poc

package
v1.3.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 18, 2022 License: MIT Imports: 5 Imported by: 11

Documentation

Index

Constants

View Source 
const (
	STOP_IF_FIRST_MATCH    = "STOP_IF_FIRST_MATCH"
	STOP_IF_FIRST_MISMATCH = "STOP_IF_FIRST_MISMATCH"
)

Variables

This section is empty.

Functions

func GetPocPath 

func GetPocPath() string

func GetPocVersionNumber added in v1.2.2 

func GetPocVersionNumber() (string, error)

func InitPocHomeDirectory 

func InitPocHomeDirectory() (string, error)

Initialize afrog-pocs directory @return pocsDir {{UserHomeDir}}/afrog-pocs

Types

type Classification 

type Classification struct {
	CvssMetrics string  `yaml:"cvss-metrics"`
	CvssScore   float64 `yaml:"cvss-score"`
	CveId       string  `yaml:"cve-id"`
	CweId       string  `yaml:"cwe-id"`
}

type Info 

type Info struct {
	Name           string         `yaml:"name"`
	Author         string         `yaml:"author"`
	Severity       string         `yaml:"severity"`
	Description    string         `yaml:"description"`
	Reference      []string       `yaml:"reference"`
	Tags           string         `yaml:"tags"`
	Classification Classification `yaml:"classification"`
}

以下开始是 信息部分

type Payloads 

type Payloads struct {
	Continue bool          `yaml:"continue"`
	Payloads yaml.MapSlice `yaml:"payloads"`
}

TODO REMARK

type Poc 

type Poc struct {
	Id         string        `yaml:"id"`        //  脚本名称
	Transport  string        `yaml:"transport"` // 传输方式,该字段用于指定发送数据包的协议,该字段用于指定发送数据包的协议:①tcp ②udp ③http
	Set        yaml.MapSlice `yaml:"set"`       // 全局变量定义,该字段用于定义全局变量。比如随机数,反连平台等
	Payloads   Payloads      `yaml:"payloads"`
	Rules      RuleMapSlice  `yaml:"rules"`
	Expression string        `yaml:"expression"`
	Info       Info          `yaml:"info"`
	Gopoc      string        `yaml:"gopoc"` // Gopoc 脚本名称
}

func ReadPocs 

func ReadPocs(pocYaml string) (Poc, error)

Read a poc yaml file from disk. `pocYaml` is a poc yaml file of absolute path.

func (*Poc) Reset added in v1.1.0 

func (poc *Poc) Reset()

type Rule 

type Rule struct {
	Request        RuleRequest   `yaml:"request"`
	Expression     string        `yaml:"expression"`
	Output         yaml.MapSlice `yaml:"output"`
	StopIfMatch    bool          `yaml:"stop_if_match"`
	StopIfMismatch bool          `yaml:"stop_if_mismatch"`
	BeforeSleep    int           `yaml:"before_sleep"`
	// contains filtered or unexported fields
}

func (*Rule) UnmarshalYAML 

func (r *Rule) UnmarshalYAML(unmarshal func(any) error) error

type RuleMap 

type RuleMap struct {
	Key   string
	Value Rule
}

用于帮助yaml解析,保证Rule有序

type RuleMapSlice 

type RuleMapSlice []RuleMap

用于帮助yaml解析,保证Rule有序

func (*RuleMapSlice) UnmarshalYAML 

func (m *RuleMapSlice) UnmarshalYAML(unmarshal func(any) error) error

type RuleRequest 

type RuleRequest struct {
	Content         string            `yaml:"content"`       // tcp/udp专用
	ReadTimeout     string            `yaml:"read_timeout"`  // tcp/udp专用
	ConnectionId    string            `yaml:"connection_id"` // tcp/udp专用
	Raw             string            `yaml:"raw"`           // raw 专用
	Method          string            `yaml:"method"`
	Path            string            `yaml:"path"`
	Headers         map[string]string `yaml:"headers"`
	Body            string            `yaml:"body"`
	FollowRedirects bool              `yaml:"follow_redirects"`
}

http/tcp/udp cache 是否使用缓存的请求,如果该选项为 true,那么如果在一次探测中其它脚本对相同目标发送过相同请求,那么便使用之前缓存的响应,而不发新的数据包 content 用于tcp/udp请求,请求内容,比如:content: "request" read_timeout 用于tcp/udp请求,发送请求之后的读取超时时间(注 实际是一个 int, 但是为了能够变量渲染,设置为 string) connection_id 用于tcp/udp请求,连接 id ,同一个连接 id 复用连接(注 不允许用0; cache 为 true 的时候可能会导致请求不会发送,所以如果有特殊需求记得 cache: false)

type WaitGroupTask added in v1.3.7 

type WaitGroupTask struct {
	Key   int
	Value any
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.