Skip to content

Add Wrapper Package with a Couple of Existing Examples #380

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Add Wrapper Package with a Couple of Existing Examples #380

wants to merge 6 commits into from

Conversation

lobsterjerusalem
Copy link
Collaborator

@lobsterjerusalem lobsterjerusalem commented May 19, 2025
edited
Loading

Requires #377

The goal is to put helper functions/wrappers in this package to reduce boilerplate and increase consistency. Also helps to prevent import cycle issues.

Usage examples:

Simple Version Check

func CheckVersion(....){
     return wrappers.SimpleVersionCheck(conf, `<div id="version">v(\d+\.\d+\.\d+)</div>`, "<=0.24.10")
}

Open to opinions about whether or not to include additional params such as status code to check for or passing the endpoint as a param.

Dynamic File Serve:

ok := wrappers.HTTPServeFileInitAndRunWithFile(conf, dest, route, []byte(reverseShellContent))
if !ok {
     return false
}

randomFileName := httpFileServer.GetRandomName(dest)
....

@lobsterjerusalem lobsterjerusalem self-assigned this Jun 3, 2025
@lobsterjerusalem lobsterjerusalem added the enhancement New feature or request label Jun 3, 2025
j-baines
j-baines reviewed Jun 4, 2025
View reviewed changes
wrappers/wrappers.go
// Of course it will not work in every case but that is not the point.
func SimpleVersionCheck(conf *config.Config, rePattern string, versionConstraint string) exploit.VersionCheckType {
url := protocol.GenerateURL(conf.Rhost, conf.Rport, conf.SSL, "/")
resp, body, ok := protocol.HTTPGetCache(url)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

formatting gone wrong here and elsewhere in the file

terrorbyte
terrorbyte reviewed Jun 4, 2025
View reviewed changes
wrappers/wrappers.go

// This removes generic version checking boiler plate that works in a great deal of cases.
// Of course it will not work in every case but that is not the point.
func SimpleVersionCheck(conf *config.Config, rePattern string, versionConstraint string, endpoint string) exploit.VersionCheckType {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should move this to the same as CheckSemVer in go-exploit

wrappers/wrappers.go
// to avoid certain import cycle errors.

// Helper function for use within exploits to reduce the overall amount of boilerplate when setting up a file server to host a dynamically generated file.
func HTTPServeFileInitAndRunWithFile(conf *config.Config, fileName string, routeName string, data[]byte) bool {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

idk where to put this but this probably shouldn't be wrappers

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@terrorbyte terrorbyte terrorbyte left review comments

@j-baines j-baines j-baines left review comments

Assignees

@lobsterjerusalem lobsterjerusalem

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lobsterjerusalem @terrorbyte @j-baines