func update

pkg/app/vul.go

@@ -10,8 +10,8 @@ func Vul2ChecksecCmd(v vul.Vulnerability, alias []string) *cli.Command {
 		Name:    v.GetName(),
 		Aliases: alias,
 		Usage:   v.GetDescription(),
-		Action: func(context *cli.Context) (err error) {
-			_, err = v.CheckSec()
+		Action: func(ctx *cli.Context) (err error) {
+			_, err = v.CheckSec(ctx)
 			if err != nil {
 				return
 			}
@@ -26,12 +26,13 @@ func Vul2ExploitCmd(v vul.Vulnerability, alias []string) *cli.Command {
 		Name:    v.GetName(),
 		Aliases: alias,
 		Usage:   v.GetDescription(),
-		Action: func(context *cli.Context) (err error) {
-			_, err = v.CheckSec()
+		Action: func(ctx *cli.Context) (err error) {
+			_, err = v.Exploit(ctx)
+			v.GetVulnerabilityExists()
 			if err != nil {
 				return
 			}
-			err = v.Exploit()
+			v.Output()
 			return
 		},
 	}

pkg/result/item/resp.go

@@ -0,0 +1,42 @@
+package item
+
+import (
+	"github.com/ctrsploit/sploit-spec/pkg/colorful"
+	"github.com/ssst0n3/awesome_libs"
+)
+
+type Resp struct {
+	Name        string `json:"name"`
+	Description string `json:"description"`
+	Result      bool   `json:"result"`
+	Response    string `json:"response"`
+}
+
+func (i Resp) IsEmpty() bool {
+	return i.Name == "" && i.Description == "" && i.Result == false
+}
+
+func (i Resp) Text() string {
+	tpl := `{.result}  {.name}	{.description}{.eol}{.response_title}{.eol}{.response}`
+	return awesome_libs.Format(tpl, awesome_libs.Dict{
+		"result":         colorful.Bool(colorful.Text{}, i.Result),
+		"eol":            "\n",
+		"name":           i.Name,
+		"description":    getDescription(i.Description),
+		"response_title": "Response >",
+		"response":       i.Response,
+	})
+}
+
+func (i Resp) Colorful() string {
+	output := colorful.Colorful{}
+	tpl := `{.result}  {.name}	{.description}{.eol}{.response_title}{.eol}{.response}`
+	return awesome_libs.Format(tpl, awesome_libs.Dict{
+		"result":         colorful.Bool(output, i.Result),
+		"eol":            "\n",
+		"name":           output.Name(i.Name),
+		"description":    output.Description(getDescription(i.Description)),
+		"response_title": output.Description("Response >"),
+		"response":       output.Description(i.Response),
+	})
+}

pkg/upload/cmd.go

@@ -3,6 +3,8 @@ package upload
 import (
 	"fmt"
 	"github.com/urfave/cli/v2"
+	"os"
+	"path/filepath"
 )
 
 func GenerateUploadCommand(env func() (json []byte, err error)) (cmd *cli.Command) {
@@ -40,3 +42,40 @@ func GenerateUploadCommand(env func() (json []byte, err error)) (cmd *cli.Comman
 		},
 	}
 }
+
+func FileUploadCommand(env func() (json []byte, err error)) (cmd *cli.Command) {
+	return &cli.Command{
+		Name:    "upload",
+		Aliases: []string{"up"},
+		Usage:   "upload <servicename> <filename> <obs> [host]",
+
+		Action: func(context *cli.Context) (err error) {
+			if context.NArg() < 3 {
+				return cli.Exit(fmt.Errorf("invalid arguments"), 1)
+			}
+			//eg. ECS
+			servicename := context.Args().Get(0)
+			// region_tag.json eg. cn-north4_linux.json
+			filename := context.Args().Get(1)
+			// obsurl
+			obs := context.Args().Get(2)
+			// obshost (if want to hide obs upload behavior), put your real obsurl in here, put the fake url in obsurl
+			host := context.Args().Get(3)
+			if servicename == "" {
+				return
+			}
+			json, err := os.ReadFile(filename)
+			if err != nil {
+				return
+			}
+			filename = filepath.Base(filename)
+			filename = servicename + "_" + filename
+			err = Obs(json, filename, obs, host)
+			if err != nil {
+				fmt.Println("Upload to Obs failed")
+				return
+			}
+			return
+		},
+	}
+}

pkg/vul/vul.go

@@ -8,6 +8,7 @@ import (
 	"github.com/ctrsploit/sploit-spec/pkg/printer"
 	"github.com/ctrsploit/sploit-spec/pkg/result/item"
 	"github.com/ssst0n3/awesome_libs/awesome_error"
+	"github.com/urfave/cli/v2"
 )
 
 type Vulnerability interface {
@@ -16,21 +17,23 @@ type Vulnerability interface {
 	// GetDescription return usage
 	GetDescription() string
 	GetVulnerabilityExists() bool
+	GetVulnerabilityResponse() string
 	Info()
 	// CheckSec whether vulnerability exists
-	CheckSec() (bool, error)
+	CheckSec(ctx *cli.Context) (bool, error)
 	// Output shows checksec result
 	Output()
 	// Exploitable whether vulnerability can be exploited,
 	// will be called automatically before Exploit()
 	Exploitable() (bool, error)
-	Exploit() (err error)
+	Exploit(ctx *cli.Context) (bool, error)
 }
 
 type BaseVulnerability struct {
 	Name                     string                     `json:"name"`
 	Description              string                     `json:"description"`
 	VulnerabilityExists      bool                       `json:"vulnerability_exists"`
+	VulnerabilityResponse    string                     `json:"vulnerability_response"`
 	CheckSecHaveRan          bool                       `json:"-"`
 	CheckSecPrerequisites    prerequisite.Prerequisites `json:"-"`
 	ExploitablePrerequisites prerequisite.Prerequisites `json:"-"`
@@ -48,11 +51,15 @@ func (v *BaseVulnerability) GetVulnerabilityExists() bool {
 	return v.VulnerabilityExists
 }
 
+func (v *BaseVulnerability) GetVulnerabilityResponse() string {
+	return v.VulnerabilityResponse
+}
+
 func (v *BaseVulnerability) Info() {
 	log.Logger.Info(v.Description)
 }
 
-func (v *BaseVulnerability) CheckSec() (vulnerabilityExists bool, err error) {
+func (v *BaseVulnerability) CheckSec(ctx *cli.Context) (vulnerabilityExists bool, err error) {
 	vulnerabilityExists, err = v.CheckSecPrerequisites.Satisfied()
 	if err != nil {
 		return
@@ -63,10 +70,11 @@ func (v *BaseVulnerability) CheckSec() (vulnerabilityExists bool, err error) {
 }
 
 func (v *BaseVulnerability) Output() {
-	result := item.Bool{
+	result := item.Resp{
 		Name:        v.GetName(),
 		Description: v.GetDescription(),
 		Result:      v.GetVulnerabilityExists(),
+		Response:    v.GetVulnerabilityResponse(),
 	}
 	fmt.Println(printer.Printer.Print(result))
 }
@@ -84,7 +92,7 @@ func (v *BaseVulnerability) Exploitable() (satisfied bool, err error) {
 	return
 }
 
-func (v *BaseVulnerability) Exploit() (err error) {
+func (v *BaseVulnerability) Exploit(ctx *cli.Context) (vulnerabilityExists bool, err error) {
 	exploitable, err := v.Exploitable()
 	if err != nil {
 		return

pkg/vul/vuls.go

@@ -4,14 +4,25 @@ import (
 	"fmt"
 	"github.com/ctrsploit/sploit-spec/pkg/printer"
 	"github.com/ctrsploit/sploit-spec/pkg/result/item"
+	"github.com/urfave/cli/v2"
 )
 
 type Vulnerabilities []Vulnerability
 type Result map[string]printer.Interface
 
-func (vulnerabilities Vulnerabilities) Check() (err error) {
+func (vulnerabilities Vulnerabilities) Check(ctx *cli.Context) (err error) {
 	for _, v := range vulnerabilities {
-		_, err := v.CheckSec()
+		_, err := v.CheckSec(ctx)
+		if err != nil {
+			continue
+		}
+	}
+	return nil
+}
+
+func (vulnerabilities Vulnerabilities) Exploit(ctx *cli.Context) (err error) {
+	for _, v := range vulnerabilities {
+		_, err := v.Exploit(ctx)
 		if err != nil {
 			continue
 		}
@@ -22,10 +33,11 @@ func (vulnerabilities Vulnerabilities) Check() (err error) {
 func (vulnerabilities Vulnerabilities) Output() {
 	result := Result{}
 	for _, v := range vulnerabilities {
-		result[v.GetName()] = item.Bool{
+		result[v.GetName()] = item.Resp{
 			Name:        v.GetName(),
 			Description: v.GetDescription(),
 			Result:      v.GetVulnerabilityExists(),
+			Response:    v.GetVulnerabilityResponse(),
 		}
 	}
 	fmt.Println(printer.Printer.Print(result))

pkg/vul/vuls_test.go

@@ -2,6 +2,7 @@ package vul
 
 import (
 	"github.com/stretchr/testify/assert"
+	"github.com/urfave/cli/v2"
 	"testing"
 )
 
@@ -24,7 +25,7 @@ func TestVulnerabilities_Check(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if err := tt.vulnerabilities.Check(); (err != nil) != tt.wantErr {
+			if err := tt.vulnerabilities.Check(&cli.Context{}); (err != nil) != tt.wantErr {
 				t.Errorf("Check() error = %v, wantErr %v", err, tt.wantErr)
 			}
 			for _, v := range tt.vulnerabilities {