diff --git a/go.mod b/go.mod index e9037b2..3c54e4b 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/projectdiscovery/ratelimit v0.0.33 github.com/projectdiscovery/retryablehttp-go v1.0.52 github.com/projectdiscovery/utils v0.0.84 - github.com/remeh/sizedwaitgroup v1.0.0 + github.com/remeh/sizedwaitgroup v1.0.0 // indirect github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5 // indirect github.com/rs/xid v1.5.0 // indirect github.com/shirou/gopsutil/v3 v3.24.2 // indirect @@ -80,6 +80,7 @@ require ( github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222 github.com/yaklang/yaklang v1.3.1 github.com/yhy0/logging v0.0.0-20231128014545-22711cccc3b0 + github.com/yhy0/sizedwaitgroup v1.0.1 github.com/yl2chen/cidranger v1.0.2 golang.org/x/crypto v0.21.0 golang.org/x/term v0.18.0 diff --git a/go.sum b/go.sum index ef792f8..4d7ad2b 100644 --- a/go.sum +++ b/go.sum @@ -803,8 +803,6 @@ github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40/go.mod h1:vy1vK6w github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= github.com/mackerelio/go-osstat v0.2.4 h1:qxGbdPkFo65PXOb/F/nhDKpF2nGmGaCFDLXoZjJTtUs= github.com/mackerelio/go-osstat v0.2.4/go.mod h1:Zy+qzGdZs3A9cuIqmgbJvwbmLQH9dJvtio5ZjJTbdlQ= -github.com/magefile/mage v1.14.0 h1:6QDX3g6z1YvJ4olPhT1wksUcSa/V0a1B+pJb73fBjyo= -github.com/magefile/mage v1.14.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magefile/mage v1.15.0 h1:BvGheCMAsG3bWUDbZ8AyXXpCNwU9u5CB6sM+HNb9HYg= github.com/magefile/mage v1.15.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= @@ -1025,8 +1023,6 @@ github.com/projectdiscovery/naabu/v2 v2.3.0 h1:nSwo7EdIBL5il6+gfeiQs/lgQ8lBipPUl github.com/projectdiscovery/naabu/v2 v2.3.0/go.mod h1:efC2NRkWrXO7Ia0CjojIPMrvsQLhK6ZJfGsD+rCxx3E= github.com/projectdiscovery/networkpolicy v0.0.8 h1:XvfBaBwSDNTesSfNQP9VLk3HX9I7x7gHm028TJ5XwI8= github.com/projectdiscovery/networkpolicy v0.0.8/go.mod h1:xnjNqhemxUPxU+UD5Jgsc3+K8IVmcqT1SJeo6UzMtkI= -github.com/projectdiscovery/nuclei/v3 v3.2.1 h1:p4Cg1i/rFysMeXnYBY28s6AWb1eZj6pXkWTNREFcaPA= -github.com/projectdiscovery/nuclei/v3 v3.2.1/go.mod h1:LkKLQeiQRavbZAnpDCP1LWOC7854OmNwRn2Z+YwH/ME= github.com/projectdiscovery/nuclei/v3 v3.2.2 h1:bCa0pW2EKVHxdx+2kKMJOlGftPzH0JCSrt1a0oh6H60= github.com/projectdiscovery/nuclei/v3 v3.2.2/go.mod h1:LkKLQeiQRavbZAnpDCP1LWOC7854OmNwRn2Z+YwH/ME= github.com/projectdiscovery/ratelimit v0.0.33 h1:MT8Oa0VVBBI5w6ZMUJCIIQkjdTVNbzhGRDMrNqV1BQ4= @@ -1271,10 +1267,6 @@ github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6Kllzaw github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo= github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= -github.com/wasilibs/go-re2 v1.5.0 h1:4i6RzaSx26ZbzDWpVmiqQwWUKTSnewCv6qyVYjiDouI= -github.com/wasilibs/go-re2 v1.5.0/go.mod h1:UqqxQ1O99boQUm1r61H/IYGiGQOS/P88K7hU5nLNkEg= -github.com/wasilibs/go-re2 v1.5.1-0.20240320035604-9f8aa894048a h1:2HOE+nE/vnO4ApIeY3jOI22Ky6nvEM06dA3RRXLOwiw= -github.com/wasilibs/go-re2 v1.5.1-0.20240320035604-9f8aa894048a/go.mod h1:UqqxQ1O99boQUm1r61H/IYGiGQOS/P88K7hU5nLNkEg= github.com/wasilibs/go-re2 v1.5.1 h1:a+Gb1mx6Q7MmU4d+3BCnnN28U2/cnADmY1oRRanQi10= github.com/wasilibs/go-re2 v1.5.1/go.mod h1:UqqxQ1O99boQUm1r61H/IYGiGQOS/P88K7hU5nLNkEg= github.com/wasilibs/nottinygc v0.4.0 h1:h1TJMihMC4neN6Zq+WKpLxgd9xCFMw7O9ETLwY2exJQ= @@ -1306,6 +1298,8 @@ github.com/yaklang/yaklang v1.3.1 h1:6lQAtynd6sfFB2EKgd8RqDOhL9IfzA9G5YvCnZMsV9c github.com/yaklang/yaklang v1.3.1/go.mod h1:rXEQ3hwgTqtkuTPMHPg05PLCfrYOlF9J4HBoOkCE6Yc= github.com/yhy0/logging v0.0.0-20231128014545-22711cccc3b0 h1:ANZZm1sR5FKK/0x/AV+842HFHA3EJYJaTVpFM9X/qHI= github.com/yhy0/logging v0.0.0-20231128014545-22711cccc3b0/go.mod h1:DjdElPsDqf4IhYGiBtUKGT8i75RBZSwl+KgsaMJlZpU= +github.com/yhy0/sizedwaitgroup v1.0.1 h1:3Q0GsMlPd6XMIMRBY768uD81shNiU2rMjk3vmGICMdc= +github.com/yhy0/sizedwaitgroup v1.0.1/go.mod h1:HkGFc8V97BlG9xHMtAIxe4r9+mKD0jpHBlkoEL0UpkI= github.com/yl2chen/cidranger v1.0.2 h1:lbOWZVCG1tCRX4u24kuM1Tb4nHqWkDxwLdoS+SevawU= github.com/yl2chen/cidranger v1.0.2/go.mod h1:9U1yz7WPYDwf0vpNWFaeRh0bjwz5RVgRy/9UEQfHl0g= github.com/ysmood/fetchup v0.2.3/go.mod h1:xhibcRKziSvol0H1/pj33dnKrYyI2ebIvz5cOOkYGns= diff --git a/pkg/mitmproxy/go-mitmproxy.go b/pkg/mitmproxy/go-mitmproxy.go index ebd0b74..ccc9900 100644 --- a/pkg/mitmproxy/go-mitmproxy.go +++ b/pkg/mitmproxy/go-mitmproxy.go @@ -7,11 +7,11 @@ package mitmproxy **/ import ( - "github.com/remeh/sizedwaitgroup" "github.com/yhy0/Jie/conf" "github.com/yhy0/Jie/pkg/mitmproxy/go-mitmproxy/proxy" "github.com/yhy0/Jie/pkg/task" "github.com/yhy0/logging" + "github.com/yhy0/sizedwaitgroup" ) var t *task.Task @@ -27,23 +27,23 @@ func NewMitmproxy() { StreamLargeBodies: 1024 * 1024 * 5, SslInsecure: true, } - + t = &task.Task{ Parallelism: conf.Parallelism + 1, ScanTask: make(map[string]*task.ScanTask), } - + t.Wg = sizedwaitgroup.New(t.Parallelism) - + // 先加一,这里会一直阻塞,这样就不会马上退出, 这里要的就是一直阻塞,所以不使用 wg.Done() t.Wg.Add() - + var err error PassiveProxy, err = proxy.NewProxy(opts) if err != nil { logging.Logger.Fatal(err) } - + // 添加一个插件用来获取流量信息 PassiveProxy.AddAddon(&PassiveAddon{}) go func() { @@ -52,6 +52,6 @@ func NewMitmproxy() { logging.Logger.Fatal(err) } }() - + t.Wg.Wait() } diff --git a/pkg/mode/active.go b/pkg/mode/active.go index 501cb5c..cce4ab8 100644 --- a/pkg/mode/active.go +++ b/pkg/mode/active.go @@ -4,7 +4,6 @@ import ( "encoding/json" "fmt" "github.com/projectdiscovery/katana/pkg/output" - "github.com/remeh/sizedwaitgroup" "github.com/thoas/go-funk" regexp "github.com/wasilibs/go-re2" "github.com/yhy0/Jie/conf" @@ -20,6 +19,7 @@ import ( "github.com/yhy0/Jie/pkg/util" "github.com/yhy0/Jie/scan/gadget/waf" "github.com/yhy0/logging" + "github.com/yhy0/sizedwaitgroup" "net/url" "path" "strings" diff --git a/pkg/task/task.go b/pkg/task/task.go index c3b1d54..f78a2e9 100644 --- a/pkg/task/task.go +++ b/pkg/task/task.go @@ -2,7 +2,6 @@ package task import ( "fmt" - "github.com/remeh/sizedwaitgroup" regexp "github.com/wasilibs/go-re2" "github.com/yhy0/Jie/conf" "github.com/yhy0/Jie/fingprints" @@ -16,6 +15,7 @@ import ( "github.com/yhy0/Jie/scan/gadget/sensitive" scan_util "github.com/yhy0/Jie/scan/util" "github.com/yhy0/logging" + "github.com/yhy0/sizedwaitgroup" "net/url" "strconv" "strings" @@ -35,9 +35,9 @@ import ( var lock sync.Mutex type Task struct { - Fingerprints []string // 这个只有主动会使用,被动只会新建一个 task,所以不会用到 - Parallelism int // 一个网站同时扫描的最大 url 个数 - Wg sizedwaitgroup.SizedWaitGroup // 限制同时运行的任务数量 + Fingerprints []string // 这个只有主动会使用,被动只会新建一个 task,所以不会用到 + Parallelism int // 一个网站同时扫描的最大 url 个数 + Wg *sizedwaitgroup.SizedWaitGroup // 限制同时运行的任务数量 ScanTask map[string]*ScanTask } @@ -48,7 +48,7 @@ type ScanTask struct { Client *httpx.Client // 用来进行请求的 client Archive bool // 用来判断是否扫描过 // 限制每个扫描任务同时运行的扫描插件个数 - Wg sizedwaitgroup.SizedWaitGroup + Wg *sizedwaitgroup.SizedWaitGroup } var rex = regexp.MustCompile(`//#\s+sourceMappingURL=(.*\.map)`) diff --git a/scan/gadget/jwt/jwt.go b/scan/gadget/jwt/jwt.go index b9fe406..edcd21d 100644 --- a/scan/gadget/jwt/jwt.go +++ b/scan/gadget/jwt/jwt.go @@ -9,8 +9,8 @@ import ( "encoding/hex" "errors" "github.com/golang-jwt/jwt" - "github.com/remeh/sizedwaitgroup" "github.com/yhy0/Jie/pkg/util" + "github.com/yhy0/sizedwaitgroup" "strings" ) @@ -33,7 +33,7 @@ func init() { if err != nil { panic(err) } - + Secrets = strings.Split(string(f), "\n") } @@ -64,7 +64,7 @@ func ParseJWT(input string) (*Jwt, error) { return nil, err } } - + Twj = &Jwt{ Header: string(decodedParts[0]), Payload: string(decodedParts[1]), @@ -72,7 +72,7 @@ func ParseJWT(input string) (*Jwt, error) { message: []byte(parts[0] + "." + parts[1]), SignatureStr: hex.EncodeToString(decodedParts[2]), } - + return Twj, nil } @@ -80,13 +80,13 @@ func Verify(jwtString string, secret string) (*Claims, error) { tokenClaims, err := jwt.ParseWithClaims(jwtString, &Claims{}, func(token *jwt.Token) (interface{}, error) { return []byte(secret), nil }) - + if tokenClaims != nil { if claims, ok := tokenClaims.Claims.(*Claims); ok && tokenClaims.Valid { return claims, nil } } - + return nil, err } @@ -95,7 +95,7 @@ func GenerateSignature(pwds ...string) string { var res = "" wg := sizedwaitgroup.New(20) secrets := util.RemoveDuplicateElement(append(Secrets, pwds...)) - + var stop = false for _, s := range secrets { if stop { @@ -111,10 +111,10 @@ func GenerateSignature(pwds ...string) string { res = s stop = true } - + }(s) } - + wg.Wait() return res }