Documentation
¶
Index ¶
- Constants
- Variables
- func AUTOTYPE_DETECT_FACTORY(dnsurl string) string
- func DEPENDENCY_ERR_DETECT_FACTORY() map[string]string
- func InitResult(result Result)
- func NET_DETECT_FACTORY() (string, string)
- func SCAN_RESULTS_OUTPUT_FACTORY(result Result) string
- func TIME_DETECT_FACTORY(count int) []string
- type DNSPayloads
- type FS_VERSION
- type Option
- type Payload
- type Result
- type ResultFomat
Constants ¶
View Source
const FJ_BETWEEN_48_68 string = "1.2.48 ≤ Fastjson ≤ 1.2.68"
View Source
const FJ_BETWEEN_69_80 string = "1.2.69 ≤ Fastjson ≤ 1.2.80"
View Source
const FJ_BEYOND_48 string = "Fastjson ≥ 1.2.48"
View Source
const FJ_NOT_DETECT string = "Fastjson isn't detected or network isn't achieve"
View Source
const FJ_UNDER_48 string = "Fastjson < 1.2.48"
View Source
const FS_BETWEEN_36_62 = "1.2.37 ≤ Fastjson ≤ 1.2.61 (来自延迟探测,受网络因素影响,有一定误报率)"
View Source
const FS_BEYOND_80 = "fastjson = 1.2.83"
View Source
const NETWORK_NOT_ACCESS = "Network is Unreachable"
View Source
const NOT_FS = "target isn't fastjson"
Variables ¶
View Source
var AUTOTYPE_CHECK = `[{"@type":"java.net.CookiePolicy"},{"@type":"java.net.Inet4Address","val":"{{.Variables.DNS}}"}]`
View Source
var DEPENDENCY_DETECT_BY_ERR = `
{
"@type":"java.lang.Character"{
"@type":"java.lang.Class",
"val":"{{.Variables.Dependency}}"
}
`
View Source
var DNS_DETECT_48 = `` /* 209-byte string literal not displayed */
View Source
var DNS_DETECT_68 = `` /* 259-byte string literal not displayed */
View Source
var DNS_DETECT_80 = `` /* 436-byte string literal not displayed */
View Source
var DependencyList = []string{
"org.springframework.web.bind.annotation.RequestMapping",
"org.apache.shiro.jndi.JndiObjectFactory",
"org.apache.catalina.startuo.Tomcat",
"groovy.lang.GroovyShell",
"com.mysql.jdbc.Driver",
"java.net.http.HttpClient",
}
View Source
var FS_ERR_DETECT = `{"@type": "java.lang.AutoCloseable"`
View Source
var RESULT_OUTPUT = `` /* 294-byte string literal not displayed */
View Source
var TAR_NET_DETECT = `{"name":{"@type":"java.net.Inet4Address","val":"{{.Variables.DNS}}"}}`
View Source
var TIME_DETECT = `{"regex":{"$ref":"$[blue rlike '^[a-zA-Z]+(([a-zA-Z ])?[a-zA-Z]*)*$']"},"blue":"aaaaaaaaaaaa{{.Variables.Value}}!"}`
Functions ¶
func AUTOTYPE_DETECT_FACTORY ¶
func InitResult ¶
func InitResult(result Result)
func NET_DETECT_FACTORY ¶
func TIME_DETECT_FACTORY ¶
Types ¶
type DNSPayloads ¶
func DNS_DETECT_FACTORY ¶
func DNS_DETECT_FACTORY() (DNSPayloads, string)
type FS_VERSION ¶
type FS_VERSION string // fastjson版本号
type ResultFomat ¶
Source Files
Click to show internal directories.
Click to hide internal directories.