diff --git a/README.md b/README.md index 7f1e80f..58ef0eb 100644 --- a/README.md +++ b/README.md @@ -26,15 +26,15 @@ go install -v github.com/wjlin0/riverPass/cmd/riverPass@latest ## 二进制 下载准备运行的[二进制文件](https://github.com/wjlin0/riverPass/releases/latest) -- [macOS-arm64](https://github.com/wjlin0/riverPass/releases/download/v1.0.1/riverPass_1.0.1_macOS_arm64.zip) +- [macOS-arm64](https://github.com/wjlin0/riverPass/releases/download/v1.0.2/riverPass_1.0.2_macOS_arm64.zip) -- [macOS-amd64](https://github.com/wjlin0/riverPass/releases/download/v1.0.1/riverPass_1.0.1_macOS_amd64.zip) +- [macOS-amd64](https://github.com/wjlin0/riverPass/releases/download/v1.0.2/riverPass_1.0.2_macOS_amd64.zip) -- [linux-amd64](https://github.com/wjlin0/riverPass/releases/download/v1.0.1/riverPass_1.0.1_linux_amd64.zip) +- [linux-amd64](https://github.com/wjlin0/riverPass/releases/download/v1.0.2/riverPass_1.0.2_linux_amd64.zip) -- [windows-amd64](https://github.com/wjlin0/riverPass/releases/download/v1.0.1/riverPass_1.0.1_windows_amd64.zip) +- [windows-amd64](https://github.com/wjlin0/riverPass/releases/download/v1.0.2/riverPass_1.0.2_windows_amd64.zip) -- [windows-386](https://github.com/wjlin0/riverPass/releases/download/v1.0.1/riverPass_1.0.1_windows_386.zip) +- [windows-386](https://github.com/wjlin0/riverPass/releases/download/v1.0.2/riverPass_1.0.2_windows_386.zip) # 用法 @@ -43,7 +43,7 @@ go install -v github.com/wjlin0/riverPass/cmd/riverPass@latest riverPass -h ``` ```yaml -riverPass v1.0.1 数瑞WAF绕过工具 +riverPass v1.0.2 数瑞WAF绕过工具 Usage: riverPass [flags] diff --git a/pkg/runner/banner.go b/pkg/runner/banner.go index 46dce58..e2402c3 100644 --- a/pkg/runner/banner.go +++ b/pkg/runner/banner.go @@ -16,7 +16,7 @@ const ( /_/ /_/ |___/\___/_/ / .___/\__,_/____/____/ /_/ ` - Version = "1.0.1" + Version = "1.0.2" repoName = "riverPass" user = "wjlin0" ) diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index 34bece6..cf6c0f3 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -17,7 +17,7 @@ import ( "strings" ) -var jstext = "function socket_start(){if(typeof window.globalSocket121!=='undefined'&&window.globalSocket121.readyState!==WebSocket.CLOSED){return}window.globalSocket121=new WebSocket(\"ws://127.0.0.1:{{websocketPort}}\"),window.globalSocket121.onopen=function(t){window.globalSocket121.send(\"{{websocketToken}}\")},window.globalSocket121.onmessage=function(t){const data=JSON.parse(t.data);const uuid=data.uuid;var method=data.method;var url=data.url;var body=atob(data.body);var headers=JSON.parse(atob(data.headers))||{};const fetchOptions={method:method,headers:new Headers(headers),};if(body!==\"\"){fetchOptions.body=body}fetch(url,fetchOptions).then(response=>{const statusCode=response.status;const responseHeaders={};response.headers.forEach((value,key)=>{responseHeaders[key]=value});return response.text().then(body=>({statusCode:statusCode,headers:responseHeaders,body:body,}))}).then(({statusCode,headers,body})=>{const textEncoder=new TextEncoder();const bodyAsBytes=textEncoder.encode(body);const bodyAsBase64=btoa(String.fromCharCode(...bodyAsBytes));const responseMessage=JSON.stringify({uuid:uuid,statusCode:statusCode,headers:btoa(JSON.stringify(headers)),body:bodyAsBase64,});console.log(btoa(JSON.stringify(headers)))window.globalSocket121.send(responseMessage)}).catch((e)=>{const errorMessage=JSON.stringify({uuid:uuid,statusCode:500,headers:\"\",body:e.toString(),});window.globalSocket121.send(errorMessage)})}}if(typeof window.globalSocket121==='undefined'||window.globalSocket121.readyState===WebSocket.CLOSED){socket_start()}" +var jstext = " function socket_start() {\n // 避免重复连接\n if (typeof window.globalSocket121 !== 'undefined' && window.globalSocket121.readyState !== WebSocket.CLOSED) {\n return;\n }\n window.globalSocket121 = new WebSocket(\"ws://127.0.0.1:{{websocketPort}}\"),\n window.globalSocket121.onopen = function (t) {\n window.globalSocket121.send(\"{{websocketToken}}\");\n },\n window.globalSocket121.onmessage = function (t) {\n // 解析接收到的数据\n const data = JSON.parse(t.data); // 假设这里接收的是 JSON 格式的数据\n // 从 data 中提取 uuid\n const uuid = data.uuid; // 从数据中提取 UUID\n var method = data.method;\n var url = data.url;\n var body = atob(data.body);\n var headers = JSON.parse(atob(data.headers)) || {};\n // alert(headers);\n // 将 headers 设置为请求头\n const fetchOptions = {\n method: method,\n headers: new Headers(headers),\n };\n\n if (body !== \"\") {\n fetchOptions.body = body;\n }\n\n fetch(url, fetchOptions)\n .then(response => {\n const statusCode = response.status;\n\n // 将 Headers 对象转换为字典格式\n const responseHeaders = {};\n response.headers.forEach((value, key) => {\n responseHeaders[key] = value; // 将 headers 转换为键值对的形式存储在对象中\n });\n\n return response.text().then(body => ({\n statusCode: statusCode,\n headers: responseHeaders, // 使用字典格式的 headers\n body: body,\n }));\n })\n .then(({ statusCode, headers, body }) => {\n const textEncoder = new TextEncoder();\n const bodyAsBytes = textEncoder.encode(body);\n const bodyAsBase64 = btoa(String.fromCharCode(...bodyAsBytes));\n\n\n // 发送响应回去,包括 uuid\n const responseMessage = JSON.stringify({\n uuid: uuid, // 传递回去的 UUID\n statusCode: statusCode,\n headers: btoa(JSON.stringify(headers)), // 保持 headers 为字典格式\n body:bodyAsBase64,\n });\n console.log(btoa(JSON.stringify(headers)))\n window.globalSocket121.send(responseMessage);\n })\n .catch((e) => {\n // 处理错误,发送失败信息\n const errorMessage = JSON.stringify({\n uuid: uuid,\n statusCode: 500,\n headers: \"\",\n body: e.toString(),\n });\n window.globalSocket121.send(errorMessage);\n });\n };\n }\n\n // 确保只有在 WebSocket 没有连接的情况下启动\n if (typeof window.globalSocket121 === 'undefined' || window.globalSocket121.readyState === WebSocket.CLOSED) {\n socket_start();\n }" type Runner struct { Websocket *websocketserver.WebSocketServer