hxsecurity / dongtai-agent-go Goto Github PK
View Code? Open in Web Editor NEWGo Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hooks.
License: Apache License 2.0
Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hooks.
License: Apache License 2.0
1.8.1
Official Docker Compose
DongTai-Core
在项目中已经使用了grpc一元拦截器(grpc.UnaryInterceptor)的情况下,dongtai agent再注册拦截器会导致报错
代码路径:
https://github.com/HXSecurity/DongTai-agent-go/blob/v0.4.2/core/grpc/newServer/replacement.go#L25
报错:
panic: The unary server interceptor was already set and may not be reset
No response
2022-07-13 19:13:43.840 error ******[-]: panic: The unary server interceptor was already set and may not be reset.
/usr/local/go/src/runtime/panic.go:844
google.golang.org/grpc.UnaryInterceptor.func1
/***/go/pkg/mod/google.golang.org/[email protected]/server.go:382
google.golang.org/grpc.(*funcServerOption).apply
/***/go/pkg/mod/google.golang.org/[email protected]/server.go:201
google.golang.org/grpc.NewServer
/***/go/pkg/mod/google.golang.org/[email protected]/server.go:564
github.com/HXSecurity/DongTai-agent-go/core/grpc/newServer.NewServer
/***/go/pkg/mod/github.com/!h!x!security/!dong![email protected]/core/grpc/newServer/replacement.go:26
GOROOT=C:\Program Files\Go #gosetup
GOPATH=C:\Users\john\go #gosetup
"C:\Program Files\Go\bin\go.exe" build -o C:\Users\john\AppData\Local\Temp\GoLand___1go_build_example_com_mod.exe example.com/mod #gosetup
C:\Users\john\AppData\Local\Temp\GoLand___1go_build_example_com_mod.exe
open dongtai-go-agent-config.yaml: The system cannot find the file specified.
等待当前程序http启动完成
SqlDBQuery
Sprintf
JsonUnmarshal
JsonDecoderDecode
JsonNewDecoder
RuntimeConcatstrings
ExecCommand
execCmdRun
BufioWriterWrite
BufioWriterWriteString
RuntimesSringtoslicebyte
HtmlTemplateExecuteTemplate
panic: runtime error: index out of range [0] with length 0
goroutine 1 [running]:
syscall.UTF16PtrFromString(...)
C:/Program Files/Go/src/syscall/syscall_windows.go:101
syscall.LoadDLL({0x9b573b, 0x28})
C:/Program Files/Go/src/syscall/dll_windows.go:73 +0x2a5
syscall.(*LazyDLL).Load(0xc0001237e0)
C:/Program Files/Go/src/syscall/dll_windows.go:248 +0xa5
syscall.(*LazyProc).Find(0xc000300300)
C:/Program Files/Go/src/syscall/dll_windows.go:303 +0xa5
github.com/mattn/go-isatty.init.0()
E:/GO/hello/vendor/github.com/mattn/go-isatty/isatty_windows.go:31 +0x25
Process finished with the exit code 2
1.8.2
Official Docker Compose
Doc(DongTai-Doc)
io/fs
: service/auxiliarylt18.go, service/auxiliarylt18.goio/fs
only supports >=1.16beta1 io/fsEnv:
go version go1.12.1 linux/amd64
Steps:
_ "github.com/HXSecurity/DongTai-agent-go/run/base"
_ "github.com/HXSecurity/DongTai-agent-go/run/http"
go mod init dongtai_test
go mod tidy
go run -gcflags "all=-N -l" app.go
build command-line-arguments: cannot load io/fs: cannot find module providing package io/fs
No response
No response
1.8.5
Official Docker Compose
Doc(DongTai-Doc), DongTai-Core
go agent装配命令go run -gcflags "all=-N -l" main.go -DongtaiGoProjectVersion="版本" -DongtaiGoProjectName="项目名" -DongtaiGoProjectCreate="true",当需装配agent的应用服务本身需要添加额外参数时,参数无法被识别;即为需要检测的服务A中运行时需要解析输入的参数a,但是在IAST服务中已经解析了参数flag.Parse(),因此不会再重新解析,运行A时输入参数会报错,无法解析参数a;
建议解决方案:
在github.com/HXSecurity/DongTai-agent-go/run/base包中的Inint函数中把flag.Parse()去掉,只在A服务中调用一次;
No response
dongtai agent在0.3.3版本加入了grpc(github.com/HXSecurity/DongTai-agent-go/run/grpc)支持,引入的grpc版本是1.45,而grpc在1.42版本改了一个函数(attributes.New)的传参格式:
func New(kvs ...interface{}) *Attributes
func New(key, value interface{}) *Attributes
我们框架使用的grpc1.40,在引入dongtai agent(0.3.3之后版本)之后go mod会自动更新grpc版本到1.45,导致运行时候报错:
too many arguments in call to attributes.New
have (string, string, string)
want (interface{}, interface{})
框架代码没法改动,想问下有没有什么兼容的方式
quit start 中没有介绍 agent-go 的用法,如何在go项目中使用 go-agent呢
等待当前程序http启动完成
panic: permission denied
goroutine 1 [running]:
github.com/brahma-adshonor/gohook.setPageWritable(0x464b235, 0x5, 0x7)
/Users/xiao/go/pkg/mod/github.com/brahma-adshonor/[email protected]/utility_unix.go:19 +0xf7
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.