登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
开源项目 > 程序开发 > 安全开发相关 &&
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
2 Star 23 Fork 9

zan8in / afrog

代码 Issues 1 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
afrog.go 7.00 KB
一键复制 编辑 原始数据 按行查看 历史
zan8in 提交于 2024-03-16 11:15 . update afrog.go
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299
package afrog



import (

	"fmt"

	"os"

	"strings"

	"sync"

	"sync/atomic"

	"time"



	"github.com/zan8in/afrog/v3/pkg/config"

	"github.com/zan8in/afrog/v3/pkg/result"

	"github.com/zan8in/afrog/v3/pkg/runner"

	"github.com/zan8in/afrog/v3/pkg/utils"

	"github.com/zan8in/goflags"

	"github.com/zan8in/gologger"

)



type Scanner config.Options



func NewScanner(target []string, opt Scanner) error {



	s := &Scanner{}



	s.Target = target

	s.TargetsFile = opt.WithTargetsFile()

	s.PocFile = opt.WithPocFile()

	s.Output = opt.WithOutput()

	s.Json = opt.WithJson()

	s.JsonAll = opt.WithJsonAll()

	s.Search = opt.WithSearch()

	s.Silent = opt.WithSilent()

	s.Severity = opt.WithSeverity()

	s.Update = opt.WithUpdate()

	s.DisableUpdateCheck = opt.WithDisableUpdateCheck()

	s.MonitorTargets = opt.WithMonitorTargets()

	s.RateLimit = opt.WithRateLimit()

	s.Concurrency = opt.WithConcurrency()

	s.Retries = opt.WithRetries()

	s.MaxHostError = opt.WithMaxHostError()

	s.Timeout = opt.WithTimeout()

	s.Proxy = opt.WithProxy()

	s.MaxRespBodySize = opt.WithMaxRespBodySize()

	s.DisableOutputHtml = opt.WithDisableOutputHtml()

	s.ReverseConcurrency = opt.WithReverseConcurrency()

	s.ReverseRateLimit = opt.WithReverseRateLimit()

	s.Smart = opt.WithSmart()

	s.PocExecutionDurationMonitor = opt.WithPocExecutionDurationMonitor()

	s.VulnerabilityScannerBreakpoint = opt.WithVulnerabilityScannerBreakpoint()

	s.AppendPoc = opt.WithAppendPoc()

	s.ConfigFile = opt.WithConfigFile()



	options := &config.Options{

		Target:                         s.Target,

		TargetsFile:                    s.TargetsFile,

		PocFile:                        s.PocFile,

		Output:                         s.Output,

		Json:                           s.Json,

		JsonAll:                        s.JsonAll,

		Search:                         s.Search,

		Silent:                         s.Silent,

		Severity:                       s.Severity,

		Update:                         s.Update,

		DisableUpdateCheck:             s.DisableUpdateCheck,

		MonitorTargets:                 s.MonitorTargets,

		RateLimit:                      s.RateLimit,

		Concurrency:                    s.Concurrency,

		Retries:                        s.Retries,

		MaxHostError:                   s.MaxHostError,

		Timeout:                        s.Timeout,

		Proxy:                          s.Proxy,

		MaxRespBodySize:                s.MaxRespBodySize,

		DisableOutputHtml:              s.DisableOutputHtml,

		ReverseRateLimit:               s.ReverseRateLimit,

		ReverseConcurrency:             s.ReverseConcurrency,

		Smart:                          s.Smart,

		PocExecutionDurationMonitor:    s.PocExecutionDurationMonitor,

		VulnerabilityScannerBreakpoint: s.VulnerabilityScannerBreakpoint,

		AppendPoc:                      s.AppendPoc,

		ConfigFile:                     s.ConfigFile,

	}



	config, err := config.NewConfig(options.ConfigFile)

	if err != nil {

		gologger.Error().Msg(err.Error())

		os.Exit(0)

	}



	options.Config = config



	if err := options.VerifyOptions(); err != nil {

		return err

	}



	r, err := runner.NewRunner(options)

	if err != nil {

		gologger.Error().Msgf("Could not create runner: %s\n", err)

		os.Exit(0)

	}



	var (

		lock      = sync.Mutex{}

		starttime = time.Now()

		number    uint32

	)

	r.OnResult = func(result *result.Result) {



		if !options.Silent {

			defer func() {

				atomic.AddUint32(&options.CurrentCount, 1)

				if !options.Silent {

					fmt.Printf("\r%d%% (%d/%d), %s", int(options.CurrentCount)*100/int(options.Count), options.CurrentCount, options.Count, strings.Split(time.Since(starttime).String(), ".")[0]+"s")

					// fmt.Printf("\r%d/%d/%d%%/%s", options.CurrentCount, options.Count, int(options.CurrentCount)*100/int(options.Count), strings.Split(time.Since(starttime).String(), ".")[0]+"s")

				}

			}()

		}



		if result.IsVul {

			lock.Lock()



			atomic.AddUint32(&number, 1)

			result.PrintColorResultInfoConsole(utils.GetNumberText(int(number)))



			if !options.DisableOutputHtml {

				r.Report.SetResult(result)

				r.Report.Append(utils.GetNumberText(int(number)))

			}



			if len(options.Json) > 0 || len(options.JsonAll) > 0 {

				r.JsonReport.SetResult(result)

				r.JsonReport.Append()

			}



			if options.VulnerabilityScannerBreakpoint {

				os.Exit(0)

			}



			lock.Unlock()

		}



	}



	if err := r.Run(); err != nil {

		gologger.Error().Msgf("runner run err: %s\n", err)

		os.Exit(0)

	}



	if len(options.Json) > 0 || len(options.JsonAll) > 0 {

		if err := r.JsonReport.AppendEndOfFile(); err != nil {

			gologger.Error().Msgf("json or json-all output err: %s\n", err)

			os.Exit(0)

		}

	}



	time.Sleep(time.Second * 3)

	gologger.Print().Msg("")



	return nil

}



func (s *Scanner) WithTargetsFile() string {

	if len(s.TargetsFile) > 0 {

		return s.TargetsFile

	}

	return ""

}



func (s *Scanner) WithPocFile() string {

	if len(s.PocFile) > 0 {

		return s.PocFile

	}

	return ""

}



func (s *Scanner) WithOutput() string {

	if len(s.Output) > 0 {

		return s.Output

	}

	return ""

}



func (s *Scanner) WithJson() string {

	if len(s.Json) > 0 {

		return s.Json

	}

	return ""

}

func (s *Scanner) WithJsonAll() string {

	if len(s.JsonAll) > 0 {

		return s.JsonAll

	}

	return ""

}

func (s *Scanner) WithSearch() string {

	if len(s.Search) > 0 {

		return s.Search

	}

	return ""

}



func (s *Scanner) WithSilent() bool {

	return s.Silent

}



func (s *Scanner) WithSeverity() string {

	if len(s.Severity) > 0 {

		return s.Severity

	}

	return ""

}



func (s *Scanner) WithUpdate() bool {

	return s.Update

}

func (s *Scanner) WithDisableUpdateCheck() bool {

	return s.DisableUpdateCheck

}

func (s *Scanner) WithMonitorTargets() bool {

	return s.MonitorTargets

}



func (s *Scanner) WithRateLimit() int {

	if s.RateLimit > 0 {

		return s.RateLimit

	}

	return 150

}

func (s *Scanner) WithConcurrency() int {

	if s.Concurrency > 0 {

		return s.Concurrency

	}

	return 25

}

func (s *Scanner) WithRetries() int {

	if s.Retries > 0 {

		return s.Retries

	}

	return 1

}

func (s *Scanner) WithMaxHostError() int {

	if s.MaxHostError > 0 {

		return s.MaxHostError

	}

	return 3

}

func (s *Scanner) WithTimeout() int {

	if s.Timeout > 0 {

		return s.Timeout

	}

	return 10

}

func (s *Scanner) WithProxy() string {

	if len(s.Proxy) > 0 {

		return s.Proxy

	}

	return ""

}

func (s *Scanner) WithMaxRespBodySize() int {

	if s.MaxRespBodySize > 0 {

		return s.MaxRespBodySize

	}

	return 2

}

func (s *Scanner) WithDisableOutputHtml() bool {

	return s.DisableOutputHtml

}

func (s *Scanner) WithReverseRateLimit() int {

	if s.ReverseRateLimit > 0 {

		return s.ReverseRateLimit

	}

	return 50

}

func (s *Scanner) WithReverseConcurrency() int {

	if s.ReverseConcurrency > 0 {

		return s.ReverseConcurrency

	}

	return 20

}

func (s *Scanner) WithSmart() bool {

	return s.Smart

}

func (s *Scanner) WithPocExecutionDurationMonitor() bool {

	return s.PocExecutionDurationMonitor

}

func (s *Scanner) WithVulnerabilityScannerBreakpoint() bool {

	return s.VulnerabilityScannerBreakpoint

}

func (s *Scanner) WithAppendPoc() goflags.StringSlice {

	if len(s.AppendPoc) > 0 {

		return s.AppendPoc

	}

	return goflags.StringSlice{}

}

func (s *Scanner) WithConfigFile() string {

	if len(s.ConfigFile) > 0 {

		return s.ConfigFile

	}

	return ""

}
Go
1
https://gitee.com/zanbin/afrog.git
git@gitee.com:zanbin/afrog.git
zanbin
afrog
afrog
main
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部