Backup_Repos/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash synced 2025-12-29 11:44:30 +01:00
Code Issues Projects Releases Wiki Activity

fix (plg_security_scanner): broken scanner

Browse source
This commit is contained in:
MickaelK 2025-08-08 14:39:30 +10:00
parent 06442df3ad
commit e397c56544
1 changed files with 151 additions and 156 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

307
server/plugin/plg_security_scanner/index.go
View file

@ -19,10 +19,6 @@ var (
)
func init() {
Hooks.Register.Onload(setup)
}
func setup() {
plugin_enable = func() bool {
return Config.Get("features.protection.enable").Schema(func(f *FormElement) *FormElement {
if f == nil {
@ -48,160 +44,159 @@ func setup() {
}
billionsOfLol = bytes.NewBuffer(b)
Hooks.Register.Onload(func() {
Hooks.Register.HttpEndpoint(func(r *mux.Router, _ *App) error {
if plugin_enable() == false {
return
}
Hooks.Register.HttpEndpoint(func(r *mux.Router, _ *App) error {
// DEFAULT
r.HandleFunc("/index.php", WelcomePackHandle)
r.PathPrefix("/html/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/public/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/webdav/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/www/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/MAMP/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/xampp/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/web/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/scripts/").Handler(http.HandlerFunc(WelcomePackHandle))
// CMS
r.PathPrefix("/blog/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/cms/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wordpress/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp-admin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp-content/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/wp-config.php", WelcomePackHandle)
r.HandleFunc("/wp-login.php", WelcomePackHandle)
r.PathPrefix("/wp1/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp2/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp3/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp4/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp5/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp6/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp7/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp8/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/images/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/joomla/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/libraries/joomla/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/administrator/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/components/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/templates/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/includes/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/modules/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/plugins/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/drupal/", WelcomePackHandle)
r.HandleFunc("/Drupal.php", WelcomePackHandle)
r.PathPrefix("/core/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/web.config", WelcomePackHandle)
r.HandleFunc("/server.php", WelcomePackHandle)
r.HandleFunc("/composer.json", WelcomePackHandle)
r.PathPrefix("/cacti/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/thinkphp/").Handler(http.HandlerFunc(WelcomePackHandle))
// SQL
r.PathPrefix("/phpmyadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/pma/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phpMyAdmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/mysqladmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/sql/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/myadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/mysql/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/db/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phpmy/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phppma/").Handler(http.HandlerFunc(WelcomePackHandle))
// OTHER
r.HandleFunc("/echo.php", WelcomePackHandle)
r.HandleFunc("/composer.php", WelcomePackHandle)
r.HandleFunc("/uploader.php", WelcomePackHandle)
r.HandleFunc("/shell.php", WelcomePackHandle)
r.HandleFunc("/freenode-proxy-checker.txt", WelcomePackHandle)
r.HandleFunc("/cmd.php", WelcomePackHandle)
r.HandleFunc("/muhstiks.php", WelcomePackHandle)
r.HandleFunc("/muhstik.php", WelcomePackHandle)
r.HandleFunc("/jmx-console", WelcomePackHandle)
r.HandleFunc("/status.php", WelcomePackHandle)
r.PathPrefix("/TP/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/HNAP1/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/manager/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/program/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/shopdb/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/programs/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/jenkins/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/w00tw00t.at.blackhats.romanian.anti-sec:)", WelcomePackHandle)
r.HandleFunc("/judge.php", WelcomePackHandle)
r.HandleFunc("/muieblackcat", WelcomePackHandle)
r.HandleFunc("/.env", WelcomePackHandle)
r.HandleFunc("/log", WelcomePackHandle)
r.HandleFunc("/configs", WelcomePackHandle)
r.HandleFunc("/config", WelcomePackHandle)
r.HandleFunc("/cfg", WelcomePackHandle)
r.HandleFunc("/gs", WelcomePackHandle)
r.HandleFunc("/gsProvision", WelcomePackHandle)
r.HandleFunc("/overrides", WelcomePackHandle)
r.HandleFunc("/polycom", WelcomePackHandle)
r.HandleFunc("/spa.xml", WelcomePackHandle)
r.HandleFunc("/yealink", WelcomePackHandle)
r.HandleFunc("/help.php", WelcomePackHandle)
r.HandleFunc("/java.php", WelcomePackHandle)
r.HandleFunc("/_query.php", WelcomePackHandle)
r.HandleFunc("/test.php", WelcomePackHandle)
r.HandleFunc("/db_cts.php", WelcomePackHandle)
r.HandleFunc("/db_pma.php", WelcomePackHandle)
r.HandleFunc("/logon.php", WelcomePackHandle)
r.HandleFunc("/help-e.php", WelcomePackHandle)
r.HandleFunc("/license.php", WelcomePackHandle)
r.HandleFunc("/log.php", WelcomePackHandle)
r.HandleFunc("/hell.php", WelcomePackHandle)
r.HandleFunc("/pmd_online.php", WelcomePackHandle)
r.HandleFunc("/x.php", WelcomePackHandle)
r.HandleFunc("/htdocs.php", WelcomePackHandle)
r.HandleFunc("/b.php", WelcomePackHandle)
r.HandleFunc("/desktop.ini.php", WelcomePackHandle)
r.HandleFunc("/z.php", WelcomePackHandle)
r.HandleFunc("/lala.php", WelcomePackHandle)
r.HandleFunc("/lala-dpr.php", WelcomePackHandle)
r.HandleFunc("/wpc.php", WelcomePackHandle)
r.HandleFunc("/wpo.php", WelcomePackHandle)
r.HandleFunc("/t6nv.php", WelcomePackHandle)
r.HandleFunc("/text.php", WelcomePackHandle)
r.HandleFunc("/muhstik2.php", WelcomePackHandle)
r.HandleFunc("/muhstik-dpr.php", WelcomePackHandle)
r.HandleFunc("/lol.php", WelcomePackHandle)
r.HandleFunc("/cmv.php", WelcomePackHandle)
r.HandleFunc("/cmdd.php", WelcomePackHandle)
r.HandleFunc("/knal.php", WelcomePackHandle)
r.HandleFunc("/appserv.php", WelcomePackHandle)
r.HandleFunc("/d7.php", WelcomePackHandle)
r.HandleFunc("/rxr.php", WelcomePackHandle)
r.HandleFunc("/1x.php", WelcomePackHandle)
r.HandleFunc("/home.php", WelcomePackHandle)
r.HandleFunc("/undx.php", WelcomePackHandle)
r.HandleFunc("/spider.php", WelcomePackHandle)
r.HandleFunc("/payload.php", WelcomePackHandle)
r.HandleFunc("/composers.php", WelcomePackHandle)
r.HandleFunc("/izom.php", WelcomePackHandle)
r.HandleFunc("/hue2.php", WelcomePackHandle)
r.HandleFunc("/new_license.php", WelcomePackHandle)
r.HandleFunc("/up.php", WelcomePackHandle)
r.PathPrefix("/pmd/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/PMA/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/PMA2/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/pmamy/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/pmamy2/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/dbadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/tools/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phpma/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/php-my-admin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/websql/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/dbadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/xmlrpc.php", WelcomePackHandle)
r.PathPrefix("/user/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/vuln.htm", WelcomePackHandle)
r.HandleFunc("/webconfig.txt.php", WelcomePackHandle)
return nil
})
}
// DEFAULT
r.HandleFunc("/index.php", WelcomePackHandle)
r.PathPrefix("/html/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/public/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/webdav/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/www/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/MAMP/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/xampp/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/web/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/scripts/").Handler(http.HandlerFunc(WelcomePackHandle))
// CMS
r.PathPrefix("/blog/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/cms/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wordpress/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp-admin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp-content/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/wp-config.php", WelcomePackHandle)
r.HandleFunc("/wp-login.php", WelcomePackHandle)
r.PathPrefix("/wp1/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp2/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp3/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp4/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp5/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp6/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp7/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/wp8/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/images/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/joomla/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/libraries/joomla/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/administrator/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/components/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/templates/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/includes/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/modules/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/plugins/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/drupal/", WelcomePackHandle)
r.HandleFunc("/Drupal.php", WelcomePackHandle)
r.PathPrefix("/core/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/web.config", WelcomePackHandle)
r.HandleFunc("/server.php", WelcomePackHandle)
r.HandleFunc("/composer.json", WelcomePackHandle)
r.PathPrefix("/cacti/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/thinkphp/").Handler(http.HandlerFunc(WelcomePackHandle))
// SQL
r.PathPrefix("/phpmyadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/pma/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phpMyAdmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/mysqladmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/sql/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/myadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/mysql/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/db/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phpmy/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phppma/").Handler(http.HandlerFunc(WelcomePackHandle))
// OTHER
r.HandleFunc("/echo.php", WelcomePackHandle)
r.HandleFunc("/composer.php", WelcomePackHandle)
r.HandleFunc("/uploader.php", WelcomePackHandle)
r.HandleFunc("/shell.php", WelcomePackHandle)
r.HandleFunc("/freenode-proxy-checker.txt", WelcomePackHandle)
r.HandleFunc("/cmd.php", WelcomePackHandle)
r.HandleFunc("/muhstiks.php", WelcomePackHandle)
r.HandleFunc("/muhstik.php", WelcomePackHandle)
r.HandleFunc("/jmx-console", WelcomePackHandle)
r.HandleFunc("/status.php", WelcomePackHandle)
r.PathPrefix("/TP/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/HNAP1/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/manager/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/program/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/shopdb/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/programs/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/jenkins/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/w00tw00t.at.blackhats.romanian.anti-sec:)", WelcomePackHandle)
r.HandleFunc("/judge.php", WelcomePackHandle)
r.HandleFunc("/muieblackcat", WelcomePackHandle)
r.HandleFunc("/.env", WelcomePackHandle)
r.HandleFunc("/log", WelcomePackHandle)
r.HandleFunc("/configs", WelcomePackHandle)
r.HandleFunc("/config", WelcomePackHandle)
r.HandleFunc("/cfg", WelcomePackHandle)
r.HandleFunc("/gs", WelcomePackHandle)
r.HandleFunc("/gsProvision", WelcomePackHandle)
r.HandleFunc("/overrides", WelcomePackHandle)
r.HandleFunc("/polycom", WelcomePackHandle)
r.HandleFunc("/spa.xml", WelcomePackHandle)
r.HandleFunc("/yealink", WelcomePackHandle)
r.HandleFunc("/help.php", WelcomePackHandle)
r.HandleFunc("/java.php", WelcomePackHandle)
r.HandleFunc("/_query.php", WelcomePackHandle)
r.HandleFunc("/test.php", WelcomePackHandle)
r.HandleFunc("/db_cts.php", WelcomePackHandle)
r.HandleFunc("/db_pma.php", WelcomePackHandle)
r.HandleFunc("/logon.php", WelcomePackHandle)
r.HandleFunc("/help-e.php", WelcomePackHandle)
r.HandleFunc("/license.php", WelcomePackHandle)
r.HandleFunc("/log.php", WelcomePackHandle)
r.HandleFunc("/hell.php", WelcomePackHandle)
r.HandleFunc("/pmd_online.php", WelcomePackHandle)
r.HandleFunc("/x.php", WelcomePackHandle)
r.HandleFunc("/htdocs.php", WelcomePackHandle)
r.HandleFunc("/b.php", WelcomePackHandle)
r.HandleFunc("/desktop.ini.php", WelcomePackHandle)
r.HandleFunc("/z.php", WelcomePackHandle)
r.HandleFunc("/lala.php", WelcomePackHandle)
r.HandleFunc("/lala-dpr.php", WelcomePackHandle)
r.HandleFunc("/wpc.php", WelcomePackHandle)
r.HandleFunc("/wpo.php", WelcomePackHandle)
r.HandleFunc("/t6nv.php", WelcomePackHandle)
r.HandleFunc("/text.php", WelcomePackHandle)
r.HandleFunc("/muhstik2.php", WelcomePackHandle)
r.HandleFunc("/muhstik-dpr.php", WelcomePackHandle)
r.HandleFunc("/lol.php", WelcomePackHandle)
r.HandleFunc("/cmv.php", WelcomePackHandle)
r.HandleFunc("/cmdd.php", WelcomePackHandle)
r.HandleFunc("/knal.php", WelcomePackHandle)
r.HandleFunc("/appserv.php", WelcomePackHandle)
r.HandleFunc("/d7.php", WelcomePackHandle)
r.HandleFunc("/rxr.php", WelcomePackHandle)
r.HandleFunc("/1x.php", WelcomePackHandle)
r.HandleFunc("/home.php", WelcomePackHandle)
r.HandleFunc("/undx.php", WelcomePackHandle)
r.HandleFunc("/spider.php", WelcomePackHandle)
r.HandleFunc("/payload.php", WelcomePackHandle)
r.HandleFunc("/composers.php", WelcomePackHandle)
r.HandleFunc("/izom.php", WelcomePackHandle)
r.HandleFunc("/hue2.php", WelcomePackHandle)
r.HandleFunc("/new_license.php", WelcomePackHandle)
r.HandleFunc("/up.php", WelcomePackHandle)
r.PathPrefix("/pmd/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/PMA/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/PMA2/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/pmamy/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/pmamy2/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/dbadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/tools/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/phpma/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/php-my-admin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/websql/").Handler(http.HandlerFunc(WelcomePackHandle))
r.PathPrefix("/dbadmin/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/xmlrpc.php", WelcomePackHandle)
r.PathPrefix("/user/").Handler(http.HandlerFunc(WelcomePackHandle))
r.HandleFunc("/vuln.htm", WelcomePackHandle)
r.HandleFunc("/webconfig.txt.php", WelcomePackHandle)
return nil
})
}