diff --git a/cmd/root.go b/cmd/root.go index f55f73d..b70f528 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -61,7 +61,7 @@ func init() { // rootCmd.MarkPersistentFlagRequired("target") webScanCmdInit() - shiroCmdinit() + shiroCmdInit() struts2CmdInit() webLogicCmdInit() log4jCmdInit() diff --git a/cmd/shiro.go b/cmd/shiro.go index 8713e3b..ff6206f 100644 --- a/cmd/shiro.go +++ b/cmd/shiro.go @@ -40,7 +40,7 @@ var shiroCmd = &cobra.Command{ } } } - + fmt.Println(aurora.Red(fmt.Sprintf("[Success] Mode: %v Key: %v, Gadget: %v, Echo: %v", mode, key, gadget, echo))) } case "exp": @@ -56,7 +56,7 @@ var shiroCmd = &cobra.Command{ }, } -func shiroCmdinit() { +func shiroCmdInit() { rootCmd.AddCommand(shiroCmd) shiroCmd.Flags().StringVarP(&conf.GlobalConfig.Options.Shiro.Mode, "mode", "m", "burp", "Specify work mode: burp exp") shiroCmd.Flags().StringVarP(&conf.GlobalConfig.Options.Shiro.Key, "key", "k", "", "key of target! ") diff --git a/go.mod b/go.mod index 0d8ab51..b5a5009 100644 --- a/go.mod +++ b/go.mod @@ -56,7 +56,7 @@ require ( github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da github.com/gorilla/websocket v1.5.1 github.com/iancoleman/orderedmap v0.3.0 - github.com/imroc/req/v3 v3.43.4 + github.com/imroc/req/v3 v3.43.5 github.com/ipinfo/go/v2 v2.10.0 github.com/jlaffaye/ftp v0.2.0 github.com/lib/pq v1.10.9 @@ -320,7 +320,7 @@ require ( github.com/projectdiscovery/wappalyzergo v0.0.122 // indirect github.com/projectdiscovery/yamldoc-go v1.0.4 // indirect github.com/quic-go/qpack v0.4.0 // indirect - github.com/quic-go/quic-go v0.43.1 // indirect + github.com/quic-go/quic-go v0.44.0 // indirect github.com/redis/go-redis/v9 v9.5.1 // indirect github.com/refraction-networking/utls v1.6.6 // indirect github.com/rivo/uniseg v0.4.7 // indirect @@ -332,6 +332,7 @@ require ( github.com/seh-msft/burpxml v1.0.1 // indirect github.com/shirou/gopsutil v3.21.11+incompatible // indirect github.com/shoenig/go-m1cpu v0.1.6 // indirect + github.com/sijms/go-ora v1.3.2 // indirect github.com/skeema/knownhosts v1.2.2 // indirect github.com/smacker/go-tree-sitter v0.0.0-20240514083259-c5d1f3f5f99e // indirect github.com/sourcegraph/conc v0.3.0 // indirect diff --git a/go.sum b/go.sum index 91971ce..411e707 100644 --- a/go.sum +++ b/go.sum @@ -445,6 +445,7 @@ github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LB github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM= @@ -650,6 +651,8 @@ github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/imroc/req/v3 v3.43.4 h1:NSXlB5dELZuxzGEFRWLWEQ9dQmh8d9pUMPa7MevK1K4= github.com/imroc/req/v3 v3.43.4/go.mod h1:SQIz5iYop16MJxbo8ib+4LnostGCok8NQf8ToyQc2xA= +github.com/imroc/req/v3 v3.43.5 h1:fL7dOEfld+iEv1rwnIxseJz2/Y7JZ/HgbAURLZkat80= +github.com/imroc/req/v3 v3.43.5/go.mod h1:SQIz5iYop16MJxbo8ib+4LnostGCok8NQf8ToyQc2xA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= @@ -1071,6 +1074,8 @@ github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo= github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A= github.com/quic-go/quic-go v0.43.1 h1:fLiMNfQVe9q2JvSsiXo4fXOEguXHGGl9+6gLp4RPeZQ= github.com/quic-go/quic-go v0.43.1/go.mod h1:132kz4kL3F9vxhW3CtQJLDVwcFe5wdWeJXXijhsO57M= +github.com/quic-go/quic-go v0.44.0 h1:So5wOr7jyO4vzL2sd8/pD9Kesciv91zSk8BoFngItQ0= +github.com/quic-go/quic-go v0.44.0/go.mod h1:z4cx/9Ny9UtGITIPzmPTXh1ULfOyWh4qGQlpnPcWmek= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/redis/go-redis/v9 v9.5.1 h1:H1X4D3yHPaYrkL5X06Wh6xNVM/pX0Ft4RV0vMGvLBh8= github.com/redis/go-redis/v9 v9.5.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= @@ -1124,6 +1129,8 @@ github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU= github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/sijms/go-ora v1.3.2 h1:v9Ca63acRbrE5vYlHpABzlOvt8bI1Sj5PCVDwaAJjp8= +github.com/sijms/go-ora v1.3.2/go.mod h1:ZGVmJgxUfyGIVmYgA7MVGEq6BX5aoFECRMtHW5DEcs4= github.com/sijms/go-ora/v2 v2.8.18 h1:hrmgl0Iognh7XiYDRvFKmSgJW7J05yq7TMljravaXE0= github.com/sijms/go-ora/v2 v2.8.18/go.mod h1:EHxlY6x7y9HAsdfumurRfTd+v8NrEOTR3Xl4FWlH6xk= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= diff --git a/pkg/task/task.go b/pkg/task/task.go index a79e136..42b93da 100644 --- a/pkg/task/task.go +++ b/pkg/task/task.go @@ -39,7 +39,7 @@ type Task struct { Fingerprints []string // 这个只有主动会使用,被动只会新建一个 task,所以不会用到 Parallelism int // 同时扫描的最大 url 个数 Pool *ants.Pool // 协程池,目前来看只是用来优化被动扫描,减小被动扫描时的协程创建、销毁的开销 - WG *sync.WaitGroup // 等待协程池所有任务结束 + WG sync.WaitGroup // 等待协程池所有任务结束 ScanTask map[string]*ScanTask // 存储对目标扫描时的一些状态 Lock sync.Mutex // 对 Distribution函数中的一些 map 并发操作进行保护 WgLock sync.Mutex // ScanTask 是一个 map,运行插件时会并发操作,加锁保护