init

Author: SummerSec

.gitignore

@@ -1 +1,2 @@
-
+.idea
+logs/**

cmd/commons/core/banner.go

@@ -0,0 +1,15 @@
+package core
+
+import log "github.com/sirupsen/logrus"
+
+const banner = `
+
+
+
+`
+
+func ShowBanner(Version string) {
+	log.Println(banner)
+	log.Println("Version:", Version)
+
+}

cmd/commons/core/doc.go

@@ -0,0 +1 @@
+package core

cmd/commons/core/getreq.go

@@ -0,0 +1,10 @@
+package core
+
+// GetReq get request
+func GetReq() map[string]string {
+	var req = map[string]string{
+		"method": "GET",
+	}
+	return req
+
+}

cmd/commons/core/options.go

@@ -0,0 +1,99 @@
+package core
+
+import (
+	"flag"
+	"github.com/SummerSec/SpringExploit/cmd/logs"
+	log "github.com/sirupsen/logrus"
+)
+
+type Options struct {
+	// 日志级别
+	Mode int
+	// file to read
+	File string
+	// 传入的url
+	Url string
+
+	// 代理设置
+	Proxy string
+
+	// 版本号
+	Version bool
+	// 是否输出详细信息
+	Verbose bool
+	// 线程数量
+	Thread int
+	// 日志输出文件
+	LogFile string
+	// 重复请求次数
+	Repeat int
+	// ip 段
+	IP string
+}
+
+func (o Options) toString() interface{} {
+
+	return o
+}
+
+func ParseOptions() *Options {
+	options := &Options{}
+	flag.IntVar(&options.Mode, "mode", 6, "debug mode off (default Infolevel = 0  PanicLevel = 1 FatalLevel = 2 \n"+"\t\t ErrorLevel = 3  WarnLevel = 4  InfoLevel = 5  DebugLevel = 6  TraceLevel = 7)")
+	flag.IntVar(&options.Thread, "thread", 1, "thread number (default thread = 1)")
+	flag.StringVar(&options.File, "file", "", "file to read example: -file=test.txt")
+	flag.StringVar(&options.Url, "url", "", "url to read example: -url=http://www.baidu.com")
+	flag.StringVar(&options.Proxy, "proxy", "", "proxy example: -proxy=http://127.0.0.1:8080 or -proxy=socks5://127.0.0.1:1080")
+	flag.BoolVar(&options.Version, "version", false, "show version")
+	flag.BoolVar(&options.Verbose, "verbose", false, "show verbose")
+	flag.StringVar(&options.LogFile, "log", "logs.txt", "log file example: -log=/logs/logs.txt")
+	flag.IntVar(&options.Repeat, "repeat", 3, "repeat request times")
+	flag.StringVar(&options.IP, "ip", "", "ip segment example: -ip=192.168.0.1/24 ")
+	flag.Parse()
+
+	v := "0.0.1"
+
+	if options.Version {
+		ShowBanner(v)
+	} else if url := options.Url; url != "" {
+		options.Thread = 1
+		options.File = ""
+
+	} else if options.File != "" {
+		options.Url = ""
+
+	} else {
+		flag.PrintDefaults()
+	}
+	showVerbose(options)
+	logs.SaveLogs(options.LogFile)
+
+	return options
+
+}
+
+func showVerbose(options *Options) {
+	if !options.Verbose {
+		switch options.Mode {
+		case 1:
+			log.SetLevel(log.PanicLevel)
+		case 2:
+			log.SetLevel(log.FatalLevel)
+		case 3:
+			log.SetLevel(log.ErrorLevel)
+		case 4:
+			log.SetLevel(log.WarnLevel)
+		case 5:
+			log.SetLevel(log.InfoLevel)
+		case 6:
+			log.SetLevel(log.DebugLevel)
+		case 7:
+			log.SetLevel(log.TraceLevel)
+		default:
+			log.SetLevel(log.InfoLevel)
+			//log.SetLevel(log.DebugLevel)
+		}
+	} else {
+		log.SetLevel(log.DebugLevel)
+	}
+
+}

cmd/commons/core/request.go

@@ -0,0 +1,105 @@
+package core
+
+type ReqInfo struct {
+	method  string
+	url     string
+	body    string
+	header  map[string]string
+	proxy   string
+	timeout string
+	repeat  string
+	mode    string
+}
+
+func (r *ReqInfo) Method() string {
+	return r.method
+}
+
+func (r *ReqInfo) SetMethod(method string) {
+	r.method = method
+}
+
+func (r *ReqInfo) Url() string {
+	return r.url
+}
+
+func (r *ReqInfo) SetUrl(url string) {
+	r.url = url
+}
+
+func (r *ReqInfo) Body() string {
+	return r.body
+}
+
+func (r *ReqInfo) SetBody(body string) {
+	r.body = body
+}
+
+func (r *ReqInfo) Header() map[string]string {
+	return r.header
+}
+
+func (r *ReqInfo) SetHeader(header map[string]string) {
+	r.header = header
+}
+
+func (r *ReqInfo) Proxy() string {
+	return r.proxy
+}
+
+func (r *ReqInfo) SetProxy(proxy string) {
+	r.proxy = proxy
+}
+
+func (r *ReqInfo) Timeout() string {
+	return r.timeout
+}
+
+func (r *ReqInfo) SetTimeout(timeout string) {
+	r.timeout = timeout
+}
+
+func (r *ReqInfo) Repeat() string {
+	return r.repeat
+}
+
+func (r *ReqInfo) SetRepeat(repeat string) {
+	r.repeat = repeat
+}
+
+func (r *ReqInfo) Mode() string {
+	return r.mode
+}
+
+func (r *ReqInfo) SetMode(mode string) {
+	r.mode = mode
+}
+
+//func NewReqInfo(hashmap map[string]interface{}) *ReqInfo {
+//	reqInfo := &ReqInfo{
+//		method:  hashmap["method"].(string),
+//		url:     hashmap["url"].(string),
+//		body:    hashmap["body"].(string),
+//		header:  hashmap["header"].(map[string]string),
+//		proxy:   hashmap["proxy"].(string),
+//		timeout: hashmap["timeout"].(string),
+//		repeat:  hashmap["repeat"].(string),
+//		mode:    hashmap["mode"].(string),
+//	}
+//
+//	return reqInfo
+//}
+
+func NewReqInfo() *ReqInfo {
+	reqInfo := &ReqInfo{
+		method:  "",
+		url:     "",
+		body:    "",
+		header:  make(map[string]string),
+		proxy:   "",
+		timeout: "",
+		repeat:  "",
+		mode:    "",
+	}
+	return reqInfo
+}

cmd/commons/core/runner.go

@@ -0,0 +1,53 @@
+package core
+
+import (
+	"encoding/json"
+	"github.com/SummerSec/SpringExploit/cmd/commons/utils"
+	"github.com/fatih/structs"
+	log "github.com/sirupsen/logrus"
+)
+
+type Runner struct {
+	options *Options
+}
+
+func NewRunner(options *Options) (*Runner, error) {
+	r := Runner{options: options}
+	mops := structs.Map(&r.options)
+	data, _ := json.Marshal(mops)
+	log.Info("Runner created")
+	log.Debug(mops)
+	log.Debug("Runner options: ", string(data))
+	return &r, nil
+
+}
+
+func (r *Runner) Run() {
+	log.Info("Runner Running")
+	f := r.options.File
+	var urls []string
+	if f == "" {
+		urls = append(urls, r.options.Url)
+	} else {
+		urls, _ = utils.ReadFile(r.options.File)
+	}
+	var i = 0
+	k := r.options.Thread
+	for i < len(urls) {
+		for t := 0; t < k; t++ {
+			if urls[i] != "" {
+				go Start(urls[i]) // Start 3 goroutines
+				i++
+			} else {
+				break
+			}
+		}
+	}
+
+}
+
+func Start(url string) {
+	log.Info("Runner started")
+	log.Infoln("testing URL: ", url)
+
+}

cmd/commons/utils/httpclient.go

@@ -0,0 +1,61 @@
+package utils
+
+import (
+	"encoding/json"
+	"github.com/imroc/req/v3"
+	log "github.com/sirupsen/logrus"
+	"strconv"
+	"time"
+)
+
+func InIt(mode int, timeout int, proxy string, repeat int) (client *req.Client) {
+	log.Info("init httpclient")
+	client = req.NewClient()
+	client.SetLogger(log.StandardLogger())
+	if mode != 0 {
+		client.DevMode()
+	}
+	// 设置超时时间
+	client.SetTimeout(time.Duration(timeout) * time.Second)
+	client.SetCommonRetryCount(repeat)
+	// 设置代理
+	f := IsProxyUrl(proxy)
+	if f {
+		proxy = GetProxyUrl(proxy)
+		client.SetProxyURL(proxy)
+	} else {
+		log.Error("proxy:	" + proxy + "	is not a valid url")
+		return nil
+	}
+	return client
+}
+
+func Send(hashmap map[string]string) (resp *req.Response) {
+	method := hashmap["method"]
+	url := hashmap["url"]
+	proxy := hashmap["proxy"]
+	repeat, _ := strconv.Atoi(hashmap["repeat"])
+	timeout, _ := strconv.Atoi(hashmap["timeout"])
+	mode, _ := strconv.Atoi(hashmap["mode"])
+	header := hashmap["header"]
+	body := hashmap["body"]
+	// string to map
+	var tempmap map[string]string
+	err := json.Unmarshal([]byte(header), &tempmap)
+	if err != nil {
+		log.Error("header:	" + header + "	is not a valid json")
+		return nil
+	}
+
+	client := InIt(mode, timeout, proxy, repeat).EnableDumpAll()
+
+	req := client.R()
+	reqs := SetRequest(req, tempmap, body)
+	resp, err = reqs.Send(method, url)
+	if err != nil {
+		log.Error("send request error:	" + err.Error())
+		return nil
+	}
+
+	return resp
+}

cmd/commons/utils/proxy.go

@@ -0,0 +1,29 @@
+package utils
+
+import (
+	log "github.com/sirupsen/logrus"
+	"net/url"
+	"strings"
+)
+
+func IsProxyUrl(proxy string) bool {
+
+	if strings.Contains(proxy, ":") {
+		return true
+	}
+	return false
+
+}
+
+func GetProxyUrl(proxy string) (proxys string) {
+
+	url, err := url.Parse(proxy)
+	if err != nil {
+		log.Errorf(err.Error())
+		return
+	} else {
+		proxys = url.Scheme + "://" + url.Host
+	}
+	return proxys
+
+}