misecurity / x-patrol Goto Github PK
View Code? Open in Web Editor NEWgithub泄露扫描系统
github泄露扫描系统
Running go-get results in
root@bugdiscloseguy:~# go get github.com/MiSecurity/x-patrol package x-patrol/cmd: unrecognized import path "x-patrol/cmd" (import path does not begin with hostname)
运行没有1分钟就这样
确保没有超过5000的限额
确保已经使用了token
404 page not found
大神好,
想问下大神,咱们的源码监控目前是否实现 增量扫描以及邮件通知功能,感谢大神回复。真心感谢大神无私的指点!
./x-patrol_darwin_amd64
[0000] PANIC xsec patrol: Error 1045: Access denied for user 'xsec'@'localhost' (using password: YES)
panic: (*logrus.Entry) (0xb455e0,0xc00009c730)
goroutine 1 [running]:
github.com/sirupsen/logrus.Entry.log(0xc00009c0a0, 0xc00008ebd0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f2300000000, ...)
/opt/apps/gopath/src/github.com/sirupsen/logrus/entry.go:126 +0x2ab
github.com/sirupsen/logrus.(*Entry).Panic(0xc00009c190, 0xc0000d3ec8, 0x1, 0x1)
/opt/apps/gopath/src/github.com/sirupsen/logrus/entry.go:194 +0x103
github.com/sirupsen/logrus.(*Entry).Panicln(0xc00009c190, 0xc0000d3f28, 0x1, 0x1)
/opt/apps/gopath/src/github.com/sirupsen/logrus/entry.go:289 +0xc6
x-patrol/models.init.0()
/opt/apps/gopath/src/x-patrol/models/models.go:70 +0x3f4
func Search(rules []models.Rules) () {
var wg sync.WaitGroup
wg.Add(len(rules))
client, token, err := GetGithubClient()
if err == nil && token != "" {
for _, rule := range rules {
go func(rule models.Rules) {
defer wg.Done()
//这个goroutine的意义在哪????
}(rule)
SaveResult(client.SearchCode(rule.Pattern))
}
wg.Wait()
}
}
[0000] PANIC xsec patrol: Error 1045: Access denied for user 'root'@'localhost' (using password: YES)
panic: (*logrus.Entry) (0xab5420,0xc420196050)
goroutine 1 [running]:
github.com/sirupsen/logrus.Entry.log(0xc420088280, 0xc420083320, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
/home/yang/gocode/src/github.com/sirupsen/logrus/entry.go:112 +0x254
github.com/sirupsen/logrus.(*Entry).Panic(0xc420088370, 0xc420175bd0, 0x1, 0x1)
/home/yang/gocode/src/github.com/sirupsen/logrus/entry.go:182 +0xaa
github.com/sirupsen/logrus.(*Entry).Panicln(0xc420088370, 0xc420175cc0, 0x1, 0x1)
/home/yang/gocode/src/github.com/sirupsen/logrus/entry.go:277 +0xd5
x-patrol/models.init.0()
/home/yang/gocode/src/x-patrol/models/models.go:70 +0x415
exit status 2
go 新手,最近把这个项目导入到goland 里面,发觉有一些引入,比如 models.go 里面
import (
"x-patrol/settings"
"x-patrol/logger"
)
IDE 提示无法引入,改为相对路径 ../settings 就没有问题,这样是正常的么,还是我哪里设置的不正确。
例如 "example.com"+in:file+language:go这种关键字+描述符形式的全局搜索如何展开呢?目前看好像不支持这个特性
111
./x-patrol_darwin_amd64 scan
[0000] INFO xsec patrol: scan github code
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x30 pc=0x15a5a9a]
goroutine 18 [running]:
x-patrol/util/githubsearch.(*Client).SearchCode(0xc000257d60, 0xc000274760, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0)
/Users/lbb/go/src/x-patrol/util/githubsearch/gitclient.go:158 +0x32a
x-patrol/util/githubsearch.Search.func1(0xc000270fa0, 0xc000257d60, 0x17, 0xc000270f28, 0x6, 0xc000270f48, 0x5, 0xc000274760, 0x16, 0xc000270f70, ...)
/Users/lbb/go/src/x-patrol/util/githubsearch/search.go:67 +0x6f
created by x-patrol/util/githubsearch.Search
/Users/lbb/go/src/x-patrol/util/githubsearch/search.go:65 +0x168
后来查到了原因,当执行 task_tes.go 里面的单元测试的时候,会改变当前程序正在运行的路径,当前的路径 是 task,就没办法找到 conf/app.ini 文件。
在用token进行爬取的时候,在测试的几次之后就爬不出东西来了,后来发现是timeout了。
请问这个问题是怎么处理的啊。
谢谢!
Due to GitHub handle change (to lowercase) for long term purpose, go get
may fail fetching github.com/Unknwon/com
.
Please consider take some time to update it to github.com/unknwon/com
in the go.mod
file.
I truly apology for the inconvenience and unintended troubles caused.
嗨,非常感谢作者能开源这个项目,我有个问题,已忽略的仓库,下次scan还会被扫描出来吗
go build main.go 提示:
models/github.go:97:35: response.Remaining undefined (type *github.Response has no field or method Remaining)
models/github.go:98:31: response.Reset undefined (type *github.Response has no field or method Reset)
models/github.go:99:31: response.Limit undefined (type *github.Response has no field or method Limit)
github.com/etsy/hound/codesearch/sparse
rename
github.com/hound-search/hound/codesearch/sparse
忽略仓库只能单次生效
不能这次点了 忽略仓库后 永久生效
When I download this program:
cd x-patrol, then I execute "go build main.go",I got the following errors:
main.go:29:2: cannot find package "github.com/urfave/cli" in any of:
/usr/lib/golang/src/github.com/urfave/cli (from $GOROOT)
/root/go/src/github.com/urfave/cli (from $GOPATH)
main.go:28:2: cannot find package "x-patrol/cmd" in any of:
/usr/lib/golang/src/x-patrol/cmd (from $GOROOT)
/root/go/src/x-patrol/cmd (from $GOPATH)
I think you maybe forget to write some packages that need to depend on, and the package path may be have some problem,
Please update the readme, describe the install&run part clearly, then more newbies can run you program easily.
Failed to git fetch repos
fatal:couldn‘t find remote ref master
fatal:the remote end hung up unexpectedly
localrepos error : exit status 128
如果有sqlite的表结构或者其他数据库的方便给一下么,如果不方便就算了,谢谢
root@kali:/usr/local/go/src/x-patrol# ./x-patrol_linux_amd64 scan -m all
[0000] INFO xsec patrol: scan github code and local repos
[0000] INFO xsec patrol: Complete the scan local repos, start to sleep 15m0s seconds
[0000] INFO xsec patrol: Complete the scan of Github, start to sleep 15m0s seconds
一直卡在这没反应了
I try to scan after adding the token , but it come 401 Bad credentials.
The token is valid which can be use by curl -u username:token https://api.github.com/user
go run main.go web 报了一个错误log,如下
[0000] INFO xsec patrol: Init rules, err:
部署于AWS海外节点
root@li:/root/go/src/x-patrol# ./build.sh
go: finding github.com/hound-search/hound/codesearch/sparse latest
go: finding github.com/hound-search/hound/codesearch latest
go get github.com/hound-search/hound/codesearch/sparse: no matching versions for query "latest"
go: finding github.com/go-macaron/cache latest
go: finding github.com/go-macaron/captcha latest
go: finding github.com/go-macaron/csrf latest
go: finding github.com/go-macaron/session latest
go: finding github.com/google/go-github/github latest
go: finding golang.org/x/oauth2 latest
go: finding github.com/hound-search/hound/codesearch/sparse latest
go: finding github.com/hound-search/hound/codesearch latest
build command-line-arguments: cannot load github.com/hound-search/hound/codesearch/sparse: cannot find module providing package github.com/hound-search/hound/codesearch/sparse
root@li:/root/go/src/x-patrol# go build main.go
go: finding github.com/hound-search/hound/codesearch/sparse latest
go: finding github.com/hound-search/hound/codesearch latest
build command-line-arguments: cannot load github.com/hound-search/hound/codesearch/sparse: cannot find module providing package github.com/hound-search/hound/codesearch/sparse
GOBIN=/usr/local/go/bin
GOROOT=/usr/local/go
GOPATH=/root/go
GO111MODULE=on
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.