GithubHelp home page GithubHelp logo

Comments (8)

ba0gu0 avatar ba0gu0 commented on June 7, 2024 1

感谢,确实没有进行界面伪装。
新增表达式贼强,问题已搞定。

from neo-regeorg.

L-codes avatar L-codes commented on June 7, 2024

感谢反馈,首先加标记会造成流量规则,容易被流量设备检测
其实 Neo-reGeorg 对这样的情况已经有解决方案,可使用--cut-left--cut-right设置前后被追加内容的偏移位,从而获取到正确的base64数据
并且如果你没有使用-f参数伪造页面内容的话,会有自动计算出--cut-left--cut-right的偏移位提示

from neo-regeorg.

ba0gu0 avatar ba0gu0 commented on June 7, 2024

尴尬,我下载的release版本,3.6的,没有--cut-left参数。
我直接clone吧。

from neo-regeorg.

L-codes avatar L-codes commented on June 7, 2024

喔 不好意思 因为主分支在弄 3.8 的预览,忘记发布 3.7版本了,我待会 release 一下 哈哈哈

from neo-regeorg.

L-codes avatar L-codes commented on June 7, 2024

https://github.com/L-codes/Neo-reGeorg/releases/tag/v3.7.0

from neo-regeorg.

ba0gu0 avatar ba0gu0 commented on June 7, 2024

  • 添加偏移位的方式不太友好哎,需要自行分析获取需要添加的前后偏移位数,不调试程序获取不到偏移位数。

  • 还有刚测试了这两个参数,在Check webshell存活的时候,页面内容为注释的html代码,这个时候有些中间件不对这些内容进行修改,导致偏移获取到的内容缺少。


  • 感觉还是使用正则匹配的方式,在响应数据前后添加随机值,我记得neoreg.py内置不是有一个mark值吗?直接拿来用就好了。

from neo-regeorg.

L-codes avatar L-codes commented on June 7, 2024

你使用了-f指定伪造的内容文件吗?正常 --cut-left--cur-right是自动计算出来的,不会不友好

Neo-reGeorg/neoreg.py

Lines 543 to 548 in d1bcea9

elif BASICCHECKSTRING in data:
left_offset = data.index(BASICCHECKSTRING)
right_offset = len(data) - ( left_offset + len(BASICCHECKSTRING) )
log.error("Georg is ready, but the body needs to be offset")
log.error("You can set the `--cut-left {} --cut-right {}` parameter to body offset".format(left_offset, right_offset))
exit()

目前还没遇到页面内容为注释的html代码,这个时候有些中间件不对这些内容进行修改,导致偏移获取到的内容缺少

session_mark,不能作为标记配置,这样流量的传输会被标记

不过使用正则匹配的方式可以解决你遇到的问题,我考虑加入 v3.8.0 版本,感谢建议

from neo-regeorg.

L-codes avatar L-codes commented on June 7, 2024

新增了 --extract 参数进行正则提取,代码参考: e2eca19

现在针对问题的需求

<html><p>原始base64数据Hr862cRcRES_9AFMojsEHA</p></html>

可用 --extract '<p>REGBODY</p>' 解决

from neo-regeorg.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.