修复端口扫描和指纹扫描阻塞无法扫描漏洞的bug

aaq1adqwe · May 17, 2019 · 0bffaad · 0bffaad
1 parent c98be72
commit 0bffaad
Show file tree

Hide file tree

Showing 6 changed files with 193 additions and 74 deletions.
diff --git a/base/src/main/java/com/trackray/base/bean/Result.java b/base/src/main/java/com/trackray/base/bean/Result.java
@@ -29,5 +29,7 @@ public class Result {
     @JSONField(name="附加信息")
     private Map<String,Object> additional = new HashMap<>();    //附加信息
 
+    @JSONField(serialize = false)
+    private transient Map<String , Object> variables = new HashMap<>(); // 变量信息
 
 }
diff --git a/base/src/main/java/com/trackray/base/handle/Shell.java b/base/src/main/java/com/trackray/base/handle/Shell.java
@@ -2,10 +2,13 @@
 
 import com.trackray.base.bean.Constant;
 import com.trackray.base.utils.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.*;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.List;
 import java.util.Properties;
 
 /**
@@ -24,6 +27,7 @@ public class Shell {
     private boolean block = false;
     private String target = "";
     private boolean enable = false;
+    private List<String> commands = new ArrayList<>();
     public Shell(){
     }
     public Shell(boolean enable){
@@ -43,6 +47,7 @@ public void exec(String... c) throws IOException {
         ArrayList<String> base = new ArrayList<>();
         base.addAll(Arrays.asList((os.contains("indows") ? WIN_PREFIX : LINUX_PREFIX)));
         base.add(target);
+        commands = base;
         if (c!=null&&c.length>0)
             base.addAll(Arrays.asList(c));
         String path = System.getenv().get("Path");
@@ -73,22 +78,20 @@ public String readLine(){
 
         return null;
     }
-
+    public static Logger log = LoggerFactory.getLogger(Shell.class);
     public String content(){
         if (block){
             try {
                 process.waitFor();
                 return IOUtils.analysisProcess(process);
-            } catch (InterruptedException e) {
-                e.printStackTrace();
-            } catch (IOException e) {
-                e.printStackTrace();
+            } catch (Exception e) {
+                log.error("读取命令执行结果异常 "+commands);
             }
         }else{
             try {
                 return IOUtils.analysisProcess(process);
             } catch (IOException e) {
-                e.printStackTrace();
+                log.error("读取命令执行结果异常 "+commands);
             }
         }
         return null;
@@ -98,6 +101,7 @@ public String readError(){
             try {
                 process.waitFor();
             } catch (InterruptedException e) {
+                log.error("读取命令执行结果异常 "+commands);
                 return "";
             }
         }
@@ -118,6 +122,7 @@ public String readAll(){
             try {
                 process.waitFor();
             } catch (InterruptedException e) {
+                log.error("读取命令执行结果异常 "+commands);
                 return "";
             }
         }

diff --git a/base/src/main/java/com/trackray/base/plugin/InnerPlugin.java b/base/src/main/java/com/trackray/base/plugin/InnerPlugin.java
@@ -22,7 +22,7 @@
  */
 public abstract class InnerPlugin<E> extends AbstractPlugin<E>{
 
-    private static final Logger log = LoggerFactory.getLogger(InnerPlugin.class);
+    public static final Logger log = LoggerFactory.getLogger(InnerPlugin.class);
 
     protected Task task;
 

diff --git a/module/src/main/java/com/trackray/module/inner/FingerScan.java b/module/src/main/java/com/trackray/module/inner/FingerScan.java
@@ -9,6 +9,7 @@
 import com.trackray.base.plugin.InnerPlugin;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.io.FileUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.javaweb.core.net.HttpResponse;
 import org.springframework.beans.factory.annotation.Value;
 
@@ -45,19 +46,20 @@ public FingerPrint start() {
             for (FingerBean bean : beans) {
                 try {
                     String url = target.concat(bean.getUrl());
+                    log.info(String.format("指纹名[%s] url[%s]" , finger.getName() , bean.getUrl()));
                     HttpResponse response = requests.url(url).get();
                     int statusCode = response.getStatusCode();
                     String content = response.body();
                     if (bean.isMatch()){
 
-                            if (    statusCode!=404
-                                    &&
-                                    (content.contains(bean.getMatch())
-                                            ||
-                                            content.matches(bean.getMatch())
-                                    )){
-                                return scaned(finger);
-                            }
+                        if (    statusCode!=404
+                                &&
+                                (content.contains(bean.getMatch())
+                                        ||
+                                        content.matches(bean.getMatch())
+                                )){
+                            return scaned(finger);
+                        }
 
                     }else{
 
@@ -99,4 +101,4 @@ private boolean matchMd5(HttpResponse req, String match) {
                 file.delete();
         }
     }
-}
+}
diff --git a/web/src/main/java/com/trackray/web/api/HtmlController.java b/web/src/main/java/com/trackray/web/api/HtmlController.java
@@ -71,9 +71,6 @@ public String api(){
     public String msf(){return "msf";}
 
 
-    @GetMapping("/scan")
-    public String scan(){return "scan";}
-
     @GetMapping("/login")
     public String login(){return "/manage/login";}