Merge pull request #7 from wgpsec/dev

feat: support lists qiniu cloud kodo services

CHANGELOG.md

@@ -1,9 +1,10 @@
 # Change Log
 
-## [v1.0.0](https://github.com/wgpsec/lc/releases/tag/v1.0.0)
+## [v1.0.0](https://github.com/wgpsec/lc/releases/tag/v1.0.0) 2024.4.20
 
 * 支持列出阿里云 RDS 数据库服务
 * 支持列出腾讯云 COS 对象存储服务
+* 支持列出七牛云 Kodo 对象存储服务
 * 增加详细日志输出
 
 ## [v0.0.1](https://github.com/wgpsec/lc/releases/tag/v0.0.1) 2024.4.6

README.md

@@ -36,18 +36,19 @@ LC（List Cloud）是一个多云攻击面资产梳理的工具，使用 LC 可
 ### 支持列出的云服务
 
 | 序号 | 云服务商 |    服务名称    |
-|:--:| :------: |:----------:|
-| 1  |  阿里云  |  ECS 云服务器  |
-| 2  |  阿里云  |  OSS 对象存储  |
-| 3  |  阿里云  |  RDS 数据库   |
-| 4  |  腾讯云  |  CVM 云服务器  |
-| 5  |  腾讯云  | LH 轻量应用服务器 |
-| 6  |  腾讯云  |  COS 对象存储  |
-| 7  |  华为云  |  OBS 对象存储  |
-| 8  |  天翼云  |  OOS 对象存储  |
-| 9  |  百度云  |  BOS 对象存储  |
-| 10 |  百度云  |  BCC 云服务器  |
-| 11 |  联通云  |  OSS 对象存储  |
+|:--:|:----:|:----------:|
+| 1  | 阿里云  |  ECS 云服务器  |
+| 2  | 阿里云  |  OSS 对象存储  |
+| 3  | 阿里云  |  RDS 数据库   |
+| 4  | 腾讯云  |  CVM 云服务器  |
+| 5  | 腾讯云  | LH 轻量应用服务器 |
+| 6  | 腾讯云  |  COS 对象存储  |
+| 7  | 华为云  |  OBS 对象存储  |
+| 8  | 天翼云  |  OOS 对象存储  |
+| 9  | 百度云  |  BOS 对象存储  |
+| 10 | 百度云  |  BCC 云服务器  |
+| 11 | 联通云  |  OSS 对象存储  |
+| 12 | 七牛云  | Kodo 对象存储  |
 
 ## 使用手册
 

cmd/configFile.go

@@ -25,40 +25,47 @@ const defaultConfigFile = `# # lc (list cloud) 的云服务商配置文件
 
 # # 腾讯云
 # # 访问凭证获取地址：https://console.cloud.tencent.com/cam
-# - provider: tencent cloud
+# - provider: tencent
 #   id: tencent_cloud_default
 #   access_key: 
 #   secret_key: 
 #   session_token: 
 
 # # 华为云
 # # 访问凭证获取地址：https://console.huaweicloud.com/iam
-# - provider: huawei cloud
+# - provider: huawei
 #   id: huawei_cloud_default
 #   access_key: 
 #   secret_key: 
 #   session_token: 
 
 # # 天翼云
 # # 访问凭证获取地址：https://oos-cn.ctyun.cn/oos/ctyun/iam/dist/index.html#/certificate
-# - provider: ctyun
-#  id: ctyun_default
+# - provider: tianyi
+#  id: tianyi_cloud_default
 #  access_key: 
 #  secret_key:
 
 # # 百度云
 # # 访问凭证获取地址：https://console.bce.baidu.com/iam/
-# - provider: baidu cloud
+# - provider: baidu
 #   id: baidu_cloud_default
 #   access_key: 
 #   secret_key: 
 #   session_token: 
 
 # # 联通云
 # # 访问凭证获取地址：https://console.cucloud.cn/console/uiam
-# - provider: cu cloud
-#   id: cu_cloud_default
+# - provider: liantong
+#   id: liantong_cloud_default
 #   access_key: 
 #   secret_key: 
 #   session_token: 
+
+# # 七牛云
+# # 访问凭证获取地址：https://portal.qiniu.com/developer/user/key
+# - provider: qiniu
+#   id: qiniu_cloud_default
+#   access_key: 
+#   secret_key:
 `

go.mod

@@ -11,6 +11,7 @@ require (
 	github.com/projectdiscovery/goflags v0.1.46
 	github.com/projectdiscovery/gologger v1.1.12
 	github.com/projectdiscovery/utils v0.0.87
+	github.com/qiniu/go-sdk/v7 v7.20.0
 	github.com/teamssix/oos-go-sdk v0.0.1
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.893
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.893
@@ -26,6 +27,7 @@ require (
 	github.com/clbanning/mxj v1.8.4 // indirect
 	github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
+	github.com/gofrs/flock v0.8.1 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/gorilla/css v1.0.0 // indirect
@@ -55,6 +57,7 @@ require (
 	golang.org/x/exp v0.0.0-20221205204356-47842c84f3db // indirect
 	golang.org/x/mod v0.12.0 // indirect
 	golang.org/x/net v0.20.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
 	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect

pkg/inventory/inventory.go

@@ -3,11 +3,12 @@ package inventory
 import (
 	"fmt"
 	"github.com/wgpsec/lc/pkg/providers/aliyun"
-	"github.com/wgpsec/lc/pkg/providers/baiducloud"
-	"github.com/wgpsec/lc/pkg/providers/ctyun"
-	"github.com/wgpsec/lc/pkg/providers/cucloud"
-	"github.com/wgpsec/lc/pkg/providers/huaweicloud"
-	"github.com/wgpsec/lc/pkg/providers/tencentcloud"
+	"github.com/wgpsec/lc/pkg/providers/baidu"
+	"github.com/wgpsec/lc/pkg/providers/huawei"
+	"github.com/wgpsec/lc/pkg/providers/liantong"
+	"github.com/wgpsec/lc/pkg/providers/qiniu"
+	"github.com/wgpsec/lc/pkg/providers/tencent"
+	"github.com/wgpsec/lc/pkg/providers/tianyi"
 	"github.com/wgpsec/lc/pkg/schema"
 	"github.com/wgpsec/lc/utils"
 )
@@ -37,16 +38,18 @@ func nameToProvider(value string, block schema.OptionBlock) (schema.Provider, er
 	switch value {
 	case utils.Aliyun:
 		return aliyun.New(block)
-	case utils.TencentCloud:
-		return tencentcloud.New(block)
-	case utils.HuaweiCloud:
-		return huaweicloud.New(block)
-	case utils.Ctyun:
-		return ctyun.New(block)
-	case utils.BaiduCloud:
-		return baiducloud.New(block)
-	case utils.CuCloud:
-		return cucloud.New(block)
+	case utils.Tencent:
+		return tencent.New(block)
+	case utils.Huawei:
+		return huawei.New(block)
+	case utils.TianYi:
+		return tianyi.New(block)
+	case utils.Baidu:
+		return baidu.New(block)
+	case utils.LianTong:
+		return liantong.New(block)
+	case utils.QiNiu:
+		return qiniu.New(block)
 	default:
 		return nil, fmt.Errorf("发现无效的云服务商名: %s", value)
 	}

pkg/providers/baiducloud/baiducloud.go → pkg/providers/baidu/baidu.go

@@ -1,4 +1,4 @@
-package baiducloud
+package baidu
 
 import (
 	"context"
@@ -80,7 +80,7 @@ func New(options schema.OptionBlock) (*Provider, error) {
 		okST:            okST,
 	}
 
-	return &Provider{provider: utils.BaiduCloud, id: id, bosClient: bosClient, config: config}, nil
+	return &Provider{provider: utils.Baidu, id: id, bosClient: bosClient, config: config}, nil
 }
 
 func (p *Provider) Resources(ctx context.Context) (*schema.Resources, error) {

pkg/providers/baiducloud/bcc.go → pkg/providers/baidu/bcc.go

@@ -1,4 +1,4 @@
-package baiducloud
+package baidu
 
 import (
 	"context"
@@ -61,7 +61,6 @@ func (d *instanceProvider) describeInstances(ch <-chan string, wg *sync.WaitGrou
 		bccClient *bcc.Client
 	)
 	for endpoint := range ch {
-
 		if d.config.okST {
 			bccClient, err = bcc.NewClient(d.config.accessKeyID, d.config.accessKeySecret, "")
 			if err != nil {

pkg/providers/baiducloud/bos.go → pkg/providers/baidu/bos.go

@@ -1,8 +1,9 @@
-package baiducloud
+package baidu
 
 import (
 	"context"
 	"github.com/baidubce/bce-sdk-go/services/bos"
+	"github.com/projectdiscovery/gologger"
 	"github.com/wgpsec/lc/pkg/schema"
 	"strings"
 )
@@ -15,6 +16,7 @@ type bosProvider struct {
 
 func (d *bosProvider) GetResource(ctx context.Context) (*schema.Resources, error) {
 	var list = schema.NewResources()
+	gologger.Debug().Msg("正在获取百度云 BOS 资源信息")
 	response, err := d.bosClient.ListBuckets()
 	if err != nil {
 		return nil, err

pkg/providers/huaweicloud/huaweicloud.go → pkg/providers/huawei/huawei.go

@@ -1,4 +1,4 @@
-package huaweicloud
+package huawei
 
 import (
 	"context"
@@ -47,7 +47,7 @@ func New(options schema.OptionBlock) (*Provider, error) {
 		return nil, err
 	}
 
-	return &Provider{provider: utils.HuaweiCloud, id: id, obsClient: obsClient}, nil
+	return &Provider{provider: utils.Huawei, id: id, obsClient: obsClient}, nil
 }
 
 func (p *Provider) Resources(ctx context.Context) (*schema.Resources, error) {

pkg/providers/huaweicloud/obs.go → pkg/providers/huawei/obs.go

@@ -1,4 +1,4 @@
-package huaweicloud
+package huawei
 
 import (
 	"context"

pkg/providers/cucloud/cucloud.go → pkg/providers/liantong/liantong.go

@@ -1,4 +1,4 @@
-package cucloud
+package liantong
 
 import (
 	"context"
@@ -38,7 +38,7 @@ func New(options schema.OptionBlock) (*Provider, error) {
 		accessKeySecret: accessKeySecret,
 		sessionToken:    sessionToken,
 	}
-	return &Provider{id: id, provider: utils.CuCloud, config: config}, nil
+	return &Provider{id: id, provider: utils.LianTong, config: config}, nil
 }
 
 func (p *Provider) Name() string {

pkg/providers/cucloud/oss.go → pkg/providers/liantong/oss.go

@@ -1,4 +1,4 @@
-package cucloud
+package liantong
 
 import (
 	"context"

pkg/providers/qiniu/kodo.go

@@ -0,0 +1,45 @@
+package qiniu
+
+import (
+	"context"
+	"github.com/projectdiscovery/gologger"
+	"github.com/qiniu/go-sdk/v7/auth"
+	"github.com/qiniu/go-sdk/v7/storage"
+	"github.com/wgpsec/lc/pkg/schema"
+)
+
+type kodoProvider struct {
+	id         string
+	provider   string
+	kodoClient *auth.Credentials
+}
+
+func (d *kodoProvider) GetResource(ctx context.Context) (*schema.Resources, error) {
+	var request storage.BucketV4Input
+	var list = schema.NewResources()
+	gologger.Debug().Msg("正在获取七牛云 Kodo 对象存储信息")
+	cfg := storage.Config{
+		UseHTTPS: true,
+	}
+	bucketManager := storage.NewBucketManager(d.kodoClient, &cfg)
+	for {
+		response, err := bucketManager.BucketsV4(&request)
+		if err != nil {
+			return nil, err
+		}
+		for _, bucket := range response.Buckets {
+			list.Append(&schema.Resource{
+				ID:       d.id,
+				Public:   true,
+				DNSName:  bucket.Name,
+				Provider: d.provider,
+			})
+		}
+		if response.IsTruncated {
+			response.NextMarker = request.Marker
+		} else {
+			break
+		}
+	}
+	return list, nil
+}

pkg/providers/qiniu/qiniu.go

@@ -0,0 +1,57 @@
+package qiniu
+
+import (
+	"context"
+	"github.com/projectdiscovery/gologger"
+	"github.com/qiniu/go-sdk/v7/auth"
+	"github.com/wgpsec/lc/pkg/schema"
+	"github.com/wgpsec/lc/utils"
+)
+
+type Provider struct {
+	id         string
+	provider   string
+	kodoClient *auth.Credentials
+}
+
+func New(options schema.OptionBlock) (*Provider, error) {
+	var (
+		kodoClient *auth.Credentials
+	)
+	accessKeyID, ok := options.GetMetadata(utils.AccessKey)
+	if !ok {
+		return nil, &utils.ErrNoSuchKey{Name: utils.AccessKey}
+	}
+	accessKeySecret, ok := options.GetMetadata(utils.SecretKey)
+	if !ok {
+		return nil, &utils.ErrNoSuchKey{Name: utils.SecretKey}
+	}
+	id, _ := options.GetMetadata(utils.Id)
+
+	gologger.Debug().Msg("找到七牛云访问永久访问凭证")
+
+	// kodo client
+	kodoClient = auth.New(accessKeyID, accessKeySecret)
+
+	return &Provider{provider: utils.QiNiu, id: id, kodoClient: kodoClient}, nil
+}
+
+func (p *Provider) Resources(ctx context.Context) (*schema.Resources, error) {
+	var err error
+	kodoProvider := &kodoProvider{kodoClient: p.kodoClient, id: p.id, provider: p.provider}
+	buckets, err := kodoProvider.GetResource(ctx)
+	if err != nil {
+		return nil, err
+	}
+	gologger.Info().Msgf("获取到 %d 条七牛云 Kodo 对象存储信息", len(buckets.Items))
+	finalList := schema.NewResources()
+	finalList.Merge(buckets)
+	return finalList, nil
+}
+
+func (p *Provider) Name() string {
+	return p.provider
+}
+func (p *Provider) ID() string {
+	return p.id
+}

pkg/providers/tencentcloud/cos.go → pkg/providers/tencent/cos.go

@@ -1,4 +1,4 @@
-package tencentcloud
+package tencent
 
 import (
 	"context"

pkg/providers/tencentcloud/cvm.go → pkg/providers/tencent/cvm.go

@@ -1,4 +1,4 @@
-package tencentcloud
+package tencent
 
 import (
 	"context"

pkg/providers/tencentcloud/lh.go → pkg/providers/tencent/lh.go

@@ -1,4 +1,4 @@
-package tencentcloud
+package tencent
 
 import (
 	"context"

pkg/providers/tencentcloud/tencentcloud.go → pkg/providers/tencent/tencent.go

@@ -1,4 +1,4 @@
-package tencentcloud
+package tencent
 
 import (
 	"context"
@@ -84,7 +84,7 @@ func New(options schema.OptionBlock) (*Provider, error) {
 		},
 	})
 
-	return &Provider{id: id, provider: utils.TencentCloud, credential: credential, cvmRegions: cvmRegions, lhRegions: lhRegions, cosClient: cosClient}, nil
+	return &Provider{id: id, provider: utils.Tencent, credential: credential, cvmRegions: cvmRegions, lhRegions: lhRegions, cosClient: cosClient}, nil
 }
 
 func (p *Provider) Name() string {