From beaaa52f831d63278622f8707cbf9cb5bbad52b0 Mon Sep 17 00:00:00 2001 From: wjlin0 Date: Thu, 17 Oct 2024 21:29:47 +0800 Subject: [PATCH] =?UTF-8?q?=F0=9F=8E=89=20v1.0.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 16 ++++----- index.html | 82 ------------------------------------------- pkg/runner/options.go | 6 +++- pkg/runner/runner.go | 49 ++++++++++++++++++++++++++ pkg/types/options.go | 1 + 5 files changed, 63 insertions(+), 91 deletions(-) delete mode 100644 index.html diff --git a/README.md b/README.md index 061bc4d..823be3a 100644 --- a/README.md +++ b/README.md @@ -43,16 +43,17 @@ go install -v github.com/wjlin0/riverPass/cmd/riverPass@latest riverPass -h ``` ```yaml -riverPass 1.0.0 数瑞WAF绕过工具 +riverPass v1.0.0 数瑞WAF绕过工具 Usage: - ./riverPass [flags] + riverPass [flags] Flags: 输入: - -pp, -proxy-port int 代理监听端口 (default 8001) - -wp, -websocket-port int websocket监听端口 (default 10001) - -wt, -websocket-token string websocket通信密钥 (default "123456") + -pp, -proxy-port int 代理监听端口 (default 8001) + -wp, -websocket-port int websocket监听端口 (default 10001) + -wt, -websocket-token string websocket通信密钥 (default "123456") + -dw, -domain-whitelist string[] 域名白名单,只允许指定域名进行代理重放 代理: -p, -proxy string[] 下游代理 @@ -69,9 +70,8 @@ EXAMPLES: $ riverPass -pp 8081 运行 riverPass 设置下游代理: $ riverPass -proxy http://127.0.0.1:7890 - - - +运行 riverPass 设置白名单只允许指定的域名列表进行代理重放: + $ riverPass -dw www.189.cn,www.example.com ``` **注意**:在此之前你必须导入`mitmproxy`的证书(若没有 可随意运行一次 `riverPass`,它位于你主机的 `$HOME/.mitmproxy` 目录下) diff --git a/index.html b/index.html deleted file mode 100644 index 96c472f..0000000 --- a/index.html +++ /dev/null @@ -1,82 +0,0 @@ - \ No newline at end of file diff --git a/pkg/runner/options.go b/pkg/runner/options.go index 92c2448..45336e9 100644 --- a/pkg/runner/options.go +++ b/pkg/runner/options.go @@ -19,12 +19,14 @@ import ( func ParserOptions() *types.Options { options := &types.Options{} set := goflags.NewFlagSet() - set.SetDescription(fmt.Sprintf("riverPass %s 数瑞WAF绕过工具 ", Version)) + set.SetDescription(fmt.Sprintf("riverPass v%s 数瑞WAF绕过工具 ", Version)) set.CreateGroup("Input", "输入", set.IntVarP(&options.ProxyPort, "proxy-port", "pp", 8001, "代理监听端口"), set.IntVarP(&options.WebSocketPort, "websocket-port", "wp", 10001, "websocket监听端口"), set.StringVarP(&options.WebSocketToken, "websocket-token", "wt", "123456", "websocket通信密钥"), + set.StringSliceVarP(&options.DomainWhitelist, "domain-whitelist", "dw", nil, "域名白名单,只允许指定域名进行代理重放", goflags.FileCommaSeparatedStringSliceOptions), ) + set.CreateGroup("Proxy", "代理", set.StringSliceVarP(&options.Proxy, "proxy", "p", nil, "下游代理", goflags.FileCommaSeparatedStringSliceOptions), ) @@ -39,6 +41,8 @@ func ParserOptions() *types.Options { $ riverPass -pp 8081 运行 riverPass 设置下游代理: $ riverPass -proxy http://127.0.0.1:7890 +运行 riverPass 设置白名单只允许指定的域名列表进行代理重放: + $ riverPass -dw www.189.cn,www.example.com `) set.SetConfigFilePath(filepath.Join(DefaultConfig)) diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index 8cc86f6..cf6c0f3 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -9,7 +9,10 @@ import ( "github.com/wjlin0/riverPass/pkg/types" "github.com/wjlin0/riverPass/pkg/websocketbody" "github.com/wjlin0/riverPass/pkg/websocketserver" + proxyutils "github.com/wjlin0/utils/proxy" + updateutils "github.com/wjlin0/utils/update" "net/http" + "net/url" "strconv" "strings" ) @@ -24,6 +27,18 @@ type Runner struct { } func (r *Runner) Request(flow *proxy.Flow) { + // 判断是否在白名单中 + u := flow.Request.URL + if len(r.Options.DomainWhitelist) > 0 && !func() bool { + for _, domain := range r.Options.DomainWhitelist { + if strings.Contains(u.Host, domain) { + return true + } + } + return false + }() { + return + } // 得到所有的请求头 headers := flow.Request.Header flag := headers.Get("Req-Flag") @@ -118,6 +133,17 @@ func (r *Runner) HandleDelayedRequest(flow *proxy.Flow) { } func (r *Runner) Response(flow *proxy.Flow) { + u := flow.Request.URL + if len(r.Options.DomainWhitelist) > 0 && !func() bool { + for _, domain := range r.Options.DomainWhitelist { + if strings.Contains(u.Host, domain) { + return true + } + } + return false + }() { + return + } flow.Response.ReplaceToDecodedBody() // 得到所有的响应头 headers := flow.Request.Header @@ -165,6 +191,29 @@ func NewRunner(opts *types.Options) (*Runner, error) { Proxy: ps, Options: opts, } + if !opts.DisableUpdateCheck { + latestVersion, err := updateutils.GetToolVersionCallback(repoName, repoName)() + if err != nil { + gologger.Error().Msgf("Could not check for update: %s\n", err) + } else { + gologger.Info().Msgf("Current %s version v%v %v", repoName, Version, updateutils.GetVersionDescription(Version, latestVersion)) + } + } else { + gologger.Info().Msgf("Current %s version v%v ", repoName, Version) + } + + if types.ProxyURL != "" { + // 展示代理 + parse, _ := url.Parse(types.ProxyURL) + if parse.Scheme == proxyutils.HTTPS || parse.Scheme == proxyutils.HTTP { + gologger.Info().Msgf("Using %s as proxy server", parse.String()) + } + + if parse.Scheme == proxyutils.SOCKS5 { + gologger.Info().Msgf("Using %s as socket proxy server", parse.String()) + } + } + ps.AddAddon(run) return run, nil diff --git a/pkg/types/options.go b/pkg/types/options.go index 14e9a2a..c4339ae 100644 --- a/pkg/types/options.go +++ b/pkg/types/options.go @@ -8,4 +8,5 @@ type Options struct { ProxyPort int `json:"proxyPort"` Proxy goflags.StringSlice `json:"proxy"` DisableUpdateCheck bool `json:"disableUpdateCheck"` + DomainWhitelist goflags.StringSlice `json:"domainWhitelist"` }