feat: add homebrew installation

.github/workflows/release.yaml

@@ -5,7 +5,7 @@ on:
     tags:
       - 'v*'
 env:
-  GO_VERSION: 1.18
+  GO_VERSION: 1.19
 
 jobs:
   goreleaser:

.goreleaser.yaml

@@ -17,6 +17,7 @@ builds:
       - arm64
 archives:
   - name_template: "{{ .ProjectName }}_{{ .Tag }}_{{ .Os }}_{{ .Arch }}"
+    id: homebrew
     format_overrides:
       - goos: windows
         format: zip
@@ -31,4 +32,19 @@ changelog:
       - "^docs:"
       - "^doc:"
       - "^ci:"
-      - "^Merge pull request"
+      - "^Merge pull request"
+brews:
+  - ids:
+      - homebrew
+    name: cf
+    tap:
+      owner: teamssix
+      name: homebrew-tap
+      branch: main
+    folder: Formula
+    url_template: "https://github.com/teamssix/cf/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
+    homepage: "https://wiki.teamssix.com/cf"
+    description: "CF is a cloud exploitation framework, It can facilitate the work of the red team after obtaining access key."
+    skip_upload: auto
+    install: |-
+      bin.install "cf"

CHANGELOG.md

@@ -1,3 +1,30 @@
+## [v0.5.0](https://github.com/teamssix/cf/releases/tag/v0.5.0) 2023.7.1
+
+### 新增功能
+
+* [#227](https://github.com/teamssix/cf/pull/227) 新增阿里云用户数据后门功能
+* [#228](https://github.com/teamssix/cf/pull/228) 新增阿里云镜像共享功能
+* [#231](https://github.com/teamssix/cf/pull/231) 新增阿里云接管控制台时自动创建 AK 功能
+* [#235](https://github.com/teamssix/cf/pull/235) 新增阿里云 RDS 列出详细信息功能
+* [#235](https://github.com/teamssix/cf/pull/235) 新增阿里云 RDS 添加账号功能
+* [#235](https://github.com/teamssix/cf/pull/235) 新增阿里云 RDS 创建公网访问地址的功能
+* [#235](https://github.com/teamssix/cf/pull/235) 新增阿里云 RDS 添加白名单的功能
+* [#238](https://github.com/teamssix/cf/pull/238) [#239](https://github.com/teamssix/cf/pull/239) 新增查询 AK 所属云厂商功能 
+* [#250](https://github.com/teamssix/cf/pull/250) 新增支持 brew 安装
+
+### 功能优化
+
+* [#243](https://github.com/teamssix/cf/pull/243) 优化配置功能，现在能自动识别配置是否处于可用状态
+* [#245](https://github.com/teamssix/cf/pull/245) 优化实例公网 IP 展示，不存在时会展示为空
+* [#246](https://github.com/teamssix/cf/pull/246) 优化 OSS 下载功能，现在默认会下载所有文件
+* [#248](https://github.com/teamssix/cf/pull/248) 优化更新处理逻辑
+* [#249](https://github.com/teamssix/cf/pull/249) 优化华为云 OBS 列出功能
+
+### Bug 修复
+
+* [#244](https://github.com/teamssix/cf/pull/244) 修复批量执行命令时，没有安装云助手导致批量执行中断的 Bug
+* [#247](https://github.com/teamssix/cf/pull/247) 修复 OSS 下载文件无法自动创建目录的 Bug
+
 ## [v0.4.5](https://github.com/teamssix/cf/releases/tag/v0.4.5) 2023.4.29
 
 ### 新增功能

README.md

@@ -17,14 +17,12 @@
 
 CF 是一个云环境利用框架，适用于在红队场景中对云上内网进行横向、SRC 场景中对 Access Key 即访问凭证的影响程度进行判定、企业场景中对自己的云上资产进行自检等等。
 
-CF 下载地址：[github.com/teamssix/cf/releases](https://github.com/teamssix/cf/releases)
-
 <details> <summary>CF 命令使用大全</summary><br>
 
-![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202304291915242.png)
-    
+![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202307010038925.png)
+
 </details>
-    
+
 当前已支持的云：
 
 - [x] 阿里云
@@ -40,6 +38,15 @@ CF 下载地址：[github.com/teamssix/cf/releases](https://github.com/teamssix/
 
 ## 安装
 
+### HomeBrew 安装
+
+```bash
+brew tap teamssix/tap
+brew install teamssix/tap/cf
+```
+
+### 下载二进制包
+
 直接在 CF 下载地址：[github.com/teamssix/cf/releases](https://github.com/teamssix/cf/releases) 中下载系统对应的压缩文件，解压后在命令行中运行即可。
 
 <details> <summary>目前支持的系统</summary><br>
@@ -137,6 +144,14 @@ cf alibaba oss obj get
 
 ![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202209071737414.png)
 
+一键创建 RDS 账号
+
+```bash
+cf alibaba rds account
+```
+
+![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202307010033313.png)
+
 一键升级 CF 版本
 
 ```bash

README_EN.md

@@ -15,9 +15,12 @@
 
 CF is a cloud exploitation framework, It can facilitate the work of the red team after obtaining access key.
 
-CF releases: [github.com/teamssix/cf/releases](https://github.com/teamssix/cf/releases)
+<details> <summary>Comprehensive Guide to CF Commands</summary><br>
+
+![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202307010037966.png)
+
+</details>
 
-![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202304291924886.png)
 
 Current Supported Clouds:
 
@@ -36,6 +39,15 @@ For detailed manuals, please visit: [wiki.teamssix.com/cf](https://wiki.teamssix
 
 ## Install
 
+### Install using Homebrew
+
+```bash
+brew tap teamssix/tap
+brew install teamssix/tap/cf
+```
+
+### Download source file
+
 Download the compressed files corresponding to the system in the CF download url: [github.com/teamssix/cf/releases](https://github.com/teamssix/cf/releases), decompressing it and run it in the command line.
 
 <details> <summary>The following systems are currently supported</summary><br>
@@ -57,9 +69,11 @@ Download the compressed files corresponding to the system in the CF download url
 
 |               Title                | Version |                                       Article URL                                       |  Author  | Release Time |
 | :--------------------------------: | :-----: | :-------------------------------------------------------------------------------------: | :------: | :----------: |
-|    《一次简单的"云"上野战记录》    | v0.4.2  | [https://mp.weixin.qq.com/s/wi8C...](https://mp.weixin.qq.com/s/wi8CoNwdpfJa6eMP4t1PCQ) | carrypan |  2022.10.19  |
-| 《记录一次平平无奇的云上攻防过程》 | v0.4.0  |            [https://zone.huoxian.cn/d/2557](https://zone.huoxian.cn/d/2557)             | TeamsSix |  2022.9.14   |
-|   《我用 CF 打穿了他的云上内网》   | v0.2.4  |         [https://zone.huoxian.cn/d/1341-cf](https://zone.huoxian.cn/d/1341-cf)          | TeamsSix |  2022.7.13   |
+|    《CF 云环境利用框架最佳实践》    |      v0.4.5      | [wiki.teamssix.com/cf/cases/cf_best_practices](https://wiki.teamssix.com/cf/cases/cf_best_practices.html) | TeamsSix | 2023.6.4 |
+|    《记一次打穿云上内网的攻防实战》    |      v0.4.5      | [zone.huoxian.cn/d/2766](https://zone.huoxian.cn/d/2766) | Walker 沃克 | 2023.5.21 |
+|    《一次简单的"云"上野战记录》    |      v0.4.2      | [mp.weixin.qq.com/s/wi8CoNwdpfJa6eMP4t1PCQ](https://mp.weixin.qq.com/s/wi8CoNwdpfJa6eMP4t1PCQ) | carrypan | 2022.10.19 |
+| 《记录一次平平无奇的云上攻防过程》 |      v0.4.0      | [zone.huoxian.cn/d/2557](https://zone.huoxian.cn/d/2557) | TeamsSix | 2022.9.14  |
+|   《我用 CF 打穿了他的云上内网》   |      v0.2.4      | [zone.huoxian.cn/d/1341-cf](https://zone.huoxian.cn/d/1341-cf) | TeamsSix | 2022.7.13  |
 
 ## Easy to start
 
@@ -131,6 +145,14 @@ cf alibaba oss obj get
 
 ![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202209071737414.png)
 
+One-click creation of RDS account
+
+```bash
+cf alibaba rds account
+```
+
+![](https://cdn.jsdelivr.net/gh/teamssix/BlogImages/imgs/202307010033313.png)
+
 One-Click Upgrade CF Version
 
 ```bash

cmd/alibaba/ecs.go

@@ -73,7 +73,7 @@ func init() {
 	ecsExecCmd.Flags().StringVarP(&ecsExecRegion, "region", "r", "all", "指定区域 ID (Specify region ID)")
 
 	// ecs imageShare
-	ecsImageShareCmd.Flags().StringVarP(&accountId, "accountId", "a", "", "指定镜像共享的阿里云帐号 ID (Specify the Alibaba Cloud account ID to share the image with)")
+	ecsImageShareCmd.Flags().StringVarP(&accountId, "accountId", "a", "", "指定镜像共享的阿里云账号 ID (Specify the Alibaba Cloud account ID to share the image with)")
 	ecsImageShareCmd.Flags().StringVarP(&ecsImageShareRegion, "region", "r", "all", "指定区域 ID (Specify region ID)")
 	ecsImageShareCmd.Flags().StringVarP(&ecsImageShareSpecifiedInstanceId, "InstanceId", "i", "all", "指定实例 ID (Specify Instance ID)")
 	ecsImageShareCmd.MarkFlagRequired("accountId")
@@ -116,15 +116,15 @@ var ecsExecCmd = &cobra.Command{
 
 var ecsImageShareCmd = &cobra.Command{
 	Use:   "imageShare",
-	Short: "共享实例镜像 (Share instance image.)",
-	Long:  "共享实例镜像 (Share instance image.)",
+	Short: "共享实例镜像 (Share instance image)",
+	Long:  "共享实例镜像 (Share instance image)",
 	Run: func(cmd *cobra.Command, args []string) {
 		if ecsImageShareRegion != "all" && ecsImageShareSpecifiedInstanceId == "all" {
 			log.Warnln("未指定实例 ID (Instance ID not specified.)")
 		} else if ecsImageShareRegion == "all" && ecsImageShareSpecifiedInstanceId != "all" {
 			log.Warnln("未指定区域 (Region not specified.)")
 		} else if len(accountId) != 16 {
-			log.Warnln("帐号 ID 输入有误，请确认后再进行尝试 (Incorrect account ID input. Please verify it and try again.)")
+			log.Warnln("账号 ID 输入有误，请确认后再进行尝试 (Incorrect account ID input. Please verify it and try again.)")
 		} else {
 			var isSure bool
 			fmt.Println()
@@ -152,17 +152,17 @@ var ecsImageShareCmd = &cobra.Command{
 
 var ecsImageShareCmdLs = &cobra.Command{
 	Use:   "ls",
-	Short: "列出共享实例镜像信息 (Listing shared instance image information.)",
-	Long:  "列出共享实例镜像信息 (Listing shared instance image information.)",
+	Short: "列出共享实例镜像信息 (Listing shared instance image information)",
+	Long:  "列出共享实例镜像信息 (Listing shared instance image information)",
 	Run: func(cmd *cobra.Command, args []string) {
 		aliecs2.GetImageShare()
 	},
 }
 
 var ecsImageShareCmdCancel = &cobra.Command{
 	Use:   "cancel",
-	Short: "取消共享并删除所创建的镜像与快照 (Canceling the sharing and deleting the created image and snapshot.)",
-	Long:  "取消共享并删除所创建的镜像与快照 (Canceling the sharing and deleting the created image and snapshot.)",
+	Short: "取消共享并删除所创建的镜像与快照 (Canceling the sharing and deleting the created image and snapshot)",
+	Long:  "取消共享并删除所创建的镜像与快照 (Canceling the sharing and deleting the created image and snapshot)",
 	Run: func(cmd *cobra.Command, args []string) {
 		aliecs2.ImageDelete()
 	},

cmd/alibaba/rds.go

@@ -79,26 +79,26 @@ var rdsLsCmd = &cobra.Command{
 // RDS Account 相关操作
 var rdsAccountCmd = &cobra.Command{
 	Use:   "account",
-	Short: "添加云数据库帐号 (Add RDS account)",
-	Long:  "添加云数据库帐号 (Add RDS account)",
+	Short: "添加云数据库账号 (Add RDS account)",
+	Long:  "添加云数据库账号 (Add RDS account)",
 	Run: func(cmd *cobra.Command, args []string) {
 		alirds.AddRdsAccount(rdsAccountSpecifiedDBInstanceId, rdsAccountUserName)
 	},
 }
 
 var rdsAccountLsCmd = &cobra.Command{
 	Use:   "ls",
-	Short: "列出添加过的云数据库帐号 (Listing the added RDS accounts)",
-	Long:  "列出添加过的云数据库帐号 (Listing the added RDS accounts)",
+	Short: "列出添加过的云数据库账号 (Listing the added RDS accounts)",
+	Long:  "列出添加过的云数据库账号 (Listing the added RDS accounts)",
 	Run: func(cmd *cobra.Command, args []string) {
 		alirds.LsRdsAccount()
 	},
 }
 
 var rdsAccountDelCmd = &cobra.Command{
 	Use:   "del",
-	Short: "删除所添加的云数据库帐号 (Deleting the added RDS account)",
-	Long:  "删除所添加的云数据库帐号 (Deleting the added RDS account)",
+	Short: "删除所添加的云数据库账号 (Deleting the added RDS account)",
+	Long:  "删除所添加的云数据库账号 (Deleting the added RDS account)",
 	Run: func(cmd *cobra.Command, args []string) {
 		alirds.DelRdsAccount()
 	},

pkg/cloud/alibaba/aliecs/ecsImageShare.go

@@ -133,7 +133,7 @@ func GetImageShare() {
 	if len(data) == 0 {
 		log.Infoln("未找到任何信息 (No information found.)")
 	} else {
-		header = []string{"序号 (SN)", "实例 ID (Instance ID)", "镜像 ID (Image Name)", "共享帐号 ID (Share Account ID)", "状态 (Status)", "区域 ID (Region ID)", "时间 (Time)"}
+		header = []string{"序号 (SN)", "实例 ID (Instance ID)", "镜像 ID (Image Name)", "共享账号 ID (Share Account ID)", "状态 (Status)", "区域 ID (Region ID)", "时间 (Time)"}
 		var td = cloud.TableData{Header: header, Body: data}
 		cloud.PrintTable(td, "")
 	}
@@ -183,7 +183,7 @@ func ImageDelete() {
 		}
 	}
 
-	log.Debugln(fmt.Sprintf("已选择实例 ID 为 %s，镜像 ID 为 %s，共享帐号为 %s，区域为 %s (Instance ID selected: %s, Image ID: %s, Shared account: %s, Region: %s.)", specifiedInstanceId, ImageId, aliyunAccount, region))
+	log.Debugln(fmt.Sprintf("已选择实例 ID 为 %s，镜像 ID 为 %s，共享账号为 %s，区域为 %s (Instance ID selected: %s, Image ID: %s, Shared account: %s, Region: %s.)", specifiedInstanceId, ImageId, aliyunAccount, region))
 
 	var isSure bool
 	prompt := &survey.Confirm{

pkg/cloud/alibaba/alirds/RdsPublic.go

@@ -175,7 +175,7 @@ func RdsPublicCancel() {
 		}
 		sort.Strings(selectRdsIDList)
 		prompt := &survey.Select{
-			Message: "选择一个帐号 (Choose a RDS instance): ",
+			Message: "选择一个账号 (Choose a RDS instance): ",
 			Options: selectRdsIDList,
 		}
 		survey.AskOne(prompt, &selectRdsID)

pkg/cloud/alibaba/alirds/rdsAccount.go

@@ -137,7 +137,7 @@ func AddRdsAccount(DBInstanceId string, userName string) {
 				request.AccountPrivilege = "ReadWrite"
 			}
 
-			for _, v := range DBNames { // 为此帐号对实例下所有数据库授予最高权限
+			for _, v := range DBNames { // 为此账号对实例下所有数据库授予最高权限
 				request.DBName = v
 				RDSClient(region).GrantAccountPrivilege(request)
 			}
@@ -191,7 +191,7 @@ func DelRdsAccount() {
 	RDSAccountsCache = database.SelectRDSAccountCache("alibaba")
 
 	if len(RDSAccountsCache) == 0 {
-		log.Infoln("未创建过帐号，无需删除 (No create of the account, no need to delete)")
+		log.Infoln("未创建过账号，无需删除 (No create of the account, no need to delete)")
 		return
 	} else if len(RDSAccountsCache) == 1 {
 		DBInstanceId = RDSAccountsCache[0].DBInstanceId
@@ -209,7 +209,7 @@ func DelRdsAccount() {
 		}
 		sort.Strings(selectRdsIDList)
 		prompt := &survey.Select{
-			Message: "选择一个帐号 (Choose a RDS instance): ",
+			Message: "选择一个账号 (Choose a RDS instance): ",
 			Options: selectRdsIDList,
 		}
 		survey.AskOne(prompt, &selectRdsID)

pkg/cloud/alibaba/alirds/rdsLs.go

@@ -202,7 +202,7 @@ func PrintDBInstancesList(region string, running bool, specifiedDBInstanceId str
 				fmt.Println(v.SecurityIPList + "\n")
 			}
 
-			color.Tag("warn").Println("帐号信息 (Accounts information)")
+			color.Tag("warn").Println("账号信息 (Accounts information)")
 			RDSAccountInfo := GetAccountInfo(v.RegionId, v.DBInstanceId)
 			if len(RDSAccountInfo) > 0 {
 				for _, v := range RDSAccountInfo {
@@ -242,13 +242,13 @@ func PrintDBInstancesList(region string, running bool, specifiedDBInstanceId str
 					fmt.Println(v.DBStatus)
 					color.Tag("info").Print("描述 (Description): ")
 					fmt.Println(v.DBDescription)
-					color.Tag("info").Println("帐号 (Account): ")
+					color.Tag("info").Println("账号 (Account): ")
 					for _, v2 := range v.Accounts.AccountPrivilegeInfo {
-						color.Tag("info").Print("    帐号名 (Account Name): ")
+						color.Tag("info").Print("    账号名 (Account Name): ")
 						fmt.Println(v2.Account)
-						color.Tag("info").Print("    帐号权限 (Account Privilege): ")
+						color.Tag("info").Print("    账号权限 (Account Privilege): ")
 						fmt.Println(v2.AccountPrivilege)
-						color.Tag("info").Print("    帐号权限细节 (Account Privilege Detail): ")
+						color.Tag("info").Print("    账号权限细节 (Account Privilege Detail): ")
 						if v2.AccountPrivilegeDetail == "" {
 							fmt.Println("N/A")
 						} else {

pkg/cloud/alibaba/alirds/rdsWhiteList.go

@@ -176,7 +176,7 @@ func RdsWhiteListDel() {
 		}
 		sort.Strings(selectRdsIDList)
 		prompt := &survey.Select{
-			Message: "选择一个帐号 (Choose a RDS instance): ",
+			Message: "选择一个账号 (Choose a RDS instance): ",
 			Options: selectRdsIDList,
 		}
 		survey.AskOne(prompt, &selectRdsID)

pkg/util/global/const.go

@@ -2,6 +2,6 @@ package global
 
 const (
 	AppDirName = ".config/cf"
-	Version    = "v0.4.5"
-	UpdateTime = "2023.4.29"
+	Version    = "v0.5.0"
+	UpdateTime = "2023.7.1"
 )