Giter VIP home page Giter VIP logo

suo5's People

Contributors

dust-life avatar xxxsomebodyoncetoldmexxx avatar zema1 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

dp4ng dogadmin hdys0vn mxq2103 dr-s1x17 r1card0-tutu askyeye v1rtu0l sairson 3h3h3h3 ckinsta99 3as0n jxpsx cracksos edsaqw master-perng lay0us p0desta isgasho phuong39 gxlioper 1337g ajatars m0ge coffeehb changheluor007 wyf2008 tttttint nyx2022 zo-zero-one axax002 yukar1z0e lxh2020 lidong-io startagain2016 alin-mac soliontheroad h4cking2thegate xkroot gary-yang1 tzq865 helloworldgnu pandasec888 hackerxj007 p1a0z1 qqqqtest123 ling1uan atlassion fanyibo2009 huck-lim coolegoschin yswanmei daxiong1949 toolsec yyming-sudo secloverwang xon1y archbow uyid cmjlove1 adurak2 wuha0926 f19t htftimeone freeide wisdark hktalent n0ooooone hack-umbrella itsharex h1d3r sec-fork ajin-max slongliye mygit2014 4385830 freegit9527 xiju2003 imemaker bearowang alberthchang jingmcd zzy1d 20200629 ctr1hub niiiiko manhinyeung weik1 kact929 explangcn source-xu 30579096 fzxcp3 forktopot help-lixin musum hstwo heznd want2live233 darkkid0

suo5's Issues

功能添加:无法添加cookie头

功能建议:
只能修改usage agent头,对于某些对/* .jsp文件进行鉴权的系统无法使用,需要添加header头中的cookie才可以

感谢师傅分享的工具

加密是安全的吗?

在其他网站上看到的描述说是密钥会在数据中传输?对于中间人是安全的吗?

HTTPS问题

[FTAL] 05-18 10:58 ReadStatusLine: read tcp 192.168.31.89:51974->114.114.114.114:443: i/o timeout
看起来像是HTTPS证书问题,有什么办法或者参数吗?

请求商务推广合作

作者您好,我们也是一家专业做IP代理的服务商,极速HTTP,我们注册认证会送10000IP(可以帮助您的学者适当薅羊毛试用 :) 。想跟您谈谈是否能够达成商业推广上的合作。如果您,有意愿的话,可以联系我,微信:13982004324 谢谢(如果没有意愿的话,抱歉,打扰了)

兼容性问题

1.兼容性比较差,尝试改各种类型的内存马都无法使用,只有jsp能正常使用
2.改内存马很麻烦,有很多request或response,容易找不到方法不方便使用,需要都再改成反射

neo我改了几个内存马都一步到位
https://github.com/L-codes/Neo-reGeorg/blob/master/templates/NeoreGeorg.java

但是suo一直没成功,改完如图,所有包都是一个s的响应包,而且很慢才回一个包

image

jspx不支持吗?

遇到一个站点,他jsp解析都会跳转到.do,只能解析jspx的

support save gui setting config

Hi, dude.
Thank you for your work on this great project. It would be better if there's support to save GUI settings configurations!

aspx 请求 https 报 remote error: tls: handshake failure 

func newRawClient(upstream string, timeout time.Duration) *rawhttp.Client {
	return rawhttp.NewClient(&rawhttp.Options{
		Proxy:                  upstream,
		Timeout:                timeout,
		FollowRedirects:        false,
		MaxRedirects:           0,
		AutomaticHostHeader:    true,
		AutomaticContentLength: true,
		ForceReadAllBody:       false,
		TLSHandshake: func(conn net.Conn, addr string, options *rawhttp.Options) (net.Conn, error) {
			uTlsConn := utls.UClient(conn, &utls.Config{
				InsecureSkipVerify: true,
				MinVersion:         tls.VersionTLS10,
			}, utls.HelloRandomized)
			if err := uTlsConn.Handshake(); err != nil {
				return nil, err
			}
			return uTlsConn, nil
		},
	})

}

定位到这里

更新到0.7.0后,连接失败 read tcp xxxx i/o timeout

[FTAL] 05-19 17:06 ReadStatusLine: read tcp 192.168.3.35:33886->xxx.xxx.xxx.xxx:80: i/o timeout

可以确定和https没有关系,我这就是80端口的。

换为使用0.6.0的客户端连接 0.7.0的suo5.jsp没问题。

补充一下,服务端是用宝塔搭建,windows 2008 server,当然,之前肯定是正常使用的

支持将本地端口转发到远程

可以用于反连,即可以有这样的通信链路:

远程内网机器 -> 外网入口 (suo5) -> 本地

需要在外网入口的机器监听一个端口,把流量转发到本地。

增加心跳包以避免 ReadTimeout 导致连接关闭

全双工模式下连接ssh,出现断线问题
测试半双工并未出现此问题

测试使用xshell和ssh连接都会出现掉线问题

日志信息:

运行日志
[INFO] 2023/03/10 16:11 header: 
User-Agent:  Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.1.2.3
[INFO] 2023/03/10 16:11 method: POST
[INFO] 2023/03/10 16:11 testing connection with remote server
[INFO] 2023/03/10 16:11 connection to remote server successful
[INFO] 2023/03/10 16:11 checking the capability of FullDuplex..
[INFO] 2023/03/10 16:11 wow, you can run the proxy on FullDuplex mode
[INFO] 2023/03/10 16:11 tunnel created at mode full!
[INFO] 2023/03/10 16:11 new connection from 127.0.0.1:51770
[INFO] 2023/03/10 16:11 handshake success 127.0.0.1:51770
[DBUG] 2023/03/10 16:11 recv dial response from server: length: 7
[INFO] 2023/03/10 16:11 conn successfully connected to 192.168.247.206:22
[DBUG] 2023/03/10 16:11 write data, length: 50
[DBUG] 2023/03/10 16:11 write data, length: 2072
[DBUG] 2023/03/10 16:11 write data, length: 48
[DBUG] 2023/03/10 16:11 write data, length: 16
[DBUG] 2023/03/10 16:11 write data, length: 44
[DBUG] 2023/03/10 16:11 write data, length: 60
[DBUG] 2023/03/10 16:11 write data, length: 76
[DBUG] 2023/03/10 16:11 write data, length: 52
[DBUG] 2023/03/10 16:11 write data, length: 108
[DBUG] 2023/03/10 16:11 write data, length: 128
[DBUG] 2023/03/10 16:11 remote readwriter closed
[DBUG] 2023/03/10 16:11 local conn closed
[INFO] 2023/03/10 16:11 connection from 127.0.0.1:51770 closed

ESTABLISHED连接过多导致断连

在Centos 7.5 vps上运行suo5客户端,请求目标站点(tomcat中间件)。刚开始是很快,但是用一段时间ESTABLISHED连接过多,导致无法新增其他链接,无法访问内网web站点。已经建立的隧道不会受影响(如SSH等)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.