dassecurity-hatlab / aoiawd Goto Github PK
View Code? Open in Web Editor NEWAoiAWD-专为比赛设计,便携性好,低权限运行的EDR系统。
License: GNU Affero General Public License v3.0
AoiAWD-专为比赛设计,便携性好,低权限运行的EDR系统。
License: GNU Affero General Public License v3.0
已载入列表插件为空且点击重载后无反应,三个探针插件均已部署到靶机
请问是哪个环节出了问题
Hello there!
My name is Ana. I noted that you use the mutation testing tool in the project.
I am a postdoctoral researcher at the University of Seville (Spain), and my colleagues and I are studying how mutation testing tools are used in practice. With this aim in mind, we have analysed over 3,500 public GitHub repositories using mutation testing tools, including yours! This work has recently been published in a journal paper available at https://link.springer.com/content/pdf/10.1007/s10664-022-10177-8.pdf.
To complete this study, we are asking for your help to understand better how mutation testing is used in practice, please! We would be extremely grateful if you could contribute to this study by answering a brief survey of 21 simple questions (no more than 6 minutes). This is the link to the questionnaire https://forms.gle/FvXNrimWAsJYC1zB9.
Drop me an e-mail if you have any questions or comments ([email protected]). Thank you very much in advance!!
#配依赖项时候踩了几个小坑,以下方案在刚装完系统的Ubuntu 20.04上使用腾讯源和阿里源测试可以完成安装和编译
sudo apt update
sudo apt install -y mongodb-server
sudo apt install -y php-pear #pecl所在包
sudo apt-get install -y php-dev #mongodb的php依赖项
sudo pecl -y install mongodb
sudo find / -name php.ini #找到ini的路径
sudo vi /etc/php/7.4/cli/php.ini #在800行左右的扩展设置里添加 extension=mongodb.so(按照上边安装完成的指示添加即可)
unzip AoiAWD-master.zip #本项目的源码
cd AoiAWD-master/
cd Frontend
sudo apt install npm
npm install
npm run build
cd ../AoiAWD
rm -rf src/public/*
cp -r ../Frontend/dist/* src/public/
#修改phar的 readonly=Off 去掉注释 在1000行左右,默认是被注释掉的
sudo vi /etc/php/7.4/cli/php.ini #注意这里ini的路径
php compile.php
cd ../TapeWorm
php compile.php
#安装 RoundWorm 的依赖项
#wget --no-check-certificate https://github.com/downloads/rvoicilas/inotify-tools/inotify-tools-3.14.tar.gz
#更新:inotify-tools-3.14.tar.gz的链接失效了 可以试试
wget --no-check-certificate https://github.com/inotify-tools/inotify-tools/archive/refs/tags/3.20.2.zip
tar zxvf inotify-tools-3.14.tar.gz
cd inotify-tools-3.14/
./configure
make
sudo make install
cd ..
cd ../RoundWorm
make
cd ../Guardian
php compile.php
#大功告成!开始欢乐的AWD吧! 以下文件是拷贝到用户控制的机器上运行的
cd ..
cp ./Guardian/guardian.phar ./
cp ./TapeWorm/tapeworm.phar ./
cp ./RoundWorm/roundworm ./
#20 注 flag正则请修改AoiAWD-master/AoiAWD/plugins/FlagBuster.php第22行的正则。
请问输出流量篡改是目前仅支持web类型题目吗?PWN类型赛题不支持?
使用Docker部署完后,只有aoiawd.phar文件,而且是usr/src/目录下,没有其他phar文件,
docker compose up -d 后,没有accesstoken
在centos8 中安装了docker,使用docker_AoiAWD_Start.sh 安装,报错。。。
[root@centos8 AoiAWD]# ./docker_AoiAWD_Start.sh
./docker_AoiAWD_Start.sh: line 31: syntax error near unexpected token elif' '/docker_AoiAWD_Start.sh: line 31:
elif [[ "$RUN_STATUS" =~ "up-to-date" ]];then
请问,flagbuster没有效果该咋办
在 Frontend 中执行 npm install
时报错,debug 日志如下:
24606 verbose notsup SKIPPING OPTIONAL DEPENDENCY: Valid OS: darwin
24606 verbose notsup SKIPPING OPTIONAL DEPENDENCY: Valid Arch: any
24606 verbose notsup SKIPPING OPTIONAL DEPENDENCY: Actual OS: linux
24606 verbose notsup SKIPPING OPTIONAL DEPENDENCY: Actual Arch: x64
24607 verbose stack Error: [email protected] postinstall: `node scripts/build.js`
24607 verbose stack Exit status 1
24607 verbose stack at EventEmitter.<anonymous> (/usr/lib/node_modules/npm/node_modules/npm-lifecycle/index.js:332:16)
24607 verbose stack at EventEmitter.emit (events.js:314:20)
24607 verbose stack at ChildProcess.<anonymous> (/usr/lib/node_modules/npm/node_modules/npm-lifecycle/lib/spawn.js:55:14)
24607 verbose stack at ChildProcess.emit (events.js:314:20)
24607 verbose stack at maybeClose (internal/child_process.js:1047:16)
24607 verbose stack at Process.ChildProcess._handle.onexit (internal/child_process.js:287:5)
24608 verbose pkgid [email protected]
24609 verbose cwd /home/gsfish/Tools/Defense/AoiAWD/Frontend
24610 verbose Linux 5.4.63-1-lts
24611 verbose argv "/usr/bin/node" "/usr/bin/npm" "install"
24612 verbose node v14.10.0
24613 verbose npm v6.14.7
24614 error code ELIFECYCLE
24615 error errno 1
24616 error [email protected] postinstall: `node scripts/build.js`
24616 error Exit status 1
24617 error Failed at the [email protected] postinstall script.
24617 error This is probably not a problem with npm. There is likely additional logging output above.
24618 verbose exit [ 1, true ]
修改 package.json
中 node-sass
的版本可解决上述问题:
"node-sass": "^4.12.0"
完全参照 BUILD.md,均构建成功。
除了运行 sudo apt install mongodb-server
外,还运行了:
$ sudo apt install php-mongodb
首先启动 mongodb 服务器:
$ sudo mongod
......
2020-09-26T23:54:02.295+0800 I FTDC [initandlisten] Initializing full-time diagnostic data capture with directory '/data/db/diagnostic.data'
2020-09-26T23:54:02.297+0800 I NETWORK [initandlisten] waiting for connections on port 27017
随后运行:
$ ./aoiawd.phar
...
[2020-09-26 23:55:00] MainServer.info: MongoDB Connect mongodb://127.0.0.1:27017 [] []
[2020-09-26 23:55:00] PluginManager.info: Loading plugin: FlagBuster.php [] []
[2020-09-26 23:55:00] PluginManager.info: Register Routine: web Operation: processlog [] []
[2020-09-26 23:55:00] PluginManager.info: Plugin Loaded. [] []
[2020-09-26 23:55:00] PluginManager.info: Loading plugin: KingWatcher.php [] []
[2020-09-26 23:55:00] PluginManager.info: Register Routine: filesystem Operation: processlog [] []
[2020-09-26 23:55:00] PluginManager.info: Plugin Loaded. [] []
[2020-09-26 23:55:00] PluginManager.info: Loading plugin: ZombieKiller.php [] []
[2020-09-26 23:55:00] PluginManager.info: Register Routine: filesystem Operation: processlog [] []
[2020-09-26 23:55:00] PluginManager.info: Plugin Loaded. [] []
[2020-09-26 23:55:00] Amp\Http\Server\Server.info: Listening on http://0.0.0.0:1337/ [] []
[2020-09-26 23:55:00] aoicommon\socket\AsyncTCPServer.info: Listening on 0.0.0.0:8023 [] []
接着将 access token 输入到 web 页面,出现报错信息:
[2020-09-26 23:56:12] Amp\Http\Server\Server.error: Error: Call to undefined method MongoDB\Driver\Server::executeReadCommand() in phar:///path/to/AoiAWD/AoiAWD/aoiawd.phar/vendor/mongodb/mongodb/src/Operation/Count.php:154
而在 mongodb 服务器运行的终端中,出现:
2020-09-26T23:56:12.488+0800 I NETWORK [listener] connection accepted from 127.0.0.1:58150 #1 (1 connection now open)
2020-09-26T23:56:12.491+0800 I NETWORK [conn1] received client metadata from 127.0.0.1:58150 conn: { driver: { name: "mongoc / ext-mongodb:PHP", version: "1.8.2 / 1.3.4" }, os: { type: "Linux", name: "Ubuntu", version: "18.04", architecture: "x86_64" }, platform: "cfg=0x2b8e9 posix=200809 stdc=201112 CC=GCC 7.3.0 CFLAGS="-g -O2 -fdebug-prefix-map=/build/php-mongodb-XOtnKb/php-mongodb-1.3.4=. -fstack-protector-st..." }
OS: Ubuntu 18.04 (WSL)
$ php -v
PHP 7.2.24-0ubuntu0.18.04.6 (cli) (built: May 26 2020 13:09:11) ( NTS )
$ php -i | grep mongo
mongodb
libmongoc bundled version => 1.8.2
libmongoc SSL => enabled
libmongoc SSL library => OpenSSL
libmongoc crypto => enabled
libmongoc crypto library => libcrypto
libmongoc crypto system profile => disabled
libmongoc SASL => enabled
mongodb.debug => no value => no value
$ php --ri mongodb
MongoDB extension version => 1.3.4
libbson bundled version => 1.8.2
libmongoc bundled version => 1.8.2
$ mongod --version
db version v3.6.3
git version: 9586e557d54ef70f9ca4b43c26892cd55257e1a5
OpenSSL version: OpenSSL 1.1.1 11 Sep 2018
allocator: tcmalloc
modules: none
build environment:
distarch: x86_64
target_arch: x86_64
src/io.c:3:34: fatal error: inotifytools/inotify.h: 没有那个文件或目录
compilation terminated.
Makefile:16: recipe for target 'src/io.o' failed
make: *** [src/io.o] Error 1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.