linglong

linglong copied to clipboard

提个建议

9

### 建议 可以在Nginx上/api目录配置下反向代理； ### Demo http://ip/api目录直接指向api端口，就不用每次都改前端ip了 location /api { uwsgi_pass django; include /Savior/docker/uwsgi_params; }

Mustard404

如何更新xray的poc？是可以直接使用新版的xray pc覆盖原来的poc目录吗？

nicetomeetnode

师傅考虑增加crawlergo或者rad的爬虫模块吗

zjhzjhhh

可以正常开启扫描，探测敏感后台等，大概对2000多个资产进行扫描，三天后xray结果一栏仍没有任何回显，我是搭建在服务器上的，是因为xray的扫描需要开启吗，还是xray模块被云服务器查杀了，求指教

daydust

https://github.com/awake1t/linglong/blob/bedbe49597412abab1c1635e133957d782e65325/pkg/utils/jwt.go#L12-L31 按照这边的生成规则，会将用户账号密码保存到jwt token中，可以经过简单的解码进行账号密码的查看。 ```bash $ go test GenerateToken eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwicGFzc3dvcmQiOiJwYXNzd29yZCIsImV4cCI6MTY2Njc2NjA3NSwiaXNzIjoibGluZ2xvbmcifQ.4Ia5g5e0EzkOUjJ-Xmnu59lX6JiJVnDVaw_p-7vBrtA PASS ok linglong/pkg/utils 0.063s $ .\jwt-hack.exe decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFkbWluIiwicGFzc3dvcmQiOiJwYXNzd29yZCIsImV4cCI6MTY2Njc2NjA3NSwiaXNzIjoibGluZ2xvbmcifQ.4Ia5g5e0EzkOUjJ-Xmnu59lX6JiJVnDVaw_p-7vBrtA d8p 8d8 d88 888888888 888 888 ,8b. doooooo 888 ,dP 88p 888,o.d88 '88d...

Lance621

sever容器会反复重启

1

添加扫描网段执行扫描之后，容器会没隔十几秒就重启，基本和masscan扫描周期一致

coollce

web改密码了，复杂度太高了，现在新旧密码都登录失败。 怎么破

fengshao312

docker-compose up -d 失败

5

Creating linglongmaster_mysql_1 ... Creating linglongmaster_mysql_1 ... done Creating linglong-server ... Creating linglong-server ... error ERROR: for linglong-server Cannot start service server: OCI runtime create failed: container_linux.go:348: starting container process caused...

N0o01

使用配置文件中的私钥，同时该私钥需要随机生成

binganao

An invalid access control vulnerability was found

3

[Suggested description] Attackers can directly construct the corresponding JWT authentication information and enter the background to view, add tasks and scan results [Vulnerability Type] Incorrect Access Control [Vendor of Product]...

binganao