Documentation ¶
Index ¶
- Variables
- func BytesToInt(b []byte) (r int, err error)
- func CheckSmbCve20200796(args *ScriptScanArgs) (*util.ScanResult, error)
- func ConstructUrl(args *ScriptScanArgs, uri string) string
- func CreateOpenSSLHeartBleed(version *openSSLVersion) []byte
- func CreateOpenSSLHello(version *openSSLVersion) []byte
- func DedecmsBakeUpFileFound(args *ScriptScanArgs) (*util.ScanResult, error)
- func EcshopAnyoneLoginVul(args *ScriptScanArgs) (*util.ScanResult, error)
- func ElasticSearchPathTraversal(args *ScriptScanArgs) (*util.ScanResult, error)
- func EncodeRememberme(reverseUrl, key string) string
- func EximOffByOneRCE(args *ScriptScanArgs) (*util.ScanResult, error)
- func EximUaf(args *ScriptScanArgs) (*util.ScanResult, error)
- func FastCGIFileRead(args *ScriptScanArgs) (*util.ScanResult, error)
- func FtpUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
- func GetRandomString(length int) string
- func JBossAdminConsoleWeakPass(args *ScriptScanArgs) (*util.ScanResult, error)
- func JBossInvokerServletRemoteCodeExec(args *ScriptScanArgs) (*util.ScanResult, error)
- func JBossJavaSerializationVul(args *ScriptScanArgs) (*util.ScanResult, error)
- func JoomlaSerialization(args *ScriptScanArgs) (*util.ScanResult, error)
- func MD5(text string) string
- func MS15034(args *ScriptScanArgs) (*util.ScanResult, error)
- func MemcachedUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
- func MongoDBUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
- func OpenSSLHeartbleedVul(args *ScriptScanArgs) (*util.ScanResult, error)
- func OpenSSLRecvMessage(conn net.Conn) (typ int, ver int, body []byte)
- func PKCS7Padding(origData []byte, blockSize int) []byte
- func RedisUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
- func RedisWeakPass(args *ScriptScanArgs) (*util.ScanResult, error)
- func RsyncAnonymousAccess(args *ScriptScanArgs) (*util.ScanResult, error)
- func ScriptRegister(pocName string, handler ScriptScanFunc)
- func ShiroJavaUnserilize(args *ScriptScanArgs) (*util.ScanResult, error)
- func TomcatWeakPass(args *ScriptScanArgs) (*util.ScanResult, error)
- func ZookeeperUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
- type ScriptScanArgs
- type ScriptScanFunc
Constants ¶
This section is empty.
Variables ¶
View Source
var ShiroKeys = []string{
"kPH+bIxk5D2deZiIxcaaaA==",
"Z3VucwAAAAAAAAAAAAAAAA==",
"4AvVhmFLUs0KTA3Kprsdag==",
"3AvVhmFLUs0KTA3Kprsdag==",
"2AvVhdsgUs0FSA3SDFAdag==",
"U3ByaW5nQmxhZGUAAAAAAA==",
"wGiHplamyXlVB11UXWol8g==",
"6ZmI6I2j5Y+R5aSn5ZOlAA==",
}
Functions ¶
func BytesToInt ¶
[]byte 转int BytesToInt([]byte{0,0,3,232}) //1000
func CheckSmbCve20200796 ¶
func CheckSmbCve20200796(args *ScriptScanArgs) (*util.ScanResult, error)
func ConstructUrl ¶
func ConstructUrl(args *ScriptScanArgs, uri string) string
func CreateOpenSSLHeartBleed ¶
func CreateOpenSSLHeartBleed(version *openSSLVersion) []byte
func CreateOpenSSLHello ¶
func CreateOpenSSLHello(version *openSSLVersion) []byte
func DedecmsBakeUpFileFound ¶
func DedecmsBakeUpFileFound(args *ScriptScanArgs) (*util.ScanResult, error)
func EcshopAnyoneLoginVul ¶
func EcshopAnyoneLoginVul(args *ScriptScanArgs) (*util.ScanResult, error)
EcshopAnyoneLoginVul ecshop 任意登录
func ElasticSearchPathTraversal ¶
func ElasticSearchPathTraversal(args *ScriptScanArgs) (*util.ScanResult, error)
ES路径遍历
func EncodeRememberme ¶
func EximOffByOneRCE ¶
func EximOffByOneRCE(args *ScriptScanArgs) (*util.ScanResult, error)
exim远程调用
func FastCGIFileRead ¶
func FastCGIFileRead(args *ScriptScanArgs) (*util.ScanResult, error)
FastCGIFileRead fast cgi 文件读取
func FtpUnauthority ¶
func FtpUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
FtpUnauthority Ftp 未授权
func JBossAdminConsoleWeakPass ¶
func JBossAdminConsoleWeakPass(args *ScriptScanArgs) (*util.ScanResult, error)
JBossAdminConsoleWeakPass jboss 管理控制台弱口令
func JBossInvokerServletRemoteCodeExec ¶
func JBossInvokerServletRemoteCodeExec(args *ScriptScanArgs) (*util.ScanResult, error)
JBossInvokerServletRemoteCodeExec jboss 远程执行
func JBossJavaSerializationVul ¶
func JBossJavaSerializationVul(args *ScriptScanArgs) (*util.ScanResult, error)
JBossJavaSerializationVul jboss 序列化
func JoomlaSerialization ¶
func JoomlaSerialization(args *ScriptScanArgs) (*util.ScanResult, error)
JoomlaSerialization joomla 序列化执行
func MemcachedUnauthority ¶
func MemcachedUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
MemcachedUnauthority memcached 未授权
func MongoDBUnauthority ¶
func MongoDBUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
MongoDBUnauthority MongoDB 未授权
func OpenSSLHeartbleedVul ¶
func OpenSSLHeartbleedVul(args *ScriptScanArgs) (*util.ScanResult, error)
OpenSSLHeartbleedVul openssl heartbleed
func PKCS7Padding ¶
func RedisUnauthority ¶
func RedisUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
RedisUnauthority redis 未授权 Poc
func RedisWeakPass ¶
func RedisWeakPass(args *ScriptScanArgs) (*util.ScanResult, error)
RedisWeakPass redis 弱密码
func RsyncAnonymousAccess ¶
func RsyncAnonymousAccess(args *ScriptScanArgs) (*util.ScanResult, error)
RsyncAnonymousAccess rsync 匿名访问
func ScriptRegister ¶
func ScriptRegister(pocName string, handler ScriptScanFunc)
func ShiroJavaUnserilize ¶
func ShiroJavaUnserilize(args *ScriptScanArgs) (*util.ScanResult, error)
Shiro反序列化漏洞
func TomcatWeakPass ¶
func TomcatWeakPass(args *ScriptScanArgs) (*util.ScanResult, error)
tomcat 弱口令
func ZookeeperUnauthority ¶
func ZookeeperUnauthority(args *ScriptScanArgs) (*util.ScanResult, error)
ZookeeperUnauthority zookeeper 未授权
Types ¶
type ScriptScanArgs ¶
type ScriptScanFunc ¶
type ScriptScanFunc func(args *ScriptScanArgs) (*util.ScanResult, error)
func GetScriptFunc ¶
func GetScriptFunc(pocName string) ScriptScanFunc
GetScriptFunc 返回 pocName 对应的方法
Source Files ¶
- poc-go-CVE-2020-17518.go
- poc-go-dedecms-bakfile-disclosure.go
- poc-go-ecshop-anyone-login.go
- poc-go-elasticsearch-path-traversal.go
- poc-go-exim-cve-2017-16943-uaf.go
- poc-go-exim-cve-2019-15846-rce.go
- poc-go-fastcgi-file-read.go
- poc-go-ftp-unauth.go
- poc-go-iis-ms15034.go
- poc-go-jboss-console-weakpwd.go
- poc-go-jboss-invoker-servlet-rce.go
- poc-go-jboss-serialization.go
- poc-go-joomla-serialization.go
- poc-go-memcached-unauth.go
- poc-go-mongo-unauth.go
- poc-go-openssl-heartbleed.go
- poc-go-redis-unauth.go
- poc-go-redis-weakpass.go
- poc-go-rsync-anonymous.go
- poc-go-shiro-unserialize-550.go
- poc-go-smb-cve-2020-0796.go
- poc-go-smb-ms17-010.go
- poc-go-tomcat-weak-pass.go
- poc-go-zookeeper-unauth.go
- scripts.go
Click to show internal directories.
Click to hide internal directories.