更新base

base/src/main/java/com/trackray/base/bean/Banner.java

@@ -1,18 +1,14 @@
 package com.trackray.base.bean;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
 import com.trackray.base.controller.DispatchController;
-import com.trackray.base.exploit.AbstractExploit;
+import com.trackray.base.plugin.AbstractPOC;
 import com.trackray.base.plugin.AbstractPlugin;
 import com.trackray.base.plugin.CrawlerPlugin;
-import com.trackray.base.utils.CheckUtils;
-import org.apache.commons.io.FileUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
-import org.springframework.web.context.WebApplicationContext;
 
 import java.io.File;
-import java.io.IOException;
 import java.util.Random;
 
 /**
@@ -24,19 +20,20 @@
 public class Banner {
 
     public static String template =
-            "       =[ trackray v3.0.0                                 ]\n" +
-            "+ -- --=[ %s exploits - %s auxiliary                  ]\n" +
+            "       =[ trackray v%s                                 ]\n" +
+            "+ -- --=[ %s poc      - %s auxiliary                  ]\n" +
             "+ -- --=[ %s plugin   - %s crawler                    ]\n";
 
     @Autowired
     private DispatchController dispatchController;
-
+    @Value("${trackray.version}")
+    private String version;
     public String generate(){
 
 
         int crawler = crawlerCount();
         int plugin = pluginCount()+jsonPluginCount();
-        int exploit = exploitCount();
+        int exploit = pocCount();
         int auxiliary = auxiliaryCount();
 
 
@@ -45,7 +42,7 @@ public String generate(){
         String e = toInt(exploit);
         String a = toInt(auxiliary);
 
-        String format = String.format(template, e, a, p, c);
+        String format = String.format(template,version, e, a, p, c);
         IMG[] imgs = IMG.values();
 
         int rand = new Random().nextInt(imgs.length);
@@ -57,7 +54,7 @@ public String generate(){
     }
 
     public int count(){
-        return auxiliaryCount()+crawlerCount()+exploitCount()+jsonPluginCount()+pluginCount();
+        return auxiliaryCount()+crawlerCount()+pocCount()+jsonPluginCount()+pluginCount();
     }
 
     public int auxiliaryCount() {
@@ -70,8 +67,8 @@ public int auxiliaryCount() {
         return auxiliary;
     }
 
-    public int exploitCount() {
-        return dispatchController.getAppContext().getBeansOfType(AbstractExploit.class).size();
+    public int pocCount() {
+        return dispatchController.getAppContext().getBeansOfType(AbstractPOC.class).size();
     }
 
     public int pluginCount() {
@@ -210,7 +207,7 @@ public enum IMG{
                 "                                                           ` ......;;;;... .  ."),
         $6(" ______________________________________________________________________________\n" +
                 " |                                                                              |\n" +
-                " |                   TRACKRAY   CYBER MISSILE COMMAND V3                        |\n" +
+                " |                   TRACKRAY   CYBER MISSILE COMMAND                           |\n" +
                 " |______________________________________________________________________________|\n" +
                 " \\                                  /                      /\n" +
                 " \\     .                          /                      /            x\n" +

base/src/main/java/com/trackray/base/controller/DispatchController.java

@@ -1,22 +1,16 @@
 package com.trackray.base.controller;
 
-import com.trackray.base.bean.Constant;
-import com.trackray.base.bean.ResultCode;
 import com.trackray.base.bean.Task;
-import com.trackray.base.exploit.AbstractExploit;
-import com.trackray.base.httpclient.CrawlerPage;
+import com.trackray.base.plugin.AbstractPOC;
 import com.trackray.base.plugin.AbstractPlugin;
-import com.trackray.base.utils.ReUtils;
 import com.trackray.base.utils.SysLog;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.context.ContextLoader;
 import org.springframework.web.context.WebApplicationContext;
 
 import java.util.HashMap;
 import java.util.Map;
 import java.util.concurrent.ExecutorService;
-import java.util.concurrent.ThreadPoolExecutor;
 
 /**
  * @author 浅蓝
@@ -35,7 +29,7 @@ public WebApplicationContext getAppContext(){
     @Deprecated
     public void attack(Task task, ExecutorService exec) {
         WebApplicationContext context = getAppContext();
-        Map<String, AbstractExploit> beans = context.getBeansOfType(AbstractExploit.class);
+        Map<String, AbstractPOC> beans = context.getBeansOfType(AbstractPOC.class);
         AbstractPlugin simpleVul = (AbstractPlugin) context.getBean("simpleVulRule");
         SysLog.info("开始漏洞检测");
 
@@ -44,8 +38,8 @@ public void attack(Task task, ExecutorService exec) {
             simpleVul.setParam(new HashMap<String,Object>(){{put("target",targeturl);put("task",task);}});
             exec.submit(simpleVul);
 
-            for (Map.Entry<String, AbstractExploit> entry : beans.entrySet()) {
-                AbstractExploit exp = entry.getValue();
+            for (Map.Entry<String, AbstractPOC> entry : beans.entrySet()) {
+                AbstractPOC exp = entry.getValue();
                 exp.setTask(task);
                 exp.setTarget(targeturl);
                 String bean = entry.getKey();

base/src/main/java/com/trackray/base/handle/Shell.java

@@ -28,6 +28,7 @@ public class Shell {
     private String target = "";
     private boolean enable = false;
     private List<String> commands = new ArrayList<>();
+    private File workdir;
     public Shell(){
     }
     public Shell(boolean enable){
@@ -42,6 +43,13 @@ public Shell target(String t){
         target = t;
         return this;
     }
+    public Shell workdir(String dir){
+        return workdir(new File(dir));
+    }
+    public Shell workdir(File dir){
+        workdir = dir;
+        return this;
+    }
     public void exec(String... c) throws IOException {
         Properties props = System.getProperties();
         String os = props.getProperty("os.name");
@@ -58,7 +66,19 @@ public void exec(String... c) throws IOException {
             base.addAll(Arrays.asList(c));
         String path = isWin ? System.getenv().get("Path") : System.getenv().get("PATH");
         String[] bases = base.toArray(new String[]{});
-        process = runtime.exec(bases,new String[]{(isWin?"Path=":"PATH=")+path});
+        process = runtime.exec(bases,new String[]{(isWin?"Path=":"PATH=")+path},workdir);
+    }
+
+    public void destroy(){
+        process.destroy();
+        if (isAlive())
+            destroyForcibly();
+    }
+    public void destroyForcibly(){
+        process.destroyForcibly();
+    }
+    public boolean isAlive(){
+        return process.isAlive();
     }
 
     public void echo(String s){

base/src/main/java/com/trackray/base/handle/SystemInit.java

@@ -4,14 +4,19 @@
 import com.trackray.base.attack.Payload;
 import com.trackray.base.bean.Banner;
 import com.trackray.base.bean.Constant;
+import com.trackray.base.utils.ExtractUtils;
 import com.trackray.base.utils.PropertyUtil;
 import com.trackray.base.utils.SysLog;
 import net.dongliu.requests.Requests;
 import org.apache.commons.io.FileUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.javaweb.core.net.HttpURLRequest;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 
 import java.io.File;
 import java.io.IOException;
+import java.net.MalformedURLException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@@ -46,21 +51,35 @@ public void run() {
     static{
         Properties props=System.getProperties();
         String os = props.getProperty("os.name");
+        //识别操作系统类型
         Constant.TRACKRAY_SYSTEMOS = (os.contains("indows") ? Constant.WINDOWS : Constant.LINUX);
-    }
-
-    private void check() {
-
-        String includePath = Constant.RESOURCES_PATH.concat("include");
-        Constant.RESOURCES_INCLUDE_PATH = includePath;
 
+        //配置系统常量
+        Constant.RESOURCES_INCLUDE_PATH = Constant.RESOURCES_PATH.concat("include");
         Constant.SYSTEM_ACCOUNT = PropertyUtil.getProperty("trackray.account");
         Constant.SYSTEM_PASSWORD= PropertyUtil.getProperty("trackray.password");
-
-
         Constant.CENSYS_APPID = PropertyUtil.getProperty("censys.appid");
         Constant.CENSYS_SECRET = PropertyUtil.getProperty("censys.secret");
-        Constant.SQLMAP_HOST = PropertyUtil.getProperty("sqlmap.root");
+        Constant.SQLMAP_HOST = PropertyUtil.getProperty("sqlmap.host");
+
+
+    }
+    @Value("${temp.dir}")
+    private String tempdir;
+
+    private  void createTempDirs() {
+        File file = new File(tempdir);
+        if (!file.exists()){
+            file.mkdirs();
+        }
+    }
+
+
+    private void check() {
+
+        //创建临时目录
+        createTempDirs();
+        String includePath = Constant.RESOURCES_INCLUDE_PATH;
 
         try {
             //加载字典

base/src/main/java/com/trackray/base/utils/CheckUtils.java

@@ -1,6 +1,8 @@
 package com.trackray.base.utils;
 
 
+import com.alibaba.fastjson.JSON;
+
 /**
  * @author 浅蓝
  * @email [email protected]
@@ -13,7 +15,11 @@ public static boolean isJson(String inputJsonStr){
         if(org.apache.commons.lang3.StringUtils.isBlank(inputJsonStr)){
             return false;
         }
-
+        try {
+            JSON.parse(inputJsonStr);
+        }catch (Exception e){
+            return false;
+        }
         return true;
 
     }

base/src/main/java/com/trackray/base/utils/IOUtils.java

@@ -50,7 +50,6 @@ public static String analysisStream(InputStream stream) throws IOException{
 			}
 		} catch (Exception e) {
 			// TODO Auto-generated catch block
-			e.printStackTrace();
 		}finally {
 			br.close();
 		}