rule

package
v0.0.0-...-269099d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 30, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AffectContent          = "text"
	AffectDirectory        = "directory"
	AffectURL              = "url"
	AffectAppendParameter  = "appendparam"
	AffectReplaceParameter = "replaceparam"
	AffectServer           = "server"
	AffectScript           = "script"
)
View Source 
const (
	LoadMulti = "multi"
)

Variables

View Source 
var ControllerPool = sync.Pool{}
View Source 
var Handles map[string][]HandlerFunc
View Source 
var TaskChannel chan *TaskItem

Functions

func ExecExpressionHandle 

func ExecExpressionHandle(ctx controllerContext)

func ExecScriptHandle 

func ExecScriptHandle(ctx controllerContext)

func InitTaskChannel 

func InitTaskChannel()

func PutController 

func PutController(c *PocController)

func RunPlugins 

func RunPlugins(item *TaskItem)

并发测试

func RunPoc 

func RunPoc(inter interface{}, debug bool) (result *util.ScanResult, err error)

执行单个poc

func Setup 

func Setup()

func TaskConsumer 

func TaskConsumer()

func TaskProducer 

func TaskProducer(item *TaskItem)

func WriteTaskResult 

func WriteTaskResult(scanItem *ScanItem, result *util.ScanResult)

Types

type CelController 

type CelController struct {
	Env      *cel.Env               // cel env
	ParamMap map[string]interface{} // 注入到cel中的变量
}

func (*CelController) Evaluate 

func (cc *CelController) Evaluate(char string) (bool, error)

计算cel表达式

func (*CelController) Init 

func (cc *CelController) Init(poc *Poc) (err error)

初始化

func (*CelController) InitSet 

func (cc *CelController) InitSet(poc *Poc, newReq *proto.Request) (err error)

处理poc: set

func (*CelController) Reset 

func (cc *CelController) Reset()

type Detail 

type Detail struct {
	Author      string   `json:"author"`
	Links       []string `json:"links"`
	Description string   `json:"description"`
	Version     string   `json:"version"`
}

type HandlerFunc 

type HandlerFunc func(ctx controllerContext)

type Plugin 

type Plugin struct {
	VulId   string `gorm:"column:vul_id"`   // 漏洞编号
	Affects string `gorm:"column:affects"`  // 影响类型  dir/server/param/url/content
	JsonPoc *Poc   `gorm:"column:json_poc"` // json规则
	Enable  bool   `gorm:"column:enable"`   // 是否启用
}

func LoadDbPlugin 

func LoadDbPlugin(lodeType string, array []string) ([]Plugin, error)

从数据库 中加载 POC

type Poc 

type Poc struct {
	Params []string          `json:"params"`
	Name   string            `json:"name"`
	Set    yaml.MapSlice     `json:"set"`
	Rules  []Rule            `json:"rules"`
	Groups map[string][]Rule `json:"groups"`
	Detail Detail            `json:"detail"`
}

Rules 和 Groups 只能存在一个

func ParseJsonPoc 

func ParseJsonPoc(jsonByte []byte) (*Poc, error)

func ParseYamlPoc 

func ParseYamlPoc(yamlByte []byte) (*Poc, error)

type PocController 

type PocController struct {
	Plugin  *Plugin
	Request *RequestController
	CEL     *CelController
	Handles []HandlerFunc // 控制整个执行过程
	Index   int64         // 和middlefunc 配套

	ScriptResult *util.ScanResult
	Debug        bool
	Keys         map[string]interface{}
	// contains filtered or unexported fields
}

func InitPocController 

func InitPocController(req *RequestController, plugin *Plugin, cel *CelController, handles []HandlerFunc) *PocController

func NewController 

func NewController() *PocController

func (*PocController) Abort 

func (controller *PocController) Abort()

func (*PocController) AddMiddle 

func (controller *PocController) AddMiddle(handle HandlerFunc)

增加插件

func (*PocController) DoSingleRuleRequest 

func (controller *PocController) DoSingleRuleRequest(rule *Rule) (*proto.Response, error)

根据原始请求 + rule 生成并发起新的请求

func (*PocController) Get 

func (controller *PocController) Get(key string) (value interface{}, exists bool)

func (*PocController) GetOriginalReq 

func (controller *PocController) GetOriginalReq() *http.Request

func (*PocController) GetPoc 

func (controller *PocController) GetPoc() *Poc

func (*PocController) GetPocName 

func (controller *PocController) GetPocName() string

func (*PocController) GetString 

func (controller *PocController) GetString(key string) (s string)

func (*PocController) Groups 

func (controller *PocController) Groups(debug bool) (bool, error)

执行 groups

func (*PocController) IsAborted 

func (controller *PocController) IsAborted() bool

func (*PocController) IsDebug 

func (controller *PocController) IsDebug() bool

func (*PocController) Next 

func (controller *PocController) Next()

func (*PocController) Reset 

func (controller *PocController) Reset()

func (*PocController) Rules 

func (controller *PocController) Rules(rules []Rule, debug bool) (bool, error)

执行 rules

func (*PocController) Set 

func (controller *PocController) Set(key string, value interface{})

func (*PocController) SetResult 

func (controller *PocController) SetResult(result *util.ScanResult)

func (*PocController) SingleRule 

func (controller *PocController) SingleRule(rule *Rule, debug bool) (bool, error)

单个规则运行

type RequestController 

type RequestController struct {
	// 原始请求
	Original *http.Request
	// 经过变形的新请求
	New *proto.Request
	// 真正发起的请求:转为 fasthttp
	Fast *fasthttp.Request
	// post data
	Data []byte
	// 记录请求和响应报文列表
	Raw []*proto.Response
	// 原始请求的参数
	OriginalQueryParams string
}

poc运行期间的各类请求

func (*RequestController) Add 

func (rc *RequestController) Add(resp *proto.Response)

func (*RequestController) FixQueryParams 

func (rc *RequestController) FixQueryParams(field string, payload string, affects string) (err error)

func (*RequestController) Init 

func (rc *RequestController) Init(original *http.Request) (err error)

func (*RequestController) InitData 

func (rc *RequestController) InitData() (err error)

func (*RequestController) InitFast 

func (rc *RequestController) InitFast() (err error)

原始请求转为fasthttp

func (*RequestController) InitNew 

func (rc *RequestController) InitNew() (err error)

func (*RequestController) InitOriginal 

func (rc *RequestController) InitOriginal(original *http.Request)

func (*RequestController) InitOriginalQueryParams 

func (rc *RequestController) InitOriginalQueryParams() error

func (*RequestController) Reset 

func (rc *RequestController) Reset()

type Rule 

type Rule struct {
	Method          string            `json:"method"`
	Path            string            `json:"path"`
	Headers         map[string]string `json:"headers"`
	Body            string            `json:"body"`
	Search          string            `json:"search"`
	FollowRedirects bool              `json:"follow_redirects"`
	Expression      string            `json:"expression"`
}

单个规则

func (*Rule) ReplaceSearch 

func (rule *Rule) ReplaceSearch(resp *proto.Response, varMap map[string]interface{}) map[string]interface{}

search

func (*Rule) ReplaceSet 

func (rule *Rule) ReplaceSet(varMap map[string]interface{})

set

func (*Rule) Verify 

func (rule *Rule) Verify() error

校验rule格式

type ScanItem 

type ScanItem struct {
	OriginalReq *http.Request // 原始请求
	Plugin      *Plugin       // 检测插件
	Task        *db.Task      // 所属任务
}

func (*ScanItem) Verify 

func (item *ScanItem) Verify() error

type TaskItem 

type TaskItem struct {
	OriginalReq *http.Request // 原始请求
	Plugins     []Plugin      // 检测插件
	Task        *db.Task      // 所属任务
}

限制并发

func (*TaskItem) Verify 

func (item *TaskItem) Verify() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.