add example

Author: M09Ic

example/README.md

@@ -0,0 +1,115 @@
+# Fingers Example
+
+这是一个使用 Fingers 引擎进行指纹识别的命令行工具示例。
+
+## 功能特性
+
+- 支持多引擎指纹识别
+- 支持 SSL 证书验证跳过
+- 支持详细输出模式
+- 支持 Favicon 专项检测
+- 支持自定义资源文件覆盖
+
+## 使用方法
+
+### 基本用法
+
+```bash
+# 基本使用
+go run example.go -u https://example.com
+
+# 使用特定引擎
+go run example.go -u https://example.com -e fingers,wappalyzer
+
+# 显示详细信息
+go run example.go -u https://example.com -v
+
+# 忽略SSL证书验证
+go run example.go -u https://example.com -k
+
+# 仅检测favicon
+go run example.go -u https://example.com -f
+```
+
+### 资源文件覆盖
+
+工具支持覆盖所有内置的指纹库文件：
+
+```bash
+# Goby 指纹库
+go run example.go -u https://example.com --goby custom_goby.json
+
+# FingerPrintHub 指纹库
+go run example.go -u https://example.com --fingerprinthub custom_fingerprinthub.json
+
+# EHole 指纹库
+go run example.go -u https://example.com --ehole custom_ehole.json
+
+# Fingers 指纹库
+go run example.go -u https://example.com --fingers custom_fingers.json
+
+# Wappalyzer 指纹库
+go run example.go -u https://example.com --wappalyzer custom_wappalyzer.json
+
+# Aliases 配置
+go run example.go -u https://example.com --aliases custom_aliases.yaml
+```
+
+资源文件说明：
+
+- 支持 JSON 和 YAML 格式的资源文件
+- JSON 文件会自动转换为 YAML 格式
+- 非压缩文件会自动进行 gzip 压缩
+- 可以同时覆盖多个资源文件
+
+## 命令行参数
+
+```
+应用选项:
+  -e, --engines=         指定要使用的引擎，多个引擎用逗号分隔 (默认: fingers,fingerprinthub,wappalyzer,ehole,goby)
+  -k, --insecure        跳过 SSL 证书验证
+  -u, --url=            要检测的目标 URL (必需)
+  -v, --verbose         显示详细调试信息
+  -f, --favicon         仅检测 favicon
+      --goby=           覆盖 goby.json.gz
+      --fingerprinthub= 覆盖 fingerprinthub_v3.json.gz
+      --ehole=          覆盖 ehole.json.gz
+      --fingers=        覆盖 fingers_http.json.gz
+      --wappalyzer=     覆盖 wappalyzer.json.gz
+      --aliases=        覆盖 aliases.yaml
+```
+
+## 输出示例
+
+普通模式:
+
+```
+nginx/1.18.0 ubuntu/20.04
+```
+
+详细模式 (-v):
+
+```
+Loaded engines: fingers:1000 fingerprinthub:500 wappalyzer:300
+
+Detected frameworks for https://example.com:
+Name: nginx
+Vendor: nginx
+Product: nginx
+Version: 1.18.0
+CPE: cpe:/a:nginx:nginx:1.18.0
+---
+Name: ubuntu
+Vendor: canonical
+Product: ubuntu
+Version: 20.04
+CPE: cpe:/o:canonical:ubuntu:20.04
+---
+```
+
+## 注意事项
+
+1. 自定义资源文件必须符合对应引擎的数据格式要求
+2. 建议先使用小规模数据测试自定义资源文件是否正确
+3. 覆盖资源文件会影响所有使用该资源的引擎
+4. 建议在测试环境中充分验证自定义资源文件后再在生产环境使用

example/example.go

@@ -0,0 +1,206 @@
+package main
+
+import (
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/chainreactors/fingers"
+	"github.com/chainreactors/fingers/common"
+	"github.com/chainreactors/fingers/resources"
+	"github.com/chainreactors/utils/encode"
+	"github.com/chainreactors/utils/httputils"
+	"github.com/jessevdk/go-flags"
+	"gopkg.in/yaml.v3"
+)
+
+var opts struct {
+	// 指定要使用的引擎，多个引擎用逗号分隔
+	Engines string `short:"e" long:"engines" description:"Specify engines to use (comma separated)" default:"fingers,fingerprinthub,wappalyzer,ehole,goby"`
+
+	// 是否忽略SSL证书验证
+	InsecureSSL bool `short:"k" long:"insecure" description:"Skip SSL certificate verification"`
+
+	// 目标URL
+	URL string `short:"u" long:"url" description:"Target URL to fingerprint" required:"true"`
+
+	// 是否显示详细信息
+	Verbose bool `short:"v" long:"verbose" description:"Show verbose debug information"`
+
+	// 是否只检测favicon
+	FaviconOnly bool `short:"f" long:"favicon" description:"Only detect favicon"`
+
+	// 资源文件覆盖
+	GobyFile           string `long:"goby" description:"Override goby.json.gz with custom file"`
+	FingerprintHubFile string `long:"fingerprinthub" description:"Override fingerprinthub_v3.json.gz with custom file"`
+	EholeFile          string `long:"ehole" description:"Override ehole.json.gz with custom file"`
+	FingersFile        string `long:"fingers" description:"Override fingers_http.json.gz with custom file"`
+	WappalyzerFile     string `long:"wappalyzer" description:"Override wappalyzer.json.gz with custom file"`
+	AliasesFile        string `long:"aliases" description:"Override aliases.yaml with custom file"`
+}
+
+// 处理资源文件覆盖
+func processResourceFile(filePath string) ([]byte, error) {
+	if filePath == "" {
+		return nil, nil
+	}
+
+	data, err := ioutil.ReadFile(filePath)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read file %s: %v", filePath, err)
+	}
+
+	ext := strings.ToLower(filepath.Ext(filePath))
+
+	// 如果是JSON文件，转换为YAML
+	if ext == ".json" {
+		var jsonData interface{}
+		if err := json.Unmarshal(data, &jsonData); err != nil {
+			return nil, fmt.Errorf("failed to parse JSON file %s: %v", filePath, err)
+		}
+
+		data, err = yaml.Marshal(jsonData)
+		if err != nil {
+			return nil, fmt.Errorf("failed to convert JSON to YAML for file %s: %v", filePath, err)
+		}
+	}
+
+	// 如果文件不是.gz结尾，进行gzip压缩
+	if !strings.HasSuffix(filePath, ".gz") {
+		compressedData, err := encode.GzipCompress(data)
+		if err != nil {
+			return nil, fmt.Errorf("failed to compress file %s: %v", filePath, err)
+		}
+		data = compressedData
+	}
+
+	return data, nil
+}
+
+func main() {
+	// 解析命令行参数
+	_, err := flags.Parse(&opts)
+	if err != nil {
+		os.Exit(1)
+	}
+
+	// 处理资源文件覆盖
+	if opts.GobyFile != "" {
+		if data, err := processResourceFile(opts.GobyFile); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		} else {
+			resources.GobyData = data
+		}
+	}
+
+	if opts.FingerprintHubFile != "" {
+		if data, err := processResourceFile(opts.FingerprintHubFile); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		} else {
+			resources.Fingerprinthubdata = data
+		}
+	}
+
+	if opts.EholeFile != "" {
+		if data, err := processResourceFile(opts.EholeFile); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		} else {
+			resources.EholeData = data
+		}
+	}
+
+	if opts.FingersFile != "" {
+		if data, err := processResourceFile(opts.FingersFile); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		} else {
+			resources.FingersHTTPData = data
+		}
+	}
+
+	if opts.WappalyzerFile != "" {
+		if data, err := processResourceFile(opts.WappalyzerFile); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		} else {
+			resources.WappalyzerData = data
+		}
+	}
+
+	if opts.AliasesFile != "" {
+		if data, err := processResourceFile(opts.AliasesFile); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		} else {
+			resources.AliasesData = data
+		}
+	}
+
+	// 创建HTTP客户端
+	client := &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: opts.InsecureSSL,
+			},
+		},
+	}
+
+	// 创建引擎实例
+	var engineNames []string
+	if opts.Engines != "" {
+		engineNames = strings.Split(opts.Engines, ",")
+	}
+
+	engine, err := fingers.NewEngine(engineNames...)
+	if err != nil {
+		fmt.Printf("Failed to create engine: %v\n", err)
+		os.Exit(1)
+	}
+
+	if opts.Verbose {
+		fmt.Printf("Loaded engines: %s\n", engine.String())
+	}
+
+	// 发送HTTP请求
+	resp, err := client.Get(opts.URL)
+	if err != nil {
+		fmt.Printf("Failed to request URL %s: %v\n", opts.URL, err)
+		os.Exit(1)
+	}
+	defer resp.Body.Close()
+
+	// 检测指纹
+	var frames common.Frameworks
+	if opts.FaviconOnly {
+		content := httputils.ReadBody(resp)
+		frame := engine.DetectFavicon(content)
+		if frame != nil {
+			frames.Add(frame)
+		}
+	} else {
+		frames = engine.Match(resp)
+	}
+
+	// 输出结果
+	if opts.Verbose {
+		fmt.Printf("\nDetected frameworks for %s:\n", opts.URL)
+		for _, frame := range frames {
+			fmt.Printf("Name: %s\n", frame.Name)
+			fmt.Printf("Vendor: %s\n", frame.Vendor)
+			fmt.Printf("Product: %s\n", frame.Product)
+			fmt.Printf("Version: %s\n", frame.Version)
+			fmt.Printf("CPE: %s\n", frame.CPE())
+			fmt.Printf("---\n")
+		}
+	} else {
+		fmt.Println(frames.String())
+	}
+}

go.mod

@@ -13,6 +13,7 @@ require (
 	github.com/chainreactors/files v0.0.0-20240716182835-7884ee1e77f0 // indirect
 	github.com/chainreactors/words v0.0.0-20241002061906-25d8893158d9
 	github.com/facebookincubator/nvdtools v0.1.5
+	github.com/jessevdk/go-flags v1.6.1
 	github.com/mozillazg/go-pinyin v0.20.0
 	github.com/pkg/errors v0.9.1
 	gopkg.in/yaml.v3 v3.0.1

go.sum

@@ -76,16 +76,7 @@ github.com/chainreactors/files v0.0.0-20240716182835-7884ee1e77f0 h1:cU3sGEODXZs
 github.com/chainreactors/files v0.0.0-20240716182835-7884ee1e77f0/go.mod h1:NSxGNMRWryAyrDzZpVwmujI22wbGw6c52bQOd5zEvyU=
 github.com/chainreactors/logs v0.0.0-20240207121836-c946f072f81f h1:tcfp+CEdgiMvjyUzWab5edJtxUwRMSMEIkLybupIx0k=
 github.com/chainreactors/logs v0.0.0-20240207121836-c946f072f81f/go.mod h1:6Mv6W70JrtL6VClulZhmMRZnoYpcTahcDTKLMNEjK0o=
-github.com/chainreactors/utils v0.0.0-20240716182459-e85f2b01ee16 h1:TCOshCp7PrWqhP/HSAM5kT3VxoOe7EoJbRseyoSX3RM=
 github.com/chainreactors/utils v0.0.0-20240716182459-e85f2b01ee16/go.mod h1:LajXuvESQwP+qCMAvlcoSXppQCjuLlBrnQpu9XQ1HtU=
-github.com/chainreactors/utils v0.0.0-20241002093511-ef3a209f5bf1 h1:2TM+9SSDUrXKI6AYrKIBKTI7sd3+FxFbfO+hIfEKI3k=
-github.com/chainreactors/utils v0.0.0-20241002093511-ef3a209f5bf1/go.mod h1:LajXuvESQwP+qCMAvlcoSXppQCjuLlBrnQpu9XQ1HtU=
-github.com/chainreactors/utils v0.0.0-20241203060824-513698912dc5 h1:6dAsBdLuHIroeiodCupFLXj7AcXRzJOxnVUdr0khxU0=
-github.com/chainreactors/utils v0.0.0-20241203060824-513698912dc5/go.mod h1:LajXuvESQwP+qCMAvlcoSXppQCjuLlBrnQpu9XQ1HtU=
-github.com/chainreactors/utils v0.0.0-20241208110424-7b432b8cfe2c h1:Tn+LIgPsiu1A3D62WL5fNNzHMSMXtYFd4F2NeXy59tw=
-github.com/chainreactors/utils v0.0.0-20241208110424-7b432b8cfe2c/go.mod h1:LajXuvESQwP+qCMAvlcoSXppQCjuLlBrnQpu9XQ1HtU=
-github.com/chainreactors/utils v0.0.0-20241208112827-c16555f42500 h1:9BTgMYHV13/04M/rqeEMRBQH2DXK++ROsUMBT4PwLC0=
-github.com/chainreactors/utils v0.0.0-20241208112827-c16555f42500/go.mod h1:LajXuvESQwP+qCMAvlcoSXppQCjuLlBrnQpu9XQ1HtU=
 github.com/chainreactors/utils v0.0.0-20241209140746-65867d2f78b2 h1:YRQRjgb3MUOOqT0CdUDC51dsXbWpI3l6w3H4xexqKr8=
 github.com/chainreactors/utils v0.0.0-20241209140746-65867d2f78b2/go.mod h1:LajXuvESQwP+qCMAvlcoSXppQCjuLlBrnQpu9XQ1HtU=
 github.com/chainreactors/words v0.0.0-20241002061906-25d8893158d9 h1:BXaPgD1pfBPvFSy9DHZDxW0bHX96ONZT6HW+WbXlZCk=
@@ -256,6 +247,8 @@ github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/jessevdk/go-flags v1.6.1 h1:Cvu5U8UGrLay1rZfv/zP7iLpSHGUZ/Ou68T0iX1bBK4=
+github.com/jessevdk/go-flags v1.6.1/go.mod h1:Mk8T1hIAWpOiJiHa9rJASDK2UGWji0EuPGBnNLMooyc=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
@@ -582,6 +575,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=