😣 Fix Bug

captain686 · Sep 12, 2022 · 2748474 · 2748474
1 parent 85b5a76
commit 2748474
Showing 1 changed file with 67 additions and 42 deletions.
diff --git a/util/executor.go b/util/executor.go
@@ -4,6 +4,7 @@ import (
 	"embed"
 	"fmt"
 	"github.com/aliyun/texpr"
+	"gopkg.in/yaml.v2"
 	"io/ioutil"
 	"os"
 	"strconv"
@@ -23,16 +24,8 @@ func IsDir(fileAddr string) bool {
 	return s.IsDir()
 }
 
-func ListDir() *[]string {
-	var files []string
-	filePath := "User_Exploit/"
-	if !IsDir(filePath) {
-		err := os.Mkdir(filePath, os.ModePerm)
-		if IfErr(err) {
-			return nil
-		}
-	}
-
+func EmbedFiles() []string {
+	var embedFiles []string
 	entries, err := Pocs.ReadDir("exploit")
 	if IfErr(err) {
 		return nil
@@ -41,10 +34,21 @@ func ListDir() *[]string {
 		entrySplit := strings.Split(entry.Name(), ".")
 		entryExtName := entrySplit[len(entrySplit)-1]
 		if (strings.ToUpper(entryExtName) == "YML") || (strings.ToUpper(entryExtName) == "YAML") {
-			files = append(files, "util/exploit/"+entry.Name())
+			embedFiles = append(embedFiles, entry.Name())
 		}
 	}
+	return embedFiles
+}
 
+func ListDir() *[]string {
+	var files []string
+	filePath := "User_Exploit/"
+	if !IsDir(filePath) {
+		err := os.Mkdir(filePath, os.ModePerm)
+		if IfErr(err) {
+			return nil
+		}
+	}
 	fileName, err := ioutil.ReadDir(filePath)
 	if IfErr(err) {
 		return nil
@@ -137,42 +141,63 @@ func ExpExecutor(host string) {
 		if IfErr(err) {
 			return
 		}
-		rules := exp.Rules
-		VulResults := make(map[string]bool)
-		var vulResults bool
-		var (
-			vulPath *string
-			vulData *string
-		)
-		for ruleName, rule := range rules {
-			vulPath, vulData, vulResults = VulExist(rule, host)
-			VulResults[ruleName] = vulResults
-		}
-		expression := exp.Expression
-		var newExpression string
-		for key, value := range VulResults {
-			newExpression = strings.Replace(expression, key, strconv.FormatBool(value), -1)
-		}
-		compile, err := texpr.Compile(newExpression)
-		if IfErr(err) {
-			fmt.Println(err)
+		vulPath, vulData, result := ExpResult(exp, host)
+		ResultOutput(host, vulPath, vulData, result)
+	}
+	for _, EmbedFile := range EmbedFiles() {
+		data, err := Pocs.ReadFile("exploit/" + EmbedFile)
+		if err != nil {
 			return
 		}
-		result, err := compile.Eval(nil)
-		if IfErr(err) {
-			fmt.Println(err)
+		//fmt.Println(data)
+		exp := Exploit{}
+		err = yaml.Unmarshal(data, &exp)
+		if err != nil {
 			return
 		}
-		//fmt.Println(result)
-		if result == true {
-			fmt.Println("[X] " + host + "存在漏洞")
-			fmt.Println("[X] 漏洞路径" + *vulPath)
-			if *vulData != "" {
-				fmt.Println("[X] 请求数据为 " + *vulData)
-			}
-		} else {
-			fmt.Println("[O] " + host + "不存在漏洞")
+		vulPath, vulData, result := ExpResult(&exp, host)
+		ResultOutput(host, vulPath, vulData, result)
+	}
+}
+
+func ResultOutput(host string, vulPath *string, vulData *string, result interface{}) {
+	if result == true {
+		fmt.Println("[X] " + host + "存在漏洞")
+		fmt.Println("[X] 漏洞路径" + *vulPath)
+		if *vulData != "" {
+			fmt.Println("[X] 请求数据为 " + *vulData)
 		}
+	} else {
+		fmt.Println("[O] " + host + "不存在漏洞")
 	}
+}
 
+func ExpResult(exp *Exploit, host string) (*string, *string, interface{}) {
+	rules := exp.Rules
+	VulResults := make(map[string]bool)
+	var vulResults bool
+	var (
+		vulPath *string
+		vulData *string
+	)
+	for ruleName, rule := range rules {
+		vulPath, vulData, vulResults = VulExist(rule, host)
+		VulResults[ruleName] = vulResults
+	}
+	expression := exp.Expression
+	var newExpression string
+	for key, value := range VulResults {
+		newExpression = strings.Replace(expression, key, strconv.FormatBool(value), -1)
+	}
+	compile, err := texpr.Compile(newExpression)
+	if IfErr(err) {
+		fmt.Println(err)
+		return nil, nil, false
+	}
+	result, err := compile.Eval(nil)
+	if IfErr(err) {
+		fmt.Println(err)
+		return nil, nil, false
+	}
+	return vulPath, vulData, result
 }