Release for 1.0.2

README.md

@@ -6,7 +6,7 @@ pocassist是一个 Golang 编写的全新开源漏洞测试框架。
   - 只需要在前端编辑，即可生成poc对批量目标进行测试
   - 单二进制文件，无依赖，也无需安装
 - 性能优秀
-  - 支持高并发，通过使用 `ants`实例化协程池，复用 goroutine
+  - 支持高并发，多重并发控制，通过使用 `ants`实例化协程池，复用 goroutine
   - 多重内存复用，尽可能小的内存占用
 - 规则体系
   - 完全兼容xray，但又不仅仅是xray。除了支持定义目录级漏洞poc，还支持服务器级漏洞、参数级漏洞、url级漏洞以及对页面内容检测，如果以上还不满足你的需求，还支持加载自定义脚本。
@@ -54,7 +54,11 @@ http://127.0.0.1:1231
 
 ![规则详情](docs/pic/规则详情.jpg)
 
-单挑规则靶机测试
+支持一键导入xray规则
+
+![upload-yaml](docs/pic/yaml.gif)
+
+单条规则靶机测试
 
 ![单条规则靶机测试](docs/pic/单条规则靶机测试.png)
 

api/routers/v1/plugin/plugin.go

@@ -336,7 +336,32 @@ func UploadYaml(c *gin.Context) {
 		c.JSON(msg.ErrResp("yaml解析失败，请检查后重试"))
 		return
 	}
+	// todo slice to map
+	toMap := TempPoc{
+		Params: poc.Params,
+		Name:   poc.Name,
+		Set:    SliceToMap(poc.Set),
+		Rules:  poc.Rules,
+		Groups: poc.Groups,
+		Detail: rule.Detail{},
+	}
 	data := make(map[string]interface{})
-	data["json_poc"] = poc
+	data["json_poc"] = toMap
 	c.JSON(msg.SuccessResp(data))
 }
+
+type TempPoc struct {
+	Params	[]string	 	  `json:"params"`
+	Name   string             `json:"name"`
+	Set    map[string]string  `json:"set"`
+	Rules  []rule.Rule        `json:"rules"`
+	Groups  map[string][]rule.Rule `json:"groups"`
+	Detail rule.Detail             `json:"detail"`
+}
+func SliceToMap(slice yaml.MapSlice) map[string]string {
+	m := make(map[string]string)
+	for _,v := range slice{
+		m[v.Key.(string)] = v.Value.(string)
+	}
+	return m
+}

web/build/asset-manifest.json

@@ -1,21 +1,21 @@
 {
   "files": {
     "main.css": "./static/css/main.35003770.chunk.css",
-    "main.js": "./static/js/main.b2bc501d.chunk.js",
+    "main.js": "./static/js/main.c58b4be8.chunk.js",
     "runtime-main.js": "./static/js/runtime-main.89859971.js",
-    "static/css/2.73613fb9.chunk.css": "./static/css/2.73613fb9.chunk.css",
-    "static/js/2.a1b6713d.chunk.js": "./static/js/2.a1b6713d.chunk.js",
+    "static/css/2.b2faedfb.chunk.css": "./static/css/2.b2faedfb.chunk.css",
+    "static/js/2.b26af43a.chunk.js": "./static/js/2.b26af43a.chunk.js",
     "index.html": "./index.html",
-    "precache-manifest.679142cb1ac82c0ddfdbbfefe2daee1f.js": "./precache-manifest.679142cb1ac82c0ddfdbbfefe2daee1f.js",
+    "precache-manifest.883d9a3cd99a61f6112882ff7a343fde.js": "./precache-manifest.883d9a3cd99a61f6112882ff7a343fde.js",
     "service-worker.js": "./service-worker.js",
-    "static/js/2.a1b6713d.chunk.js.LICENSE.txt": "./static/js/2.a1b6713d.chunk.js.LICENSE.txt",
+    "static/js/2.b26af43a.chunk.js.LICENSE.txt": "./static/js/2.b26af43a.chunk.js.LICENSE.txt",
     "static/media/index.less": "./static/media/bg.4bb50474.png"
   },
   "entrypoints": [
     "static/js/runtime-main.89859971.js",
-    "static/css/2.73613fb9.chunk.css",
-    "static/js/2.a1b6713d.chunk.js",
+    "static/css/2.b2faedfb.chunk.css",
+    "static/js/2.b26af43a.chunk.js",
     "static/css/main.35003770.chunk.css",
-    "static/js/main.b2bc501d.chunk.js"
+    "static/js/main.c58b4be8.chunk.js"
   ]
 }

web/build/index.html

@@ -1 +1 @@
-<!doctype html><html lang="en"><head><meta charset="utf-8"/><link href="./favicon.ico" type="image/vnd.microsoft.icon" rel="icon"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Web site created using create-react-app"/><link rel="apple-touch-icon" href="./logo192.png"/><link rel="manifest" href="./manifest.json"/><title>pocassist</title><link href="./static/css/2.73613fb9.chunk.css" rel="stylesheet"><link href="./static/css/main.35003770.chunk.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script>!function(e){function t(t){for(var n,i,l=t[0],a=t[1],p=t[2],c=0,s=[];c<l.length;c++)i=l[c],Object.prototype.hasOwnProperty.call(o,i)&&o[i]&&s.push(o[i][0]),o[i]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(f&&f(t);s.length;)s.shift()();return u.push.apply(u,p||[]),r()}function r(){for(var e,t=0;t<u.length;t++){for(var r=u[t],n=!0,l=1;l<r.length;l++){var a=r[l];0!==o[a]&&(n=!1)}n&&(u.splice(t--,1),e=i(i.s=r[0]))}return e}var n={},o={1:0},u=[];function i(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,i),r.l=!0,r.exports}i.m=e,i.c=n,i.d=function(e,t,r){i.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},i.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.t=function(e,t){if(1&t&&(e=i(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(i.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var n in e)i.d(r,n,function(t){return e[t]}.bind(null,n));return r},i.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return i.d(t,"a",t),t},i.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},i.p="./";var l=this.webpackJsonppocassist=this.webpackJsonppocassist||[],a=l.push.bind(l);l.push=t,l=l.slice();for(var p=0;p<l.length;p++)t(l[p]);var f=a;r()}([])</script><script src="./static/js/2.a1b6713d.chunk.js"></script><script src="./static/js/main.b2bc501d.chunk.js"></script></body></html>
+<!doctype html><html lang="en"><head><meta charset="utf-8"/><link href="./favicon.ico" type="image/vnd.microsoft.icon" rel="icon"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><meta name="description" content="Web site created using create-react-app"/><link rel="apple-touch-icon" href="./logo192.png"/><link rel="manifest" href="./manifest.json"/><title>pocassist</title><link href="./static/css/2.b2faedfb.chunk.css" rel="stylesheet"><link href="./static/css/main.35003770.chunk.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><script>!function(e){function t(t){for(var n,i,l=t[0],a=t[1],p=t[2],c=0,s=[];c<l.length;c++)i=l[c],Object.prototype.hasOwnProperty.call(o,i)&&o[i]&&s.push(o[i][0]),o[i]=0;for(n in a)Object.prototype.hasOwnProperty.call(a,n)&&(e[n]=a[n]);for(f&&f(t);s.length;)s.shift()();return u.push.apply(u,p||[]),r()}function r(){for(var e,t=0;t<u.length;t++){for(var r=u[t],n=!0,l=1;l<r.length;l++){var a=r[l];0!==o[a]&&(n=!1)}n&&(u.splice(t--,1),e=i(i.s=r[0]))}return e}var n={},o={1:0},u=[];function i(t){if(n[t])return n[t].exports;var r=n[t]={i:t,l:!1,exports:{}};return e[t].call(r.exports,r,r.exports,i),r.l=!0,r.exports}i.m=e,i.c=n,i.d=function(e,t,r){i.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},i.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.t=function(e,t){if(1&t&&(e=i(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(i.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var n in e)i.d(r,n,function(t){return e[t]}.bind(null,n));return r},i.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return i.d(t,"a",t),t},i.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},i.p="./";var l=this.webpackJsonppocassist=this.webpackJsonppocassist||[],a=l.push.bind(l);l.push=t,l=l.slice();for(var p=0;p<l.length;p++)t(l[p]);var f=a;r()}([])</script><script src="./static/js/2.b26af43a.chunk.js"></script><script src="./static/js/main.c58b4be8.chunk.js"></script></body></html>

web/build/precache-manifest.883d9a3cd99a61f6112882ff7a343fde.js

@@ -0,0 +1,34 @@
+self.__precacheManifest = (self.__precacheManifest || []).concat([
+  {
+    "revision": "6d15ac087beeebcd468bad853bbac55a",
+    "url": "./index.html"
+  },
+  {
+    "revision": "f248f5fc6b593ce43a03",
+    "url": "./static/css/2.b2faedfb.chunk.css"
+  },
+  {
+    "revision": "590c24dd7761b2c73dd3",
+    "url": "./static/css/main.35003770.chunk.css"
+  },
+  {
+    "revision": "f248f5fc6b593ce43a03",
+    "url": "./static/js/2.b26af43a.chunk.js"
+  },
+  {
+    "revision": "f939a536534352f6719cf38938937649",
+    "url": "./static/js/2.b26af43a.chunk.js.LICENSE.txt"
+  },
+  {
+    "revision": "590c24dd7761b2c73dd3",
+    "url": "./static/js/main.c58b4be8.chunk.js"
+  },
+  {
+    "revision": "c1a49771a11c3ad0c2a2",
+    "url": "./static/js/runtime-main.89859971.js"
+  },
+  {
+    "revision": "4bb50474d62864be19b9fb453dd19956",
+    "url": "./static/media/bg.4bb50474.png"
+  }
+]);

web/build/service-worker.js

@@ -14,7 +14,7 @@
 importScripts("https://storage.googleapis.com/workbox-cdn/releases/4.3.1/workbox-sw.js");
 
 importScripts(
-  "./precache-manifest.679142cb1ac82c0ddfdbbfefe2daee1f.js"
+  "./precache-manifest.883d9a3cd99a61f6112882ff7a343fde.js"
 );
 
 self.addEventListener('message', (event) => {

web/build/static/js/2.b26af43a.chunk.js.LICENSE.txt

@@ -0,0 +1,65 @@
+/*
+object-assign
+(c) Sindre Sorhus
+@license MIT
+*/
+
+/*!
+  Copyright (c) 2017 Jed Watson.
+  Licensed under the MIT License (MIT), see
+  http://jedwatson.github.io/classnames
+*/
+
+/*!
+ * UAParser.js v0.7.21
+ * Lightweight JavaScript-based User-Agent string parser
+ * https://github.com/faisalman/ua-parser-js
+ *
+ * Copyright © 2012-2019 Faisal Salman <[email protected]>
+ * Licensed under MIT License
+ */
+
+/** @license React v0.19.1
+ * scheduler.production.min.js
+ *
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+
+/** @license React v16.13.1
+ * react-dom-server.browser.production.min.js
+ *
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+
+/** @license React v16.13.1
+ * react-dom.production.min.js
+ *
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+
+/** @license React v16.13.1
+ * react-is.production.min.js
+ *
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */
+
+/** @license React v16.13.1
+ * react.production.min.js
+ *
+ * Copyright (c) Facebook, Inc. and its affiliates.
+ *
+ * This source code is licensed under the MIT license found in the
+ * LICENSE file in the root directory of this source tree.
+ */