Skip to content

Commit

Permalink
update 1
Browse files Browse the repository at this point in the history
  • Loading branch information
phantom0301 committed Mar 22, 2019
1 parent db2c73c commit d12bf4f
Show file tree
Hide file tree
Showing 15 changed files with 441 additions and 330 deletions.
668 changes: 363 additions & 305 deletions .idea/workspace.xml

Large diffs are not rendered by default.

49 changes: 42 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,23 +1,58 @@
# PTEye #
# PTEye(coding) #

PTeye(Phantom eye) 是一个逻辑漏洞审计工具集,使用 NodeJS 结合开源框架完成,主要用于对非常规的业务逻辑漏洞进行审计
PTeye(Phantom eye) 是一个逻辑漏洞审计工具集,使用 NodeJS 结合开源框架(整体框架根据 fwon 的 electron-anyproxy 项目魔改而成 [https://github.com/fwon/electron-anyproxy](https://github.com/fwon/electron-anyproxy "https://github.com/fwon/electron-anyproxy") )完成,主要用于模块化的业务逻辑漏洞审计

PTeye 初步设计为使用黑盒和白盒两套机制对业务逻辑漏洞进行半自动化/被动化的审计,白盒机制主要使用代码片段逻辑匹配的方式,黑盒主要使用被动代理+漏洞模块的方式
PTeye 初步设计为使用黑盒和白盒两套机制对业务逻辑漏洞进行半自动化/被动化的审计,白盒机制主要使用代码片段逻辑匹配的方式,黑盒主要使用被动代理+漏洞模块扫描的方式

PTscan仅供交流学习使用,请勿用于非法行为。
PTeye仅供交流学习使用,请勿用于非法行为。

<img src="http://phantom0301.cc/achiveimg/20170901103835.jpg" style="position: relative;left: 50%;transform: translate(-50%,0%);" />


## Features ##

-
1. 沿用原项目的网络抓包以及数据拦截修改功能。
2. 完成了简单的报文重放功能。
3. 根据网络抓包可选择重放报文。
4. 漏洞模块拦截规则编写

## Usage ##

Usage:
可参考原项目相关介绍

扫描结果样例
### 开发模式 ###

- 下载源代码
- 在 client 目录中安装相关模块,启动 element-ui 前端

```
npm install (or yarn)
npm run dev
```

- 在根目录下同时安装相关模块,启动 electron 环境,修改 main.js 中第 29 行的判断语句(或者设置相关环境变量)。

```
npm install (or yarn)
npm run start
```

- 开发完成后,对前端代码进行编译,对后端代码进行打包

```
client 目录下:
npm run build
根目录下:
npm run pack
```

### 直接使用 ###

可下载已经打好的包(建议自己打包,我也不记得是不是在打好的包里放了什么不该放的东西:



## 工具展示 ##


Expand Down
10 changes: 5 additions & 5 deletions client/dist/build.js

Large diffs are not rendered by default.

Binary file modified client/dist/icon.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion client/index.html
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<html>
<head>
<meta charset="utf-8">
<title>Anyproxy</title>
<title>PTEye</title>
<style>
/*#app-titlebar {
height: 30px;
Expand Down
2 changes: 1 addition & 1 deletion client/src/App.vue
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<div class="sidenav-item sidenav-rule">
<router-link to="/rule">{{ $t("ap.bigtab.b") }}</router-link>
</div>
<div class="sidenav-item sidenav-rule">
<div class="sidenav-item sidenav-mock">
<router-link to="/request">{{ $t("ap.bigtab.d") }}</router-link>
</div>
<!--<div class="sidenav-item sidenav-mock">-->
Expand Down
Binary file modified client/src/assets/icon.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 5 additions & 1 deletion client/src/components/menu.vue
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,8 @@ export default {
port: '8001',
forceProxyHttps: false,
global: false,
throttle: null
throttle: null,
ruleid: null
},
throttleOptions: [
{
Expand Down Expand Up @@ -156,8 +157,11 @@ export default {
},
startProxy() {
const self = this;
console.log(this.currentRule.id);
if (this.currentRule.id) {
this.setting.ruleid = this.currentRule.id;
}else{
this.setting.ruleid = null;
}
if (this.mockPaths && this.mockPaths.length) {
this.setting.mock = this.mockPaths;
Expand Down
11 changes: 10 additions & 1 deletion client/src/components/request.vue
Original file line number Diff line number Diff line change
@@ -1,7 +1,10 @@
<template>
<div id="request">
<div class="request-path-editor__left">
<el-button type="primary" :plain="true" icon="plus" @click="sendRequest">{{ $t("ap.request.addbtn") }}</el-button>
<el-row :gutter="20">
<el-button type="primary" :plain="true" icon="plus" @click="sendRequest">{{ $t("ap.request.addbtn") }}</el-button>
<el-button type="primary" :plain="true" icon="plus" @click="clearRequest">{{ $t("ap.request.clear") }}</el-button>
</el-row>
<codemirror v-model="request" :options="editorOption" ></codemirror>
</div>
<div class="request-path-editor__left">
Expand Down Expand Up @@ -103,6 +106,11 @@
this.response = response;
})|| '';
},
clearRequest(){
this.request = '';
this.request_url = '';
this.response = '';
},
deleteProject(item) {
this.$confirm(this.$t("ap.message.MSG_MOCK_CONFIRM_DEL"), {
type: 'warning'
Expand Down Expand Up @@ -284,6 +292,7 @@
}
.CodeMirror {
margin-top: 20px;
border: 1px solid #eee;
height: 500px;
}
Expand Down
10 changes: 5 additions & 5 deletions client/webpack.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,9 @@ module.exports = {
entry: './src/main.js',
output: {
path: path.resolve(__dirname, './dist'), //真实存放路径
publicPath: isPro ?
path.resolve(__dirname, './dist') : //发布引用路径
'/dist/', //开发引用路径
filename: 'build.js'
publicPath: isPro ? 'D:/projects/github/PTEye/client/dist':'/dist/' ,//发布引用路径
// , //开发引用路径
filename: 'build.js',
},
module: {
rules: [
Expand Down Expand Up @@ -52,7 +51,7 @@ module.exports = {
test: /\.(png|jpe?g|gif|svg)(\?\S*)?$/,
loader: 'file-loader',
query: {
name: '/[name].[ext]'
name: '/[name].[ext]',
}
}
]
Expand All @@ -68,6 +67,7 @@ module.exports = {
}

if (process.env.NODE_ENV === 'production') {
console.log(path.resolve(__dirname, './dist'));
module.exports.devtool = '#source-map'
// http://vue-loader.vuejs.org/en/workflow/production.html
module.exports.plugins = (module.exports.plugins || []).concat([
Expand Down
Binary file modified icon.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added icon1.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
7 changes: 4 additions & 3 deletions main.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ let loadingParams = {
let mainParams = {
width: 1300,
height: 780,
icon: __dirname + '/icon.png',
icon: __dirname + '/icon1.png',
// titleBarStyle: 'hidden-inset',
backgroundColor: '#fff',
show: false
Expand All @@ -26,12 +26,13 @@ function createWindow() {
mainWindow.setTitle(require('./package.json').name);

//setting in .vscode/launch.json
if (process.env.NODE_ENV != 'development') {
if (process.env.NODE_ENV === 'development') {
console.log('develop');
mainWindow.loadURL('http://localhost:8099');
mainWindow.webContents.openDevTools();
} else {
mainWindow.loadURL(`file://${__dirname}/client/index.html`);
mainWindow.loadURL(`file://${__dirname}/client/index.html`);
mainWindow.webContents.openDevTools();
}

mainWindow.webContents.on('did-finish-load', () => {
Expand Down
2 changes: 1 addition & 1 deletion menu.js
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ const template = [
submenu: [
{
label: 'Learn More',
click () { require('electron').shell.openExternal('https://fwon.github.io/e-anyproxy/help.html') }
click () { require('electron').shell.openExternal('https://github.com/phantom0301/PTEye') }
}
]
}
Expand Down
4 changes: 4 additions & 0 deletions rule_sample/sample_unauthorized_access_vulnerability.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
/*
插件名称:越权访问
插件描述:利用 Cookie 替换测试是否存在越权漏洞,
*/

0 comments on commit d12bf4f

Please sign in to comment.