-
Notifications
You must be signed in to change notification settings - Fork 43
/
exports.go
131 lines (129 loc) · 3.35 KB
/
exports.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package suspect
import (
"fmt"
"github.com/yaklang/yaklang/common/log"
"github.com/yaklang/yaklang/common/netx"
"github.com/yaklang/yaklang/common/utils"
"github.com/yaklang/yaklang/common/utils/lowhttp"
"net/http"
"reflect"
)
var GuessExports = map[string]interface{}{
"IsAlpha": func(i interface{}) bool {
return utils.MatchAllOfRegexp(i, `[a-zA-Z]+`)
},
"IsDigit": func(i interface{}) bool {
return utils.MatchAllOfRegexp(i, `[0-9]+`)
},
"IsAlphaNum": func(i interface{}) bool {
return utils.MatchAllOfRegexp(i, `[a-zA-Z0-9]+`)
},
"IsAlNum": func(i interface{}) bool {
return utils.MatchAllOfRegexp(i, `[a-zA-Z0-9]+`)
},
"IsTLSServer": netx.IsTLSService,
"IsHttpURL": IsFullURL,
"IsUrlPath": IsURLPath,
"IsHtmlResponse": func(i interface{}) bool {
switch ret := i.(type) {
case string:
rsp, err := lowhttp.ParseBytesToHTTPResponse([]byte(ret))
if err != nil {
log.Error(err)
return false
}
return IsHTMLResponse(rsp)
case []byte:
rsp, err := lowhttp.ParseBytesToHTTPResponse(ret)
if err != nil {
log.Error(err)
return false
}
return IsHTMLResponse(rsp)
case *http.Response:
return IsHTMLResponse(ret)
default:
log.Errorf("need []byte/string/*http.Response but got %s", reflect.TypeOf(ret))
return false
}
},
"IsServerError": func(i interface{}) bool {
switch ret := i.(type) {
case string:
return HaveServerError([]byte(ret))
case []byte:
return HaveServerError(ret)
default:
return HaveServerError([]byte(fmt.Sprint(ret)))
}
},
"ExtractChineseIDCards": func(i interface{}) []string {
switch ret := i.(type) {
case string:
return SearchChineseIDCards([]byte(ret))
case []byte:
return SearchChineseIDCards(ret)
default:
return SearchChineseIDCards([]byte(fmt.Sprint(ret)))
}
},
"IsJsonResponse": func(i interface{}) bool {
switch ret := i.(type) {
case string:
rsp, err := lowhttp.ParseBytesToHTTPResponse([]byte(ret))
if err != nil {
log.Error(err)
return false
}
return IsJsonResponse(rsp)
case []byte:
rsp, err := lowhttp.ParseBytesToHTTPResponse(ret)
if err != nil {
log.Error(err)
return false
}
return IsJsonResponse(rsp)
case *http.Response:
return IsJsonResponse(ret)
default:
log.Errorf("need []byte/string/*http.Response but got %s", reflect.TypeOf(ret))
return false
}
},
"IsRedirectParam": BeUsedForRedirect,
"IsJSONPParam": IsJSONPParam,
"IsUrlParam": IsGenericURLParam,
"IsXmlParam": IsXMLParam,
"IsSensitiveJson": IsSensitiveJSON,
"IsSensitiveTokenField": IsTokenParam,
"IsPasswordField": IsPasswordKey,
"IsUsernameField": IsUsernameKey,
"IsSQLColumnField": IsSQLColumnName,
"IsCaptchaField": IsCaptchaKey,
"IsBase64Value": IsBase64,
"IsPlainBase64Value": IsBase64Password,
"IsMD5Value": IsMD5Data,
"IsSha256Value": IsSHA256Data,
"IsXmlRequest": func(i interface{}) bool {
switch ret := i.(type) {
case []byte:
return IsXMLRequest(ret)
case string:
return IsXMLRequest([]byte(ret))
case *http.Request:
raw, _ := utils.HttpDumpWithBody(i, true)
return IsXMLRequest(raw)
default:
return false
}
},
"IsXmlValue": func(i interface{}) bool {
switch ret := i.(type) {
case string:
return IsXMLString(ret)
case []byte:
return IsXMLBytes(ret)
}
return false
},
}