hash             string `json:"hash"`
	PacketCodecName  string `json:"packet_codec_name"`
	PayloadCodecName string `json:"payload_codec_name"`
	Os               string `json:"os"`         //操作系统
	Timeout          int64  `json:"timeout"`    //超时时间
	Retry            int64  `json:"retry"`      //重连次数
	BlockSize        int64  `json:"block_size"` //分块大小
	MaxSize          int64  `json:"max_size"`   //上传的最大数量
	IsSession        bool   `json:"is_session"` //是否是session类型
}

func (*WebShell) BeforeSave

func (w *WebShell) BeforeSave() error

func (*WebShell) CalcHash

func (w *WebShell) CalcHash() string

func (*WebShell) ToGRPCModel

func (w *WebShell) ToGRPCModel() *ypb.WebShell

type WebsocketFlow

type WebsocketFlow struct {
	gorm.Model

	// HTTPFlow 过来的应该有 WebsocketHash
	WebsocketRequestHash string `json:"websocket_request_hash" gorm:"index"`

	FrameIndex  int    `json:"frame_index" gorm:"index"`
	FromServer  bool   `json:"from_server"`
	QuotedData  string `json:"quoted_data"`
	MessageType string `json:"message_type"`

	Hash string `json:"hash"`
}

func (*WebsocketFlow) BeforeSave

func (f *WebsocketFlow) BeforeSave() error

func (*WebsocketFlow) CalcHash

func (f *WebsocketFlow) CalcHash() string

func (*WebsocketFlow) ToGRPCModel

func (i *WebsocketFlow) ToGRPCModel() *ypb.WebsocketFlow

type YakScript

type YakScript struct {
	gorm.Model

	ScriptName   string `json:"script_name" gorm:"unique_index"`
	Type         string `json:"type" gorm:"index"`
	Content      string `json:"content"`
	Level        string `json:"level"`
	Params       string `json:"params"`
	ParamsNumber int    `json:"params_number"`
	Help         string `json:"help"`
	Author       string `json:"author"`
	Tags         string `json:"tags,omitempty"`
	Ignored      bool   `json:"ignore"`

	// 加载本地的数据
	FromLocal bool   `json:"from_local"`
	LocalPath string `json:"local_path"`

	// History string
	IsHistory bool `json:"is_history"`

	// Force Interactive
	// Means that this script will be executed in interactive mode
	// cannot load as a plugin or a module by mix caller
	ForceInteractive bool `json:"force_interactive"`

	FromStore bool `json:"from_store"`

	IsGeneralModule      bool   `json:"is_general_module"`
	GeneralModuleVerbose string `json:"general_module_verbose"`
	GeneralModuleKey     string `json:"general_module_key"`
	FromGit              string `json:"from_git"`

	// 这个是自动填写的,一般不需要自己来填写
	// 条件是 Params 中有一个名字为 target 的必填参数
	IsBatchScript bool `json:"is_batch_script"`
	IsExternal    bool `json:"is_external"`

	EnablePluginSelector bool   `json:"enable_plugin_selector"`
	PluginSelectorTypes  string `json:"plugin_selector_types"`

	// Online ID: 线上插件的 ID
	OnlineId           int64  `json:"online_id"`
	OnlineScriptName   string `json:"online_script_name"`
	OnlineContributors string `json:"online_contributors"`
	OnlineIsPrivate    bool   `json:"online_is_private"`

	// 这个插件所属用户 ID
	UserId int64 `json:"user_id"`
	// 这个插件的 UUID
	Uuid           string `json:"uuid"`
	HeadImg        string `json:"head_img"`
	OnlineBaseUrl  string `json:"online_base_url"`
	BaseOnlineId   int64  `json:"BaseOnlineId"`
	OnlineOfficial bool   `json:"online_official"`
	OnlineGroup    string `json:"online_group"`

	IsCorePlugin bool `json:"is_core_plugin"` // 判断是否是核心插件
	// 废弃字段
	RiskType string `json:"risk_type"`
	// 漏洞详情 建议,描述,cwe
	RiskDetail string `json:"risk_detail"`
	// 漏洞类型-补充说明 废弃
	RiskAnnotation string `json:"risk_annotation"`
	// 协作者
	CollaboratorInfo string `json:"collaborator_info"`
	// contains filtered or unexported fields
}

func (*YakScript) AfterCreate

func (s *YakScript) AfterCreate(tx *gorm.DB) (err error)

func (*YakScript) AfterDelete

func (s *YakScript) AfterDelete(tx *gorm.DB) (err error)

func (*YakScript) AfterSave

func (s *YakScript) AfterSave(tx *gorm.DB) (err error)

func (*YakScript) AfterUpdate

func (s *YakScript) AfterUpdate(tx *gorm.DB) (err error)

func (*YakScript) BeforeSave

func (s *YakScript) BeforeSave() error

func (*YakScript) ToGRPCModel

func (s *YakScript) ToGRPCModel() *ypb.YakScript

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL