STRLCPY/afrog

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■

cmd/afrog/main.go

		skipped 34 lines
35	35		&cli.StringFlag{Name: "pocs", Aliases: []string{"P"}, Destination: &options.PocsFilePath, Value: "", Usage: "poc.yaml or poc directory paths to include in the scan（no default `afrog-pocs` directory）"},
36	36		&cli.StringFlag{Name: "output", Aliases: []string{"o"}, Destination: &options.Output, Value: "", Usage: "output html report, eg: -o result.html "},
37	37		&cli.StringFlag{Name: "search", Aliases: []string{"s"}, Destination: &options.Search, Value: "", Usage: "search PoC by `keyword` , eg: -s tomcat,phpinfo"},
	38	+	&cli.StringFlag{Name: "severity", Aliases: []string{"S"}, Destination: &options.Severity, Value: "", Usage: "pocs to run based on severity. Possible values: info, low, medium, high, critical, unknown"},
38	39		&cli.BoolFlag{Name: "silent", Destination: &options.Silent, Value: false, Usage: "no progress, only results"},
39	40		&cli.BoolFlag{Name: "nofinger", Aliases: []string{"nf"}, Destination: &options.NoFinger, Value: false, Usage: "disable fingerprint"},
40	41		&cli.BoolFlag{Name: "notips", Aliases: []string{"nt"}, Destination: &options.NoTips, Value: false, Usage: "disable show tips"},
		skipped 91 lines

■ ■ ■ ■ ■ ■

cmd/flag/main.go

		skipped 9 lines
10	10
11	11		func main() {
12	12		var language string
	13	+	var severity *cli.StringSlice
13	14
14	15		app := &cli.App{
15	16		Flags: []cli.Flag{
		skipped 3 lines
19	20		Usage: "language for the greeting",
20	21		Destination: &language,
21	22		},
	23	+	&cli.StringSliceFlag{
	24	+	Name: "severity",
	25	+	Aliases: []string{"se"},
	26	+	Usage: "pocs to run based on severity. Possible values: info, low, medium, high, critical",
	27	+	Destination: severity,
	28	+	},
22	29		},
23	30		Action: func(c *cli.Context) error {
24	31		fmt.Println(language)
	32	+	fmt.Println(severity.String())
25	33		return nil
26	34		},
27	35		}
		skipped 7 lines

■ ■ ■ ■ ■ ■

pkg/config/options.go

		skipped 36 lines
37	37		// no progress if silent is true
38	38		Silent bool
39	39
	40	+	// pocs to run based on severity. Possible values: info, low, medium, high, critical
	41	+	Severity string
	42	+
	43	+	SeverityKeywords []string
	44	+
40	45		// disable output fingerprint in the console
41	46		NoFinger bool
42	47
		skipped 48 lines
91	96		return false
92	97		}
93	98
	99	+	func (o *Options) SetSeverityKeyword() bool {
	100	+	if len(o.Severity) > 0 {
	101	+	arr := strings.Split(o.Severity, ",")
	102	+	if len(arr) > 0 {
	103	+	for _, v := range arr {
	104	+	o.SeverityKeywords = append(o.SeverityKeywords, strings.TrimSpace(v))
	105	+	}
	106	+	return true
	107	+	}
	108	+	}
	109	+	return false
	110	+	}
	111	+
	112	+	func (o *Options) CheckPocSeverityKeywords(severity string) bool {
	113	+	if len(o.SeverityKeywords) > 0 {
	114	+	for _, v := range o.SeverityKeywords {
	115	+	if strings.EqualFold(severity, v) {
	116	+	return true
	117	+	}
	118	+	}
	119	+	}
	120	+	return false
	121	+	}
	122	+

■ ■ ■ ■ ■ ■

pkg/core/excute.go

		skipped 43 lines
44	44		newPocSlice = append(newPocSlice, v)
45	45		}
46	46		}
	47	+	} else if len(e.options.Severity) > 0 && e.options.SetSeverityKeyword() {
	48	+	// added severity filter @date: 2022.6.13 10:58
	49	+	for _, v := range pocSlice {
	50	+	if e.options.CheckPocSeverityKeywords(v.Info.Severity) {
	51	+	newPocSlice = append(newPocSlice, v)
	52	+	}
	53	+	}
47	54		} else {
48	55		newPocSlice = append(newPocSlice, pocSlice...)
49	56		}
		skipped 54 lines