diff --git a/Plugins/ms17010-exp.go b/Plugins/ms17010-exp.go index 3803d2e6..ca939ec4 100644 --- a/Plugins/ms17010-exp.go +++ b/Plugins/ms17010-exp.go @@ -171,11 +171,6 @@ func exploit(address string, grooms int, payload []byte) error { func makeKernelUserPayload(sc []byte) []byte { // test DoublePulsar - // sc, err := ioutil.ReadFile("sc.bin") - // if err != nil { - // panic(err) - // } - // return sc buf := bytes.Buffer{} buf.Write(loader[:]) // write sc size diff --git a/Plugins/scanner.go b/Plugins/scanner.go index 8cd7fc19..01c7cbf3 100644 --- a/Plugins/scanner.go +++ b/Plugins/scanner.go @@ -72,16 +72,10 @@ func Scan(info common.HostInfo) { } } } - if common.URL != "" { - info.Url = common.URL + for _, url := range common.Urls { + info.Url = url AddScan("1000003", info, ch, &wg) } - if len(common.Urls) > 0 { - for _, url := range common.Urls { - info.Url = url - AddScan("1000003", info, ch, &wg) - } - } wg.Wait() common.LogWG.Wait() close(common.Results) diff --git a/WebScan/lib/check.go b/WebScan/lib/check.go index 3bf4ebef..52b82e7a 100644 --- a/WebScan/lib/check.go +++ b/WebScan/lib/check.go @@ -132,7 +132,6 @@ func executePoc(oReq *http.Request, p *Poc) (bool, error, string) { //fmt.Println("[-] newRequest error: ",err) return false, err } - newRequest.URL.Path = req.Url.Path newRequest.Header = oReq.Header.Clone() for k, v := range Headers { newRequest.Header.Set(k, v) diff --git a/WebScan/lib/eval.go b/WebScan/lib/eval.go index d7f6c3dc..867e62e6 100644 --- a/WebScan/lib/eval.go +++ b/WebScan/lib/eval.go @@ -605,7 +605,7 @@ func DoRequest(req *http.Request, redirect bool) (*Response, error) { defer oResp.Body.Close() resp, err := ParseResponse(oResp) if err != nil { - fmt.Println("[-]ParseResponse error: ", err) + common.LogError("[-]ParseResponse error: " + err.Error()) return nil, err } return resp, err diff --git a/common/Parse.go b/common/Parse.go index 6cd26353..5b554f8e 100644 --- a/common/Parse.go +++ b/common/Parse.go @@ -66,6 +66,18 @@ func ParsePass(Info *HostInfo) { Passwords = PwdList } } + if URL != "" { + urls := strings.Split(URL, ",") + TmpUrls := make(map[string]struct{}) + for _, url := range urls { + if _, ok := TmpUrls[url]; !ok { + TmpUrls[url] = struct{}{} + if url != "" { + Urls = append(Urls, url) + } + } + } + } if UrlFile != "" { urls, err := Readfile(UrlFile) if err == nil { diff --git a/common/config.go b/common/config.go index 233db358..9be724fe 100644 --- a/common/config.go +++ b/common/config.go @@ -1,6 +1,6 @@ package common -var version = "1.8.0" +var version = "1.8.1" var Userdict = map[string][]string{ "ftp": {"ftp", "admin", "www", "web", "root", "db", "wwwroot", "data"}, "mysql": {"root", "mysql"}, diff --git a/common/flag.go b/common/flag.go index 4923614f..a2bb63fb 100644 --- a/common/flag.go +++ b/common/flag.go @@ -4,6 +4,16 @@ import ( "flag" ) +func init() { + go func() { + for { + runtime.GC() + debug.FreeOSMemory() + time.Sleep(10 * time.Second) + } + }() +} + func Banner() { banner := ` ___ _