integrated jaeles，add new web PoCs 370，By default, nuclei is turned on and jaeles scanning is turned on

Author: hktalent

.gitignore

@@ -6,11 +6,14 @@
 *.dll
 *.so
 *.dylib
-scan4all
 release
 .DbCache
 scan4all_linux
 .DS_Store
+db/GeoIP2-City.mmdb.zip
+main
+scan4all
+config/rockyou.txt
 
 # Test binary, built with `go testnmanp -c`
 *.test

.gitmodules

@@ -1,3 +1,6 @@
 [submodule "config/nuclei-templates"]
   path = config/nuclei-templates
   url = https://github.com/hktalent/nuclei-templates.git
+[submodule "config/jaeles-signatures"]
+	path = config/jaeles-signatures
+	url = https://github.com/hktalent/jaeles-signatures.git

Formula.rb

@@ -0,0 +1,11 @@
+class scan4all < Formula
+    desc "Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)..."
+    homepage "https://github.com/hktalent/scan4all"
+    url "https://github.com/hktalent/scan4all/releases/download/2.8.5/scan4all_2.8.5_macOS_amd64.zip"
+    sha256 "ccd874a283defad6a0deb11377cb9d6024cb5946b46f61f36008e0afe9db4950"
+    version "V2.8.5"
+
+    def install
+      bin.install "scan4all"
+    end
+  end

brute/dicts/127.txt

@@ -0,0 +1,13 @@
+127.0.0.1
+127.0.0.2
+127.1
+127.2
+::1
+0:0:0:0:0:0:0:1
+0:0:0:000:0:0:0:1
+0000:0000:0000:0000:0000:0000:0000:0001
+2130706433
+2130706434
+7F000001
+7F000002
+localhost

brute/dicts/action.txt

@@ -0,0 +1,100 @@
+/root/chat.action
+/login.action
+/index.action
+/homeLogin.action
+/portal/login_init.action
+/stardy/Login.action
+/login_login.action
+/license!getExpireDateOfDays.action
+/indexAction.action
+/index/downLoadFile.action
+/common/common_info.action
+/pages/xxfb/editor/uploadAction.action
+/accountlossList.action
+/ggxxfb.action
+/ivhs/ajax_updateUserInfo.action
+/download.action
+/Login.action
+/syfile/imageCompress.action
+/managerOneGgxxfb.action
+/user/login.action
+/loginAction!login.action
+/index!index.action
+/login/login.action
+/managerNManager.action
+/home.action
+/indexmanagerLogin.action
+/Ahsffyww/Default.action
+/DRP/login.action
+/spam/system/index.action
+/user/gotoLoginPage.action
+/ecp/announcement/announcement_view.action
+/managerAddNManager.action
+/managerEditNManager.action
+/main.action
+/system/login_login.action
+/login!login.action
+/loginAction.action
+/login/index.action
+/logout.action
+/register.action
+/security/loginInit.action
+/bgxz/bgxzAction_executeBack.action
+/nFixcardAllList.action
+/beian/login_login.action
+//opac_two/mylibrary/comment/queryAllComment.action
+/module/newzwgk/getmainById.action
+/index/index.action
+/shop/member!passwordRecover.action
+/mail/login.action
+/admin/login.action
+/htweixin/InsuranceDownload.action
+//admin/user_logon.action
+/BSBM/loginedLogin.action
+/robot/check-login.action
+/website/dflz/dflzSiteAction!sjList.action
+/module/newzwgk/viewquan.action
+/hbwz/wcms/searchAll.action
+/ahsffyww/Default.action
+/wfvideo/login.action
+/website-rank/addVoteRecord.action
+/module/newzwgk/viewZwxxQianMore.action
+/superadmin/index.action
+/mall/ui/giftIndex.action
+/userlogin.action
+/cms/admin/login.action
+/szxy/logon.action
+/virtual/shouye.action
+/feedback/buyIntention!saveBuyIntentionInfo.action
+/superadmin/adminLogin.action
+/Index.action
+/security/login.action
+/MemberToLoginIgnore.action
+/rdms/satisfyaid/actions/cstContactAction!register.action
+/regmail/download.action
+/IndexAction.action
+/publish/query/indexFirst.action
+/manage/login.action
+/home/index.action
+/eeoaftp/downloadFile.action
+/eis/index.action
+/gzwl/visit/renewBusinessOrder/renewBusinessOrderDetail.action
+/css/myquery/queryWQSBill.action
+/LoginAction.action
+/detail.action
+/index/index!list.action
+/auth/login.action
+/server/spreq/attachment!download.action
+/lmsv/user!editUserInfo.action
+/clib/bookWeb.action
+/otomc/user/loginUI.action
+/im-client/imclient/selfHelp.action
+/ahsffyww/ZXDefault.action
+/user!login.action
+/Dzsw/Shky/hwky.wai/index.action
+/aic/webnz/welcome-web-home!welcome.action
+/ess/Homepage.action
+/skypearl/cn/toPrintCard.action
+/spdt/spdt_listSp.action
+/xxsearch.action
+/web/Info!list.action

brute/dicts/filedic.txt

@@ -7386,6 +7386,7 @@ $metadata
 /id/:id
 /id_dsa
 /id_dsa.ppk
+/_groupcache/
 /id_rsa
 /id_rsa.pub
 /iiasdmpwd/

brute/dicts/spring.txt

@@ -0,0 +1,87 @@
+/actuator
+/actuator/auditevents
+/actuator/beans
+/actuator/conditions
+/actuator/configprops
+/actuator/env
+/actuator/trace
+/actuator/health
+/actuator/logfile
+/actuator/heapdump
+/actuator/httptrace
+/actuator/hystrix.stream
+/actuator/info
+/actuator/jolokia
+/actuator/loggers
+/actuator/mappings
+/actuator/metrics
+/actuator/scheduledtasks
+/actuator/threaddump
+/actuator/swagger-ui.html
+/auditevents
+/autoconfig
+/eureka
+/beans
+/cloudfoundryapplication
+/configprops
+/dump
+/druid/login.html
+/entity/all
+/swagger/swagger-ui.html
+/api/swagger-ui.html
+/swagger/index.html
+/v1.1/swagger-ui.html
+/v1.2/swagger-ui.html
+/v1.3/swagger-ui.html
+/v1.4/swagger-ui.html
+/v1.5/swagger-ui.html
+/v1.6/swagger-ui.html
+/v1.7/swagger-ui.html
+/v1.8/swagger-ui.html
+/v1.9/swagger-ui.html
+/v2.0/swagger-ui.html
+/v2.1/swagger-ui.html
+/v2.2/swagger-ui.html
+/v2.3/swagger-ui.html
+/%20/swagger-ui.html
+/logfile
+/env
+/env/(name)
+/health
+/heapdump
+/hystrix
+/hystrix.stream
+/info
+/webpage/system/druid/index.html
+/system/druid/index.html
+/druid/index.html
+/druid/websession.html
+/jolokia
+/jolokia/list
+/loggers
+/mappings
+/metrics
+/monitor
+/swagger-ui.html
+/threaddump
+/trace
+/gateway/actuator
+/gateway/actuator/auditevents
+/gateway/actuator/beans
+/gateway/actuator/conditions
+/gateway/actuator/configprops
+/gateway/actuator/env
+/gateway/actuator/trace
+/gateway/actuator/health
+/gateway/actuator/logfile
+/gateway/actuator/heapdump
+/gateway/actuator/httptrace
+/gateway/actuator/hystrix.stream
+/gateway/actuator/info
+/gateway/actuator/jolokia
+/gateway/actuator/loggers
+/gateway/actuator/mappings
+/gateway/actuator/metrics
+/gateway/actuator/scheduledtasks
+/gateway/actuator/threaddump
+/gateway/actuator/swagger-ui.html

brute/dicts/vcode.txt

@@ -0,0 +1,15 @@
+123456
+123123
+000000
+111111
+222222
+333333
+444444
+555555
+666666
+777777
+888888
+999999
+321321
+321123
+123321

brute/filefuzz.go

@@ -5,10 +5,10 @@ import (
 	_ "embed"
 	"fmt"
 	"github.com/antlabs/strsim"
+	"github.com/hktalent/51pwnPlatform/lib/scan/Const"
+	"github.com/hktalent/51pwnPlatform/pkg/models"
 	"github.com/hktalent/ProScan4all/lib/util"
 	"github.com/hktalent/ProScan4all/pkg/fingerprint"
-	"github.com/hktalent/goSqlite_gorm/lib/scan/Const"
-	"github.com/hktalent/goSqlite_gorm/pkg/models"
 	"io/ioutil"
 	"log"
 	"mime"

config/config.json

@@ -106,6 +106,7 @@
   },
   "enableEsSv": true,
   "CheckWeakPassword": true,
+  "jaelesThread": 8,
   "esthread": 8,
   "hydrathread": 64,
   "Fuzzthreads": 16,

config/jaeles-signatures

@@ -1,10 +1,10 @@
 package engine
 
 import (
+	"github.com/hktalent/51pwnPlatform/lib"
+	. "github.com/hktalent/51pwnPlatform/lib/scan/Const"
+	"github.com/hktalent/51pwnPlatform/pkg/models"
 	"github.com/hktalent/ProScan4all/pkg/portScan"
-	"github.com/hktalent/goSqlite_gorm/lib"
-	. "github.com/hktalent/goSqlite_gorm/lib/scan/Const"
-	"github.com/hktalent/goSqlite_gorm/pkg/models"
 )
 
 // 扫描任务分发

engine/dispather.go

@@ -1,9 +1,9 @@
 package engine
 
 import (
+	"github.com/hktalent/51pwnPlatform/lib/scan/Const"
+	"github.com/hktalent/51pwnPlatform/pkg/models"
 	"github.com/hktalent/ProScan4all/lib/util"
-	"github.com/hktalent/goSqlite_gorm/lib/scan/Const"
-	"github.com/hktalent/goSqlite_gorm/pkg/models"
 	"os"
 	"runtime"
 	"testing"

engine/dispather_test.go

@@ -2,10 +2,11 @@ package engine
 
 import (
 	"context"
+	"github.com/hktalent/51pwnPlatform/lib"
+	"github.com/hktalent/51pwnPlatform/pkg/models"
 	"github.com/hktalent/ProScan4all/lib/util"
 	"github.com/hktalent/ProScan4all/pocs_go"
-	"github.com/hktalent/goSqlite_gorm/lib"
-	"github.com/hktalent/goSqlite_gorm/pkg/models"
+	"github.com/hktalent/jaeles/cmd"
 	"github.com/panjf2000/ants/v2"
 	"log"
 	"os"
@@ -37,7 +38,7 @@ func NewEngine(c *context.Context, pool int) *Engine {
 	p, err := ants.NewPoolWithFunc(pool, func(i interface{}) {
 		defer x1.Wg.Done()
 		x1.DoEvent(i.(*models.EventData))
-	})
+	}, ants.WithPreAlloc(true))
 	if nil != err {
 		log.Println("ants.NewPoolWithFunc is error: ", err)
 	}
@@ -67,6 +68,7 @@ func (e *Engine) Close() {
 	defer ants.Release()
 	e.PoolFunc.Release()
 	e.Wg.Wait()
+	cmd.CleanOutput()
 }
 
 // case 扫描使用的函数
@@ -120,6 +122,10 @@ func (x1 *Engine) Running() {
 			case <-c:
 				util.DoCbk("exit")
 				os.Exit(1)
+			case l1, ok := <-util.OutLogV:
+				if ok {
+					util.WriteLog2File(l1)
+				}
 			case x2 := <-x1.EventData: // 各种扫描的控制
 				if nil != x2 && nil != x2.EventData {
 					x1.Wg.Add(1)