admin/PrivHunterAI
1
0
Fork 0
mirror of https://github.com/Ed1s0nZ/PrivHunterAI.git synced 2025-05-08 11:37:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
PrivHunterAI/tools.go

118 lines
3.1 KiB
Go
Raw Normal View History

Create tools.go
2025-02-25 15:40:03 +08:00
package main
import (
"fmt"
"regexp"
"strings"
)
const (
colorRed = "\033[31m"
colorGreen = "\033[32m"
colorYellow = "\033[33m"
colorReset = "\033[0m"
colorBlue = "\033[34m" // 蓝色:白名单接口
colorCyan = "\033[36m"
)
// 输出
func PrintYuequan(yuequan string, method string, url string, reason string) string {
switch yuequan {
case "true":
Update tools.go
2025-02-25 17:59:24 +08:00
return fmt.Sprintf("%s[+] %s %s %s %s 原因:%s %s%s%s\n", colorRed, colorReset, method, url, colorCyan, reason, colorRed, "[可能存在越权/未授权漏洞]", colorReset)
Create tools.go
2025-02-25 15:40:03 +08:00
case "false":
Update tools.go
2025-02-25 17:59:24 +08:00
return fmt.Sprintf("%s[-] %s %s %s %s 原因:%s %s%s%s\n", colorGreen, colorReset, method, url, colorCyan, reason, colorGreen, "[不存在越权/未授权漏洞]", colorReset)
Create tools.go
2025-02-25 15:40:03 +08:00
case "unknown":
return fmt.Sprintf("%s[*] %s %s %s %s 原因:%s %s%s%s\n", colorYellow, colorReset, method, url, colorCyan, reason, colorYellow, "[不确定是否存在漏洞]", colorReset)
default:
Update tools.go
2025-02-25 17:59:24 +08:00
return fmt.Sprintf("%s[-] %s %s %s %s 原因:%s %s%s%s\n", colorBlue, colorReset, method, url, colorCyan, reason, colorBlue, "[未进行扫描]", colorReset)
Create tools.go
2025-02-25 15:40:03 +08:00
}
}
// 解析数据的函数
func parseResponse(data string) (string, error) {
var jsonData string
// 检查数据是否包含 Markdown 代码块
if strings.Contains(data, "```json") {
// 使用正则表达式提取 JSON 数据
re := regexp.MustCompile("(?s)```json\\s*(\\{.*?\\})\\s*```")
matches := re.FindStringSubmatch(data)
if len(matches) < 2 {
return "", fmt.Errorf("未找到 JSON 数据")
}
jsonData = matches[1] // 提取 JSON 数据
} else {
// 数据是普通 JSON 格式
jsonData = data
}
return jsonData, nil
}
func isNotSuffix(s string, suffixes []string) bool {
for _, suffix := range suffixes {
if strings.HasSuffix(s, suffix) {
return false
}
}
return true
}
// 扫描白名单
func containsString(target string, slice []string) bool {
for _, s := range slice {
if strings.Contains(strings.ToLower(target), strings.ToLower(s)) {
// log.Println(target)
return true
}
}
return false
}
Update tools.go
2025-02-26 12:47:47 +08:00
// 字符串大于600 会被截断
func TruncateString(s string) string {
// 将字符串转换为 rune 切片
runeSlice := []rune(s)
// 获取 rune 切片的长度
length := len(runeSlice)
// 如果长度小于或等于600 runes直接返回原字符串
if length <= 600 {
return s
}
// 截取前300 runes 和后300 runes
start := runeSlice[:300]
end := runeSlice[length-300:]
// 将截取的部分和省略号拼接起来
return fmt.Sprintf("%s...%s", string(start), string(end))
}
Update tools.go
2025-03-03 11:26:46 +08:00
// 扫描接口白名单、匹配相应包关键字
func MatchString(keywords []string, str string) bool {
switch len(keywords) {
case 0:
return false
case 1:
return strings.Contains(str, keywords[0])
default:
pattern := GeneratePattern(keywords)
matched, err := regexp.MatchString(pattern, str)
if err != nil {
panic(err)
}
return matched
}
}
func GeneratePattern(keywords []string) string {
var pattern strings.Builder
pattern.WriteString("(")
pattern.WriteString(strings.Join(keywords, "|"))
pattern.WriteString(")")
return pattern.String()
}
Reference in New Issue Copy Permalink