Documentation
¶
Index ¶
- Constants
- Variables
- func EnsureCuratedAndMyPocDirectories()
- func FindPocYamlById(pocId string) ([]byte, error)
- func GetPocVersionNumber() (string, error)
- func InitLocalAppendList(pathFolder []string)
- func InitLocalTestList(pathFolder []string)
- func InitPocHomeDirectory() (string, error)
- func LocalReadContentByName(name string) ([]byte, error)
- func LocalWalkFiles(folderPath string) ([]string, error)
- func SetEmbedPocFinder(finder EmbedPocFinderFunc)
- func TaskTimeoutDuration(p *Poc, fixedFallbackSec int) time.Duration
- type Classification
- type EmbedPocFinderFunc
- type Extractors
- type Info
- type MigrateReport
- type NetReadStep
- type NetStep
- type NetWriteStep
- type Payloads
- type Poc
- type PocMeta
- type Rule
- type RuleMap
- type RuleMapSlice
- type RuleRequest
- type TaskTimeoutEstimate
- type TaskTimeoutPolicy
- type WaitGroupTask
Constants ¶
View Source
const ( STOP_IF_FIRST_MATCH = "STOP_IF_FIRST_MATCH" STOP_IF_FIRST_MISMATCH = "STOP_IF_FIRST_MISMATCH" )
View Source
const ( HTTP_Type = "http" HTTPS_Type = "https" TCP_Type = "tcp" UDP_Type = "udp" SSL_Type = "ssl" GO_Type = "go" )
View Source
const DefaultLocalPocDirectory = "pocs"
Variables ¶
View Source
var ( LocalFileList []string LocalAppendList []string LocalTestList []string LocalCuratedList []string LocalMyList []string )
View Source
var LocalPocDirectory string
Functions ¶
func EnsureCuratedAndMyPocDirectories ¶ added in v3.2.2
func EnsureCuratedAndMyPocDirectories()
EnsureCuratedAndMyPocDirectories 启动时确保在用户家目录下创建 afrog-curated-pocs 和 afrog-my-pocs 两个目录(若不存在则创建)
func FindPocYamlById ¶ added in v3.2.0
func GetPocVersionNumber ¶
func InitLocalAppendList ¶
func InitLocalAppendList(pathFolder []string)
func InitLocalTestList ¶
func InitLocalTestList(pathFolder []string)
func InitPocHomeDirectory ¶
Initialize afrog-pocs directory @return pocsDir {{UserHomeDir}}/afrog-pocs
func LocalReadContentByName ¶
func LocalWalkFiles ¶
func SetEmbedPocFinder ¶ added in v3.2.0
func SetEmbedPocFinder(finder EmbedPocFinderFunc)
设置embed poc查找函数
Types ¶
type Classification ¶
type EmbedPocFinderFunc ¶ added in v3.2.0
FindPocYamlById 通过POC ID查找原始YAML内容 优先从embed POC中查找,然后从local POC中查找 添加函数类型定义用于回调
type Extractors ¶
type Info ¶
type Info struct {
Name string `yaml:"name"`
Author string `yaml:"author"`
Severity string `yaml:"severity"`
Verified bool `yaml:"verified"`
Description string `yaml:"description"`
Reference []string `yaml:"reference"`
Affected string `yaml:"affected"` // 影响版本
Solutions string `yaml:"solutions"` // 解决方案
Tags string `yaml:"tags"` // 标签
Requires []string `yaml:"requires"`
RequiresMode string `yaml:"requires-mode"`
Classification Classification `yaml:"classification"`
Created string `yaml:"created"` // create time
}
以下开始是 信息部分
type MigrateReport ¶ added in v3.3.9
func MigrateLegacyPocs ¶ added in v3.3.9
func MigrateLegacyPocs(root string) (MigrateReport, error)
type NetReadStep ¶ added in v3.3.5
type NetStep ¶ added in v3.3.5
type NetStep struct {
Read *NetReadStep `yaml:"read,omitempty"`
Write *NetWriteStep `yaml:"write,omitempty"`
}
type NetWriteStep ¶ added in v3.3.5
type Poc ¶
type Poc struct {
Id string `yaml:"id"` // 脚本名称
Transport string `yaml:"transport"` // 传输方式,该字段用于指定发送数据包的协议,该字段用于指定发送数据包的协议:①tcp ②udp ③http
Set yaml.MapSlice `yaml:"set"` // 全局变量定义,该字段用于定义全局变量。比如随机数,反连平台等
Payloads Payloads `yaml:"payloads"`
Rules RuleMapSlice `yaml:"rules"`
Expression string `yaml:"expression"`
Info Info `yaml:"info"`
Gopoc string `yaml:"gopoc"` // Gopoc 脚本名称
Extractors []Extractors `yaml:"extractors"`
EstimatedTaskTimeoutSec int `yaml:"-"`
EstimatedTaskTimeoutReason string `yaml:"-"`
}
func LocalReadPocByPath ¶
Read a poc yaml file from disk. `pocYaml` is a poc yaml file of absolute path.
func (*Poc) IsHTTPType ¶
type PocMeta ¶ added in v3.2.2
仅解析 POC 元数据,避免解析 rules 触发 RuleMapSlice 的 Unmarshal
func LocalReadPocMetaByPath ¶ added in v3.2.2
从本地路径读取 POC 元数据(不解析 rules)
type Rule ¶
type Rule struct {
Brute yaml.MapSlice `yaml:"brute"`
Request RuleRequest `yaml:"request"`
Expression string `yaml:"expression"`
Expressions []string `yaml:"expressions"`
Output yaml.MapSlice `yaml:"output"`
Extractors []Extractors `yaml:"extractors"`
StopIfMatch bool `yaml:"stop_if_match"`
StopIfMismatch bool `yaml:"stop_if_mismatch"`
BeforeSleep int `yaml:"before_sleep"`
// contains filtered or unexported fields
}
type RuleMapSlice ¶
type RuleMapSlice []RuleMap
用于帮助yaml解析,保证Rule有序
func (*RuleMapSlice) UnmarshalYAML ¶
func (m *RuleMapSlice) UnmarshalYAML(unmarshal func(any) error) error
type RuleRequest ¶
type RuleRequest struct {
Type string `yaml:"type"` // 传输方式,默认 http,可选:tcp,udp,ssl,go 等任意扩展
Host string `yaml:"host"` // tcp/udp 请求的主机名
Port int `yaml:"port"` // tcp/udp 端口(可选,优先级低于 host 中显式端口)
Data string `yaml:"data"` // tcp/udp 发送的内容
DataType string `yaml:"data-type"` // tcp/udp 发送的数据类型,默认字符串
ReadSize int `yaml:"read-size"` // tcp/udp 读取内容的长度
ReadTimeout int `yaml:"read-timeout"` // tcp/udp专用
Steps []NetStep `yaml:"steps"`
Raw string `yaml:"raw"` // raw 专用
Method string `yaml:"method"`
Path string `yaml:"path"`
Headers map[string]string `yaml:"headers"`
Body string `yaml:"body"`
FollowRedirects bool `yaml:"follow_redirects"`
}
http/tcp/udp cache 是否使用缓存的请求,如果该选项为 true,那么如果在一次探测中其它脚本对相同目标发送过相同请求,那么便使用之前缓存的响应,而不发新的数据包 content 用于tcp/udp请求,请求内容,比如:content: "request" read_timeout 用于tcp/udp请求,发送请求之后的读取超时时间(注 实际是一个 int, 但是为了能够变量渲染,设置为 string)
type TaskTimeoutEstimate ¶ added in v3.5.3
func EstimateTaskTimeout ¶ added in v3.5.3
func EstimateTaskTimeout(p Poc, policy TaskTimeoutPolicy) TaskTimeoutEstimate
type TaskTimeoutPolicy ¶ added in v3.5.3
type WaitGroupTask ¶
Source Files
Click to show internal directories.
Click to hide internal directories.