admin/spray
1
0
Fork 0
mirror of https://github.com/chainreactors/spray.git synced 2025-11-05 10:27:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix fingerprinthub and fingers match bug

Browse Source
This commit is contained in:
M09Ic 2024-02-20 21:09:00 +08:00
parent b9e970eb91
commit 88dc9fe7cd
4 changed files with 53 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
go.sum
View File

@ -21,14 +21,12 @@ github.com/chainreactors/logs v0.0.0-20240207121836-c946f072f81f/go.mod h1:6Mv6W
github.com/chainreactors/neutron v0.0.0-20231221064706-fd6aaac9c50b/go.mod h1:Q6xCl+KaPtCDIziAHegFxdHOvg6DgpA6hcUWRnQKDPk= github.com/chainreactors/neutron v0.0.0-20231221064706-fd6aaac9c50b/go.mod h1:Q6xCl+KaPtCDIziAHegFxdHOvg6DgpA6hcUWRnQKDPk=
github.com/chainreactors/parsers v0.0.0-20231218072716-fb441aff745f/go.mod h1:ZHEkgxKf9DXoley2LUjdJkiSw08MC3vcJTxfqwYt2LU= github.com/chainreactors/parsers v0.0.0-20231218072716-fb441aff745f/go.mod h1:ZHEkgxKf9DXoley2LUjdJkiSw08MC3vcJTxfqwYt2LU=
github.com/chainreactors/parsers v0.0.0-20231220104848-3a0b5a5bd8dc/go.mod h1:V2w16sBSSiBlmsDR4A0Q9PIk9+TP/6coTXv6olvTI6M= github.com/chainreactors/parsers v0.0.0-20231220104848-3a0b5a5bd8dc/go.mod h1:V2w16sBSSiBlmsDR4A0Q9PIk9+TP/6coTXv6olvTI6M=
github.com/chainreactors/parsers v0.0.0-20240220090042-a7f9dac0281b h1:HQlt8J1lLfsR4BbsQs4eivwplemVFhLyQhkPpG+0eJ8=
github.com/chainreactors/parsers v0.0.0-20240220090042-a7f9dac0281b/go.mod h1:IS0hrYnccfJKU0NA12zdZk4mM7k/Qt4qnzMnFGBFLZI=
github.com/chainreactors/parsers v0.0.0-20240220101211-fc5d6e07ba81 h1:Pi4KT8ERTIwr1bo04VxPwwyjn2Vm30dBF0njW8rIGqM= github.com/chainreactors/parsers v0.0.0-20240220101211-fc5d6e07ba81 h1:Pi4KT8ERTIwr1bo04VxPwwyjn2Vm30dBF0njW8rIGqM=
github.com/chainreactors/parsers v0.0.0-20240220101211-fc5d6e07ba81/go.mod h1:IS0hrYnccfJKU0NA12zdZk4mM7k/Qt4qnzMnFGBFLZI= github.com/chainreactors/parsers v0.0.0-20240220101211-fc5d6e07ba81/go.mod h1:IS0hrYnccfJKU0NA12zdZk4mM7k/Qt4qnzMnFGBFLZI=
github.com/chainreactors/utils v0.0.0-20231031063336-9477f1b23886 h1:lS2T/uE9tg1MNDPrb44wawbNlD24zBlWoG0H+ZdwDAk= github.com/chainreactors/utils v0.0.0-20231031063336-9477f1b23886 h1:lS2T/uE9tg1MNDPrb44wawbNlD24zBlWoG0H+ZdwDAk=
github.com/chainreactors/utils v0.0.0-20231031063336-9477f1b23886/go.mod h1:JA4eiQZm+7AsfjXBcIzIdVKBEhDCb16eNtWFCGTxlvs= github.com/chainreactors/utils v0.0.0-20231031063336-9477f1b23886/go.mod h1:JA4eiQZm+7AsfjXBcIzIdVKBEhDCb16eNtWFCGTxlvs=
github.com/chainreactors/words v0.4.1-0.20240208114042-a1c5053345b0 h1:7aAfDhZDLs6uiWNzYa68L4uzBX7ZIj7IT8v+AlmmpHw= github.com/chainreactors/words v0.4.1-0.20240220104223-153f52e53f37 h1:QdH1w8MnoAEnXp+CGqwroCRhAs+gu5OnIyW+qnK8Ibg=
github.com/chainreactors/words v0.4.1-0.20240208114042-a1c5053345b0/go.mod h1:DUDx7PdsMEm5PvVhzkFyppzpiUhQb8dOJaWjVc1SMVk= github.com/chainreactors/words v0.4.1-0.20240220104223-153f52e53f37/go.mod h1:DUDx7PdsMEm5PvVhzkFyppzpiUhQb8dOJaWjVc1SMVk=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=

70
pkg/fingerprinthub.go
View File

@ -7,48 +7,62 @@ import (
type FingerPrintHub struct { type FingerPrintHub struct {
Name string `json:"name"` Name string `json:"name"`
FaviconHash []string `json:"favicon_hash"` FaviconHash []string `json:"favicon_hash,omitempty"`
Keyword []string `json:"keyword"` Keyword []string `json:"keyword,omitempty"`
Path string `json:"path"` Path string `json:"path"`
Headers map[string]string `json:"headers"` Headers map[string]string `json:"headers,omitempty"`
} }
func FingerPrintHubDetect(header, body string) parsers.Frameworks { func FingerPrintHubDetect(header, body string) parsers.Frameworks {
frames := make(parsers.Frameworks) frames := make(parsers.Frameworks)
for _, finger := range FingerPrintHubs { for _, finger := range FingerPrintHubs {
status := false status := false
if fingerPrintHubMatchHeader(finger, header) && fingerPrintHubMatchBody(finger, body) {
for _, key := range finger.Keyword { status = true
if strings.Contains(body, key) {
status = true
} else {
status = false
break
}
}
if !status {
continue
}
for k, v := range finger.Headers {
if v == "*" && strings.Contains(header, k) {
status = true
} else if strings.Contains(header, k) && strings.Contains(header, v) {
status = true
} else {
status = false
break
}
} }
if status { if status {
frame := &parsers.Framework{ frames.Add(&parsers.Framework{
Name: finger.Name, Name: finger.Name,
From: parsers.FrameFromDefault, From: parsers.FrameFromDefault,
Tags: []string{"fingerprinthub"}, Tags: []string{"fingerprinthub"},
} })
frames[frame.Name] = frame
} }
} }
return frames return frames
} }
func fingerPrintHubMatchHeader(finger *FingerPrintHub, header string) bool {
if len(finger.Headers) == 0 {
return true
}
status := true
for k, v := range finger.Headers {
if v == "*" && strings.Contains(header, k) {
status = true
} else if strings.Contains(header, k) && strings.Contains(header, v) {
status = true
} else {
return false
}
}
return status
}
func fingerPrintHubMatchBody(finger *FingerPrintHub, body string) bool {
if len(finger.Keyword) == 0 {
return true
}
if body == "" {
return false
}
status := true
for _, key := range finger.Keyword {
if strings.Contains(body, key) {
status = true
} else {
return false
}
}
return status
}

5
pkg/fingers.go
View File

@ -1,6 +1,7 @@
package pkg package pkg
import ( import (
"bytes"
"github.com/chainreactors/gogo/v2/pkg/fingers" "github.com/chainreactors/gogo/v2/pkg/fingers"
"github.com/chainreactors/parsers" "github.com/chainreactors/parsers"
) )
@ -10,9 +11,9 @@ func FingerDetect(content []byte) parsers.Frameworks {
frames := make(parsers.Frameworks) frames := make(parsers.Frameworks)
for _, finger := range Fingers { for _, finger := range Fingers {
// sender置空, 所有的发包交给spray的pool // sender置空, 所有的发包交给spray的pool
frame, _, ok := fingers.FingerMatcher(finger, map[string]interface{}{"content": content}, 0, nil) frame, _, ok := fingers.FingerMatcher(finger, map[string]interface{}{"content": bytes.ToLower(content)}, 0, nil)
if ok { if ok {
frames[frame.Name] = frame frames.Add(frame)
} }
} }
return frames return frames

7
pkg/load.go
View File

@ -19,7 +19,7 @@ var (
Extractors = make(parsers.Extractors) Extractors = make(parsers.Extractors)
Fingers fingers.Fingers Fingers fingers.Fingers
ActivePath []string ActivePath []string
FingerPrintHubs []FingerPrintHub FingerPrintHubs []*FingerPrintHub
) )
func LoadTemplates() error { func LoadTemplates() error {
@ -124,6 +124,7 @@ func LoadFingerPrintHub() error {
if err != nil { if err != nil {
return err return err
} }
var fingers []*FingerPrintHub
for _, f := range FingerPrintHubs { for _, f := range FingerPrintHubs {
if f.Path != "/" { if f.Path != "/" {
ActivePath = append(ActivePath, f.Path) ActivePath = append(ActivePath, f.Path)
@ -131,7 +132,11 @@ func LoadFingerPrintHub() error {
for _, ico := range f.FaviconHash { for _, ico := range f.FaviconHash {
Md5Fingers[ico] = f.Name Md5Fingers[ico] = f.Name
} }
if len(f.Keyword) > 0 || len(f.Headers) > 0 {
fingers = append(fingers, f)
}
} }
FingerPrintHubs = fingers
return nil return nil
} }