search

veo / vscan

开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)
https://veo.pub/2021/vscan/
BSD 3-Clause "New" or "Revised" License
1.43k stars 240 forks source link

panic: runtime error: index out of range [1] with length 1 #13

Closed veo closed 2 years ago

veo commented 2 years ago

`panic: runtime error: index out of range [1] with length 1 [recovered] panic: runtime error: index out of range [1] with length 1

goroutine 1063254 [running]: gopkg.in/yaml%2ev2.handleErr(0xc002830378) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/yaml.go:249 +0x6d panic({0xebeb80, 0xc00b48a3c0}) /opt/hostedtoolcache/go/1.17.8/x64/src/runtime/panic.go:1038 +0x215 github.com/veo/vscan/pocs_yml/pkg/xray/structs.(RuleMapSlice).UnmarshalYAML(0xc004c12ef8, 0xc00f75ad60) /home/runner/work/vscan/vscan/pocs_yml/pkg/xray/structs/poc.go:121 +0x2cd gopkg.in/yaml%2ev2.(decoder).callUnmarshaler(0xc0022f6300, 0xc001ca2070, {0x7fe987775318, 0xc004c12ef8}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:270 +0xa7 gopkg.in/yaml%2ev2.(decoder).prepare(0xdc8840, 0xc001ca2070, {0xddd100, 0xc004c12ef8, 0x198}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:313 +0x252 gopkg.in/yaml%2ev2.(decoder).unmarshal(0xc0022f6300, 0xc001ca2070, {0xddd100, 0xc004c12ef8, 0x0}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:364 +0x105 gopkg.in/yaml%2ev2.(decoder).mappingStruct(0xc0022f6300, 0xc001ca1ce0, {0xed1440, 0xc004c12ea0, 0x4}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:767 +0xc45 gopkg.in/yaml%2ev2.(decoder).mapping(0xda9680, 0xc001ca1ce0, {0xed1440, 0xc004c12ea0, 0x0}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:626 +0x45f gopkg.in/yaml%2ev2.(decoder).unmarshal(0xc0022f6300, 0xc001ca1ce0, {0xed1440, 0xc004c12ea0, 0x7fe986f24598}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:372 +0x16c gopkg.in/yaml%2ev2.(decoder).document(0xc001ca1c70, 0xc001ca1ce0, {0xed1440, 0xc004c12ea0, 0xc00203d800}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:384 +0x5d gopkg.in/yaml%2ev2.(decoder).unmarshal(0xda4680, 0xc004c12ea0, {0xed1440, 0xc004c12ea0, 0xc003a9c600}) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/decode.go:360 +0x196 gopkg.in/yaml%2ev2.unmarshal({0xc003a9c600, 0x2ff, 0x300}, {0xda4680, 0xc004c12ea0}, 0x0) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/yaml.go:148 +0x406 gopkg.in/yaml%2ev2.Unmarshal(...) /home/runner/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0/yaml.go:81 github.com/veo/vscan/pocs_yml/utils.loadPoc({0xfa9320, 0x22}, {0x6}) /home/runner/work/vscan/vscan/pocs_yml/utils/load.go:28 +0x7f github.com/veo/vscan/pocs_yml/utils.LoadMultiPoc({0xa}, {0xc006d58740, 0x0}) /home/runner/work/vscan/vscan/pocs_yml/utils/load.go:14 +0xad github.com/veo/vscan/pocs_yml.Check({0xc002ad6828, 0x17}, {0x0, 0xc002153170}, {0x0, 0x0}, {0x0, 0x0}, {0xc006d58740, 0x6}) /home/runner/work/vscan/vscan/pocs_yml/yml_poc_check.go:18 +0x8a github.com/veo/vscan/pkg/httpx/runner.(Runner).analyze(, , {, }, {, }, {, }, {0xc000a6ac90, 0x17}, ...) /home/runner/work/vscan/vscan/pkg/httpx/runner/runner.go:1283 +0xa25e github.com/veo/vscan/pkg/httpx/runner.(Runner).process.func1({0xc000a6ac90, 0x17}, {0xf41861, 0x3}, {0xf58432, 0xa}) /home/runner/work/vscan/vscan/pkg/httpx/runner/runner.go:694 +0x125 created by github.com/veo/vscan/pkg/httpx/runner.(Runner).process /home/runner/work/vscan/vscan/pkg/httpx/runner/runner.go:692 +0x965`