Skip to content

Commit

Permalink
second
Browse files Browse the repository at this point in the history
  • Loading branch information
@BBD-YZZ
BBD-YZZ committed Oct 26, 2023
1 parent a1fcc88 commit d3c4e82
Show file tree
Hide file tree
Showing 7 changed files with 1 addition and 2,989 deletions.
Binary file removed check2023.exe
View file
Binary file not shown.
296 changes: 0 additions & 296 deletions check_demo/start_poc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,275 +27,6 @@ func Start(rch chan string, wch chan string, bch chan bool, client *http.Client,
var r response
var params map[string]interface{}

for url := range rch {
select {
case <-ctx.Done():
default:
poc, err := poc.GetYamlFile("./poc/poc.yaml")
if err != nil {
fmt.Println(err)
colorOutput.Colorful.WithFrontColor("red").Println("[*] 读取yaml文件出错")
continue
}
for _, v := range poc.Poc_content {
var req *http.Request
var body io.Reader
var err error
if v.Rules.Rule0.Requests0.Method0 != "GET" && v.Rules.Rule0.Requests0.Method0 != "POST" {
continue
}
if v.Rules.Rule0.Requests0.Method0 == "GET" || v.Rules.Rule0.Requests0.Method0 == "POST" {
// allow_redirects := v.Rules.Rule.Requests.Allow_redirects
path := v.Rules.Rule0.Requests0.Path0
headers := v.Rules.Rule0.Requests0.Headers0
allowRedirect = v.Rules.Rule0.Requests0.Allow_redirects0
if v.Rules.Rule0.Requests0.Method0 == "GET" {
req, err = http.NewRequest("GET", url+path, nil)
} else {
body = bytes.NewReader([]byte(v.Rules.Rule0.Requests0.Body0))
req, err = http.NewRequest("POST", url+path, body)
}

if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println("[*] " + url + "http.NewRequest 请求错误,请检测网络是否可达!!!")
continue
}

// 设置请求头部信息
if headers.User_Agent0 != "" {
req.Header.Set("User-Agent", headers.User_Agent0)
}
if headers.Content_Type0 != "" {
req.Header.Set("Content-Type", headers.Content_Type0)
}
if headers.Cookie0 != "" {
cookie := &http.Cookie{
Name: "Cookie",
Value: headers.Cookie0,
}
req.AddCookie(cookie)
}
if headers.TestCMD0 != "" {
req.Header.Set("TestCmd", headers.TestCMD0)
}
} else {
continue
}

// 设置 client 的 CheckRedirect 字段
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
if !allowRedirect {
return http.ErrUseLastResponse
}
return nil
}

resp, err := client.Do(req)
if err != nil {
//colorOutput.Colorful.WithFrontColor("red").Println("[*] " + url + " client.Do请求错误,请检测网络是否可达!!!")
continue
}
defer resp.Body.Close()

respBody, err := io.ReadAll(resp.Body)
if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println("[*] io.ReadAll(resp.Body)出错!!!")
continue
}

matchers0 := v.Rules.Rule0.Matchers0
if matchers0 != "" && !strings.Contains(matchers0, "Set-Cookie") {
r = response{
Text: string(respBody),
StatusCode: resp.StatusCode,
}
params = map[string]interface{}{
"r.Text": r.Text,
"r.StatusCode": r.StatusCode,
}
result, err := evaluate(matchers0, params)
if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println(err)
continue
}

if result {
rs := "[+] " + url + " | 存在" + v.Info.Name
wch <- rs
} else {
continue
}
} else if strings.Contains(matchers0, "Set-Cookie") {
new_cookie := resp.Header.Get("Set-Cookie")
if v.Rules.Rule1.Requests1.Method1 == "GET" || v.Rules.Rule1.Requests1.Method1 == "POST" {
path1 := v.Rules.Rule1.Requests1.Path1
headers1 := v.Rules.Rule1.Requests1.Headers1
if v.Rules.Rule1.Requests1.Method1 == "GET" {
req, err = http.NewRequest("GET", url+path1, nil)
} else {
body = bytes.NewReader([]byte(v.Rules.Rule1.Requests1.Body1))
req, err = http.NewRequest("POST", url+path1, body)
}

if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println("[*] " + url + "http.NewRequest 请求错误,请检测网络是否可达!!!")
continue
}
if headers1.User_Agent1 != "" {
req.Header.Set("User-Agent", headers1.User_Agent1)
}
if headers1.Content_Type1 != "" {
req.Header.Set("Content-Type", headers1.Content_Type1)
}

req.Header.Set("Cookie", new_cookie)

if headers1.TestCMD1 != "" {
req.Header.Set("TestCmd", headers1.TestCMD1)
}
} else {
continue
}
// 设置 client 的 CheckRedirect 字段
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
if !allowRedirect {
return http.ErrUseLastResponse
}
return nil
}

resp1, err := client.Do(req)
if err != nil {
//colorOutput.Colorful.WithFrontColor("red").Println("[*] " + url + " client.Do请求错误,请检测网络是否可达!!!")
continue
}
defer resp1.Body.Close()

respBody1, err := io.ReadAll(resp1.Body)
if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println("[*] io.ReadAll(resp1.Body)出错!!!")
continue
}

matchers1 := v.Rules.Rule1.Matchers1
if matchers1 != "" {
r = response{
Text: string(respBody1),
StatusCode: resp1.StatusCode,
}
params = map[string]interface{}{
"r.Text": r.Text,
"r.StatusCode": r.StatusCode,
}
result, err := evaluate(matchers1, params)
if err != nil {
s := fmt.Sprintf("[*] %v/%v", url, err)
colorOutput.Colorful.WithFrontColor("blue").Println(s)
continue
}

if result {
rs := "[+] " + url + " | 存在" + v.Info.Name
wch <- rs
} else {
continue
}
}

} else {
if v.Rules.Rule1.Requests1.Method1 == "GET" || v.Rules.Rule1.Requests1.Method1 == "POST" {
path1 := v.Rules.Rule1.Requests1.Path1
headers1 := v.Rules.Rule1.Requests1.Headers1
if v.Rules.Rule1.Requests1.Method1 == "GET" {
req, err = http.NewRequest("GET", url+path1, nil)
} else {
body = bytes.NewReader([]byte(v.Rules.Rule1.Requests1.Body1))
req, err = http.NewRequest("POST", url+path1, body)
}

if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println("[*] " + url + "http.NewRequest 请求错误,请检测网络是否可达!!!")
continue
}
if headers1.User_Agent1 != "" {
req.Header.Set("User-Agent", headers1.User_Agent1)
}
if headers1.Content_Type1 != "" {
req.Header.Set("Content-Type", headers1.Content_Type1)
}

if headers1.Cookie1 != "" {
cookie := &http.Cookie{
Name: "Cookie",
Value: headers1.Cookie1,
}
req.AddCookie(cookie)
}

if headers1.TestCMD1 != "" {
req.Header.Set("TestCmd", headers1.TestCMD1)
}
} else {
continue
}
}
// 设置 client 的 CheckRedirect 字段
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
if !allowRedirect {
return http.ErrUseLastResponse
}
return nil
}

resp1, err := client.Do(req)
if err != nil {
//colorOutput.Colorful.WithFrontColor("red").Println("[*] " + url + " client.Do请求错误,请检测网络是否可达!!!")
continue
}
defer resp1.Body.Close()

respBody1, err := io.ReadAll(resp1.Body)
if err != nil {
colorOutput.Colorful.WithFrontColor("red").Println("[*] io.ReadAll(resp1.Body)出错!!!")
continue
}

matchers1 := v.Rules.Rule1.Matchers1
if matchers1 != "" {
r = response{
Text: string(respBody1),
StatusCode: resp1.StatusCode,
}
params = map[string]interface{}{
"r.Text": r.Text,
"r.StatusCode": r.StatusCode,
}
result, err := evaluate(matchers1, params)
if err != nil {
s := fmt.Sprintf("%v/%v", url, err)
colorOutput.Colorful.WithFrontColor("red").Println(s)
continue
}

if result {
rs := "[+] " + url + " | 存在" + v.Info.Name
wch <- rs
} else {
continue
}
}

}

}
}
bch <- true
}

func Start1(rch chan string, wch chan string, bch chan bool, client *http.Client, ctx context.Context, allowRedirect bool) {
var r response
var params map[string]interface{}

for url := range rch {
select {
case <-ctx.Done():
Expand Down Expand Up @@ -641,33 +372,6 @@ func PrintRS(ch chan string, ctx context.Context, rss *[]string) {
}
}

func containsAll(str string, slice []string) bool {
for _, item := range slice {
if !strings.Contains(str, item) {
return false
}
}
return true
}

func evaluateExpression(expr string, params map[string]interface{}) (bool, error) {
expression, err := govaluate.NewEvaluableExpression(expr)
if err != nil {
return false, err
}

result, err := expression.Evaluate(params)
if err != nil {
return false, err
}

evalResult, ok := result.(bool)
if !ok {
return false, fmt.Errorf("Expression does not evaluate to a boolean result")
}

return evalResult, nil
}

func evaluate(expr string, params map[string]interface{}) (bool, error) {
functions := map[string]govaluate.ExpressionFunction{
Expand Down
Loading

0 comments on commit d3c4e82

Please sign in to comment.