search

youki992 / VscanPlus

[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.
BSD 3-Clause "New" or "Revised" License
219 stars 20 forks source link

这个还是有问题 请有空修复下shiro #14

Open MercurySEO opened 1 month ago

MercurySEO commented 1 month ago

panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0xbc8309]

goroutine 8591063 [running]: github.com/youki992/VscanPlus/pocs_go/shiro.aES_CBC_Encrypt({0xc00a8730b0?, 0x1e78aa9?, 0x16?}, {0xc007968a80, 0x70, 0x72}) /vscanplus/vscanplus-main-code/pocs_go/shiro/CVE_2016_4437.go:45 +0x49 github.com/youki992/VscanPlus/pocs_go/shiro.CVE_2016_4437({0xc007dd5c50, 0x19}) /vscanplus/vscanplus-main-code/pocs_go/shiro/CVE_2016_4437.go:85 +0x118 github.com/youki992/VscanPlus/pocs_go.POCcheck({0xc009f4d700, 0x5, 0x8?}, {0xc0110d2108, 0x15}, {0xc007dd5c50, 0x19}, 0x0) /vscanplus/vscanplus-main-code/pocs_go/go_poccheck.go:42 +0x450 github.com/youki992/VscanPlus/pkg/httpx/runner.(*Runner).analyze(, , {, }, {, }, {, _}, {0xc007de1c08, 0x15}, ...) /vscanplus/vscanplus-main-code/pkg/httpx/runner/runner.go:1296 +0x4a8c github.com/youki992/VscanPlus/pkg/httpx/runner.(Runner).process.func1({0xc007de1c08?, 0xc903240c903240c9?}, {0x15b65b7?, 0x3240c903240c9032?}, {0x15d234f, 0xa}) /vscanplus/vscanplus-main-code/pkg/httpx/runner/runner.go:695 +0xfc created by github.com/youki992/VscanPlus/pkg/httpx/runner.(Runner).process in goroutine 1 /vscanplus/vscanplus-main-code/pkg/httpx/runner/runner.go:693 +0x6c5

youki992 commented 1 month ago

panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0xbc8309]

goroutine 8591063 [running]: github.com/youki992/VscanPlus/pocs_go/shiro.aES_CBC_Encrypt({0xc00a8730b0?, 0x1e78aa9?, 0x16?}, {0xc007968a80, 0x70, 0x72}) /vscanplus/vscanplus-main-code/pocs_go/shiro/CVE_2016_4437.go:45 +0x49 github.com/youki992/VscanPlus/pocs_go/shiro.CVE_2016_4437({0xc007dd5c50, 0x19}) /vscanplus/vscanplus-main-code/pocs_go/shiro/CVE_2016_4437.go:85 +0x118 github.com/youki992/VscanPlus/pocs_go.POCcheck({0xc009f4d700, 0x5, 0x8?}, {0xc0110d2108, 0x15}, {0xc007dd5c50, 0x19}, 0x0) /vscanplus/vscanplus-main-code/pocs_go/go_poccheck.go:42 +0x450 github.com/youki992/VscanPlus/pkg/httpx/runner.(*Runner).analyze(, , {, }, {, }, {, _}, {0xc007de1c08, 0x15}, ...) /vscanplus/vscanplus-main-code/pkg/httpx/runner/runner.go:1296 +0x4a8c github.com/youki992/VscanPlus/pkg/httpx/runner.(Runner).process.func1({0xc007de1c08?, 0xc903240c903240c9?}, {0x15b65b7?, 0x3240c903240c9032?}, {0x15d234f, 0xa}) /vscanplus/vscanplus-main-code/pkg/httpx/runner/runner.go:695 +0xfc created by github.com/youki992/VscanPlus/pkg/httpx/runner.(Runner).process in goroutine 1 /vscanplus/vscanplus-main-code/pkg/httpx/runner/runner.go:693 +0x6c5

暂时先把shiro poc删除吧师傅