From 30df6b651fa2ea72e9d5bc015137a01f0fd6d5b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BD=B1=E8=88=9E=E8=80=85?= Date: Wed, 6 Jul 2022 21:42:00 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8A=A0=E5=85=A5=E6=89=8B=E5=B7=A5gc=E5=9B=9E?= =?UTF-8?q?=E6=94=B6,=E5=B0=9D=E8=AF=95=E8=8A=82=E7=9C=81=E6=97=A0?= =?UTF-8?q?=E7=94=A8=E5=86=85=E5=AD=98=E3=80=82=20-url=20=E6=94=AF?= =?UTF-8?q?=E6=8C=81=E9=80=97=E5=8F=B7=E9=9A=94=E5=BC=80=E3=80=82=20?= =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E4=B8=80=E4=B8=AApoc=E6=A8=A1=E5=9D=97bug?= =?UTF-8?q?=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Plugins/ms17010-exp.go | 5 ----- Plugins/scanner.go | 10 ++-------- WebScan/lib/check.go | 1 - WebScan/lib/eval.go | 2 +- common/Parse.go | 12 ++++++++++++ common/config.go | 2 +- common/flag.go | 10 ++++++++++ 7 files changed, 26 insertions(+), 16 deletions(-) diff --git a/Plugins/ms17010-exp.go b/Plugins/ms17010-exp.go index 3803d2e6..ca939ec4 100644 --- a/Plugins/ms17010-exp.go +++ b/Plugins/ms17010-exp.go @@ -171,11 +171,6 @@ func exploit(address string, grooms int, payload []byte) error { func makeKernelUserPayload(sc []byte) []byte { // test DoublePulsar - // sc, err := ioutil.ReadFile("sc.bin") - // if err != nil { - // panic(err) - // } - // return sc buf := bytes.Buffer{} buf.Write(loader[:]) // write sc size diff --git a/Plugins/scanner.go b/Plugins/scanner.go index 8cd7fc19..01c7cbf3 100644 --- a/Plugins/scanner.go +++ b/Plugins/scanner.go @@ -72,16 +72,10 @@ func Scan(info common.HostInfo) { } } } - if common.URL != "" { - info.Url = common.URL + for _, url := range common.Urls { + info.Url = url AddScan("1000003", info, ch, &wg) } - if len(common.Urls) > 0 { - for _, url := range common.Urls { - info.Url = url - AddScan("1000003", info, ch, &wg) - } - } wg.Wait() common.LogWG.Wait() close(common.Results) diff --git a/WebScan/lib/check.go b/WebScan/lib/check.go index 3bf4ebef..52b82e7a 100644 --- a/WebScan/lib/check.go +++ b/WebScan/lib/check.go @@ -132,7 +132,6 @@ func executePoc(oReq *http.Request, p *Poc) (bool, error, string) { //fmt.Println("[-] newRequest error: ",err) return false, err } - newRequest.URL.Path = req.Url.Path newRequest.Header = oReq.Header.Clone() for k, v := range Headers { newRequest.Header.Set(k, v) diff --git a/WebScan/lib/eval.go b/WebScan/lib/eval.go index d7f6c3dc..867e62e6 100644 --- a/WebScan/lib/eval.go +++ b/WebScan/lib/eval.go @@ -605,7 +605,7 @@ func DoRequest(req *http.Request, redirect bool) (*Response, error) { defer oResp.Body.Close() resp, err := ParseResponse(oResp) if err != nil { - fmt.Println("[-]ParseResponse error: ", err) + common.LogError("[-]ParseResponse error: " + err.Error()) return nil, err } return resp, err diff --git a/common/Parse.go b/common/Parse.go index 6cd26353..5b554f8e 100644 --- a/common/Parse.go +++ b/common/Parse.go @@ -66,6 +66,18 @@ func ParsePass(Info *HostInfo) { Passwords = PwdList } } + if URL != "" { + urls := strings.Split(URL, ",") + TmpUrls := make(map[string]struct{}) + for _, url := range urls { + if _, ok := TmpUrls[url]; !ok { + TmpUrls[url] = struct{}{} + if url != "" { + Urls = append(Urls, url) + } + } + } + } if UrlFile != "" { urls, err := Readfile(UrlFile) if err == nil { diff --git a/common/config.go b/common/config.go index 233db358..9be724fe 100644 --- a/common/config.go +++ b/common/config.go @@ -1,6 +1,6 @@ package common -var version = "1.8.0" +var version = "1.8.1" var Userdict = map[string][]string{ "ftp": {"ftp", "admin", "www", "web", "root", "db", "wwwroot", "data"}, "mysql": {"root", "mysql"}, diff --git a/common/flag.go b/common/flag.go index 4923614f..a2bb63fb 100644 --- a/common/flag.go +++ b/common/flag.go @@ -4,6 +4,16 @@ import ( "flag" ) +func init() { + go func() { + for { + runtime.GC() + debug.FreeOSMemory() + time.Sleep(10 * time.Second) + } + }() +} + func Banner() { banner := ` ___ _