Zer08Bytes
Zer08Bytes
请问rules.go中定义的是指纹识别的规则吗? 那么var RuleDatas = []RuleData{ {"宝塔", "body", "(app.bt.cn/static/app.png|安全入口校验失败|入口校验失败|href=\"http://www.bt.cn/bbs)"}, {"深信服防火墙类产品", "code", "(SANGFOR FW)"}, 这个里面的body和code的区别是什么?
Poc目录里搜索 sleep有例子。 ``` name: riskscanner-list-sqli rules: - method: POST path: /resource/list/1/10 headers: Content-Type: application/json;charset=UTF-8 body: "\ {\"sort\":\"1)a union select sleep(5) -- -\"}\r\n\ " expression: | response.status == 200 && response.duration...
比如最新版的是:expression: response.status == 200 && response.body_string.contains("abc") 需要改成response.status == 200 && response.body.bcontains(b'abc') 还有延时也不支持:比如response.latency > 5000 还有格式也需要在原版上修改: 最新的xray的poc格式:  所以最后fscan的格式是:  能否兼容呢? 实在不兼容,能不能把延时注入的条件response.latency > 5000这个加进去,上面的poc字段改改还好,这个response.latency > 5000没法处理 改成response.duration >=5.0 还是不行  虽然不报错,但是检测不出来
Can the bin file converted from donut.exe be restored? I want to restore it to a PE program.
在windows下面运行,出现如下错误 
[bug]开启爆破时,mysql连接失败导致进程退出 
[17:46:03][!]Extracted Length: 0 at BokuLoader.cna 995 [17:46:03][!] Error extracting reflective loade at BokuLoader.cna:947 # Extract the reflective loader shellcode from .text section of Bokuloader.x64.o $loader = extract_reflective_loader($data); warn("Extracted Length: "...