diff --git a/brute/bypass403.go b/brute/bypass403.go index 3779ba3b2..442183b6d 100644 --- a/brute/bypass403.go +++ b/brute/bypass403.go @@ -125,6 +125,7 @@ BreakAll: break BreakAll } } + time.Sleep(33 * time.Second) } return aR } diff --git a/brute/filefuzz.go b/brute/filefuzz.go index 26f8be1e9..d4cba498f 100644 --- a/brute/filefuzz.go +++ b/brute/filefuzz.go @@ -289,6 +289,7 @@ func FileFuzz(u string, indexStatusCode int, indexContentLength int, indexbody s return } default: + time.Sleep(33 * time.Second) // <-time.After(time.Duration(100) * time.Millisecond) } } diff --git a/engine/engineImp.go b/engine/engineImp.go index f9d8fbe42..5ca9328c0 100644 --- a/engine/engineImp.go +++ b/engine/engineImp.go @@ -11,6 +11,7 @@ import ( "os" "os/signal" "sync" + "time" ) // 引擎对象,全局单实例 @@ -144,6 +145,7 @@ func (x1 *Engine) Running() { } default: util.DoDelayClear(x1.Wg) // panic: sync: WaitGroup misuse: Add called concurrently with Wait + time.Sleep(33 * time.Second) //util.DoSleep() } } diff --git a/pkg/hydra/dicts/mysql_user.txt b/pkg/hydra/dicts/mysql_user.txt index 93ca1422a..9e6aab15d 100644 --- a/pkg/hydra/dicts/mysql_user.txt +++ b/pkg/hydra/dicts/mysql_user.txt @@ -1 +1,4 @@ -root \ No newline at end of file +root +admin +test +dbuser \ No newline at end of file diff --git a/pkg/naabu/v2/pkg/scan/scan.go b/pkg/naabu/v2/pkg/scan/scan.go index 310cb8770..41a2bcf7b 100644 --- a/pkg/naabu/v2/pkg/scan/scan.go +++ b/pkg/naabu/v2/pkg/scan/scan.go @@ -257,6 +257,7 @@ func (s *Scanner) ICMPReadWorker() { case ipv4.ICMPTypeEchoReply, ipv4.ICMPTypeTimestamp: s.icmpChan <- &PkgResult{ip: addr.String()} } + time.Sleep(33 * time.Second) } } diff --git a/pkg/portScan/masscan.go b/pkg/portScan/masscan.go index 6f996442e..4ec3a76dd 100644 --- a/pkg/portScan/masscan.go +++ b/pkg/portScan/masscan.go @@ -9,6 +9,7 @@ import ( "io" "log" "os/exec" + "time" ) type PortsStr string @@ -123,6 +124,7 @@ func (m *Masscan) ParseLine(s string) ([]models.Host, error) { hosts = append(hosts, host) } default: + time.Sleep(33 * time.Second) } } return hosts, nil diff --git a/pocs_go/go_poc_check.go b/pocs_go/go_poc_check.go index 49afbe2b3..a26f924b1 100644 --- a/pocs_go/go_poc_check.go +++ b/pocs_go/go_poc_check.go @@ -246,7 +246,7 @@ func POCcheck(wappalyzertechnologies []string, URL string, finalURL string, chec case "loginpage", "登陆页面", "AdminLoginPage": username, password, loginurl := brute.Admin_brute(finalURL) if loginurl != "" { - technologies = append(technologies, fmt.Sprintf("brute-admin|%s:%s", username, password)) + technologies = append(technologies, fmt.Sprintf("brute-admin|%s:%s %s", username, password, loginurl)) } case "sunlogin": if sunlogin.SunloginRCE(URL) { diff --git a/test/test1/testPswd.go b/test/test1/testPswd.go index 00b2b0f58..386e20505 100644 --- a/test/test1/testPswd.go +++ b/test/test1/testPswd.go @@ -1,13 +1,16 @@ package main -import "log" +import ( + "log" + "time" +) +// //"github.com/hktalent/scan4all/pkg/hydra" +// import ( // -////"github.com/hktalent/scan4all/pkg/hydra" -//import ( // "github.com/hktalent/scan4all/pkg/hydra" -//) // +// ) func main() { var nucleiDone1, nucleiDone2 = make(chan bool), make(chan bool) go func() { @@ -23,7 +26,7 @@ func main() { log.Printf("%v %v", b, ok) break default: - + time.Sleep(33 * time.Second) } } diff --git a/test/testReg/TestReg.go b/test/testReg/TestReg.go index 61b5a6207..f733ad108 100644 --- a/test/testReg/TestReg.go +++ b/test/testReg/TestReg.go @@ -39,6 +39,7 @@ func main() { return } } + time.Sleep(33 * time.Second) } }() CloseAll <- "ok"