teamssix / cf Goto Github PK

View Code? Open in Web Editor NEW

2.1K 23.0 217.0 22.34 MB

Cloud Exploitation Framework 云环境利用框架，方便安全人员在获得 AK 的后续工作

Home Page: https://wiki.teamssix.com/cf

License: Apache License 2.0

Go 99.71% Makefile 0.29%

cloud cloudsecurity cybersecurity redteam alibabacloud aliyun cyber-security cloud-security tencentcloud aws

cf's Introduction

中文 | English

CF 是一个云环境利用框架，适用于在红队场景中对云上内网进行横向、SRC 场景中对 Access Key 即访问凭证的影响程度进行判定、企业场景中对自己的云上资产进行自检等等。

CF 命令使用大全

当前已支持的云：

阿里云
腾讯云
AWS
华为云

使用手册

使用手册请参见：wiki.teamssix.com/cf

安装

HomeBrew 安装

brew tap teamssix/tap
brew install teamssix/tap/cf

下载二进制包

直接在 CF 下载地址：github.com/teamssix/cf/releases 中下载系统对应的压缩文件，解压后在命令行中运行即可。

目前支持的系统

文件名	系统	架构	位数
cf_x.x.x_darwin_amd64.tar.gz	MacOS	AMD（适用于 Intel 芯片的 Mac）	64
cf_x.x.x_darwin_arm64.tar.gz	MacOS	ARM（适用于苹果 M 系列芯片的 Mac）	64
cf_x.x.x_linux_386.tar.gz	Linux	AMD	32
cf_x.x.x_linux_amd64.tar.gz	Linux	AMD	64
cf_x.x.x_linux_arm64.tar.gz	Linux	ARM	64
cf_x.x.x_windows_386.zip	Windows	AMD	32
cf_x.x.x_windows_amd64.zip	Windows	AMD	64
cf_x.x.x_windows_arm64.zip	Windows	ARM	64

使用案例

标题	所使用的 CF 版本	文章地址	作者	发布时间
《CF 云环境利用框架最佳实践》	v0.4.5	wiki.teamssix.com/cf/cases/cf_best_practices	TeamsSix	2023.6.4
《记一次打穿云上内网的攻防实战》	v0.4.5	zone.huoxian.cn/d/2766	Walker 沃克	2023.5.21
《一次简单的"云"上野战记录》	v0.4.2	mp.weixin.qq.com/s/wi8CoNwdpfJa6eMP4t1PCQ	carrypan	2022.10.19
《记录一次平平无奇的云上攻防过程》	v0.4.0	zone.huoxian.cn/d/2557	TeamsSix	2022.9.14
《我用 CF 打穿了他的云上内网》	v0.2.4	zone.huoxian.cn/d/1341-cf	TeamsSix	2022.7.13

CF 使用答疑

在 CF 项目的 Discussions 板块里，我创建了一个答疑帖，如果你遇到和 CF 相关的使用问题，可以在这里提出，我会给出相应的解答，同时这里也汇总了之前一些人问过的一些问题。

CF 答疑帖地址：github.com/teamssix/cf/discussions/250

简单上手

这里以阿里云为例，其他更多操作可以查看上面的使用手册。

配置访问配置

cf config

一键列出当前访问凭证的权限

cf alibaba perm

一键接管控制台

cf alibaba console

一键列出当前访问凭证的云服务资源

cf alibaba ls

查看 CF 为实例执行命令的操作的帮助信息

cf alibaba ecs exec -h

一键为所有实例执行三要素，方便 HVV

cf alibaba ecs exec -b

一键获取实例中的临时访问凭证数据

cf alibaba ecs exec -m

一键下载 OSS 对象存储数据

cf alibaba oss obj get

一键创建 RDS 账号

cf alibaba rds account

一键升级 CF 版本

cf upgrade

如果感觉还不错的话，师傅记得给个 Star 呀 ~，另外 CF 的更多使用方法可以参见使用文档：wiki.teamssix.com/cf

在 CF 中我写了加入云安全交流群的方法，如果你能找到的话，就可以加群哦～

贡献者

十分感谢各位师傅对 CF 的贡献~，如果你也想对 CF 贡献代码，请参见贡献说明：CONTRIBUTING

TeamsSix	Amzza0x00	Esonhugh	Dawnnnnnn	Belos-pretender	Kfzz1
shadowabi

404星链计划

CF 现已加入 404星链计划

如果你对云安全比较感兴趣，可以看我的另外一个项目 Awesome Cloud Security，这里收录了很多国内外的云安全资源，另外在我的云安全文库里有大量的云安全方向的笔记和文章，这应该是国内还不错的云安全学习资料。

下面这个是我的个人微信公众号，在 TeamsSix 公众号里可以与我进行联系，后续关于 CF 的动态我也会发布到我的公众号里。

最后给我所在的团队打个广告，下面这个是狼组安全团队的公众号，欢迎师傅关注，有想法一起加入狼组的师傅也可以投递简历至 [email protected] 加入我们。

注意事项

本工具仅用于合法合规用途，严禁用于违法违规用途。
本工具中所涉及的风险点均属于租户责任，与云厂商无关。

感谢你使用我的工具

cf's People

Contributors

Stargazers

Watchers

Forkers

nanaao asura88 traxsw wwl012345 reclu3a bingpo v1rtu0l laowang1026 istoliving b1ngda0 klinklinklin youngcraft meowwbox jasonlou getcode2git y4tacker amzza0x00 l34rner alberthchang eucl1dd 482949203 rakisa xiaotu0821 xiaohai667 gysf666 startagain2016 dawnadvent tgaout wang0098 qinglian06 xsssends zerone0x01 functfan cnmbworld yx2124538 tdyj bearowang fzpixzj90h7baqieoop5hg mrjunjian d4rkduck atomxw fqtlrq ww18877317962 qsdj pluto-ctrl bigbrobro supejkj sry309 d4zzz by-winck addbbe belos-pretender mygit2014 geekmc mohammadimh76 icysun coopee1 qlng sobinge lzb960827 wywwzjj qaz7791869 dogadmin aqimmm arrnitage 1oa xiju2003 beike2020 duguqiuchuihh trevor3000 who-ami changheluor007 hanshou101 zzzz8888z sftrwo stanleyya leezp ofalwl zha0 x-tfrk wilsonleeee exiahan xinghuoliaoyuanbaby flagxxx atk7r savior-only liansweb puzzithinker wxi3 lucyxss shiyunshu liar612 free-theworld andrewgogogo go-bi jas502n 5l1v3r1 x1a0t ahiahiahiahia whoami0622

cf's Issues

描述你希望优化的功能 (Describe the features you wish to optimize)

私有云如何使用？

补充信息 (Anything else?)

私有云如何使用？

[Perf] 多 AKSK 切换与管理模块

你的需求是否与你所遇到的问题有关？
当红队成员遇到多个 AKSK 的时候，需要切换或者管理 AKSK 我感觉这个功能还能做的更好。

描述你希望的解决方案
增加一个 key 的管理模块

通过在 .cf/config 配置文件中存取数据进行 AKSK 的管理

描述你遇到的问题 (What happened?)

aliyun console功能的错误判断失效，未成功接管的情况下cf仍然显示接管成功。
存在主域名情况下，使用默认接管后，得到如下结果：

用户名会变为crossfire@主域名，账户正常创建。

但是后续AK失效后，使用aliyun console功能，得到如下结果：

用户名会变为12345ee@，登录阿里云后台查看用户未创建成功。

复现步骤 (Steps To Reproduce)

1.AK被禁用
2.使用cf aliyun console功能
3.cf显示接管成功但实际上运行失败

操作系统 (Operating System)

Linux

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

0.4.0

补充信息 (Anything else?)

No response

[Bug] ./cf tencent console 报错

./cf tencent console 报错
panic: runtime error: invalid memory address or nil pointer dereference

AK SK 是meicu没错的可以登陆感觉是由于权限过低导致的吗

描述你遇到的问题 (What happened?)

`[2023-02-14 03:07:40] ERROR XML syntax error on line 1: illegal character code U+0015
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x50 pc=0x1426a2a]

goroutine 1 [running]:
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc000f9a1e0,
0x60})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:51 +0x24a
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc000d3e1e0,
0x5b})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc000d2a060,
0x55})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc00084c180,
0x73})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc000f30900,
0x5c})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc0006d4d80,
0x7a})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc00075e000,
0x6b})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc0007af1a0,
0x5e})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc000ca65a0,
0x55})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc00064a5f0,
0x4d})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc000cca720,
0x59})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc00082a360,
0x5c})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc00091be30,
0x6d})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc0006e2600,
0x5b})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc00072c1e0,
0x59})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc0006540e0,
0x64})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0xc0006b3260,
0x55})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.ListObjects({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3}, {0x0, 0x0})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obslsobject.go:84 +0x585
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.getBucketObjectSum({0xc0003e4610, 0xd}, {0xc0003e4375, 0x9}, {0x1916d14, 0x3})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obsls.go:104 +0xf6
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.PrintBucketsListRealTime({0x1916d14, 0x3}, {0x1916d14, 0x3})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obsls.go:132 +0x417
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.PrintBucketsList({0x1916d14, 0x3}, 0x93?, {0x1916d14, 0x3})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obsls.go:158 +0x8a
github.com/teamssix/cf/cmd/huawei.glob..func1(0x3066120?, {0x1918099?, 0x0?, 0x0?})
/home/runner/work/cf/cf/cmd/huawei/obs.go:37 +0xbe
github.com/spf13/cobra.(*Command).execute(0x3066120, {0x30c7c50, 0x0, 0x0})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0x30613a0)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3b4
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
github.com/teamssix/cf/cmd.Execute()
/home/runner/work/cf/cf/cmd/root.go:50 +0x55
main.main()
/home/runner/work/cf/cf/main.go:12 +0x17`

复现步骤 (Steps To Reproduce)

cf huawei obs ls

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

[Bug] 腾讯云默认20和资产

描述你遇到的问题 (What happened?)

腾讯云默认20和资产，也请求作者能修改成默认100个资产
谢谢

复现步骤 (Steps To Reproduce)

资产大于20个，但是程序默认值列出20个

操作系统 (Operating System)

Linux

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

0.4.x

补充信息 (Anything else?)

[Bug] 大于 10 数量的任意资产 [服务器数据库 OSS桶]只会显示 10 个

Bug 描述

当 AKSK 下具有(大于 10 数量的任意资产 [服务器数据库 OSS桶])只会显示 10 个

盲猜应该是 Aliyun 的默认 PageSize

不确定腾讯云是否也会有这问题但是阿里云复现

Bug 复现步骤:
添加一个大于 10 资产的 Key

进行 ls 扫描即可

应该返回的结果
理应返回全部或者分批返回所有的信息这里默认只有 10 个

你所使用的系统信息
MacOS

使用 CF 这个工具的版本：0.3.1

emm 修了aws 但是其他的ls 都出现了问题.

描述你遇到的问题 (What happened?)

加入 --flushCache 参数后,本地缓存仍不刷新.扫描有,本地没有...

复现步骤 (Steps To Reproduce)

加入 --flushCache 枚举 cvm服务器
去掉刷新参数.仍旧没有主机

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

[Bug] 使用报错，貌似是超过限制？

Bug 描述
请简明扼要的描述你所遇到的 Bug

Bug 复现步骤:

使用 xxx 功能
使用 xxx 命令
发现产生报错

应该返回的结果
请简明扼要的描述，如果在程序正常运行的情况下，这里应该会返回什么信息。

程序返回的错误信息截图或者文本
请提供错误信息的截图，或者直接将错误信息以代码格式粘贴到这里。

你所使用的系统信息

操作系统：windows
使用 CF 这个工具的版本：0.31

补充信息
如果还有补充信息，可以写在这里。

tencent 模块是不是失效了。

描述你遇到的问题 (What happened?)

cvm ls 命令获取不到实例了。

复现步骤 (Steps To Reproduce)

执行cf tencent cvm ls 获取不到实例，确定key下面是有实例的。其他工具测试可以正常获取到

操作系统 (Operating System)

MacOS

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

[Bug]

The following bugs will appear under the root permission user, even if I clean up ~ / .Cf/cache cache cache files, or update to the latest version, but I can execute the tool when I switch to a user with normal permissions. As shown in the figure.

[Bug] win2008 有 bug

似乎不影响使用，所以编辑了。管理员可以删掉这条。

[Perf] <Readme 内容过期>

描述你希望优化的功能 (Describe your needs)

README 文档的图片的指令是过时的版本变更修改命令可能会导致用户不习惯

此外建议使用 Mermaid 进行渲染使得内容可以被后期开发者维护

补充信息 (Anything else?)

No response

无法执行命令

描述你遇到的问题 (What happened?)

[2022-09-13 13:06:32] WARN 未找到 ins-xxxxxx 实例的相关信息 (No information found about the ins-xxxxx instance)

tencent，开导入进去的时候能用，后面执行就出现这样的问题了，刷新缓存也同样的报错

复现步骤 (Steps To Reproduce)

--flushCache

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

0.4.0

补充信息 (Anything else?)

No response

[Bug] v0.3.* 版本进行主机实例命令执行报错

**Bug v0.3.* 版本进行主机实例命令执行报错**

v0.3.* 版本进行主机实例命令执行报错

Bug 复现步骤:

在进行「一键为所有实例执行三要素」时，使用新版本v0.3.2和v0.3.3 版本时，提示「WARN 未发现实例」警告，而使用老版本进行测试时却正常

测试过程如下：

┌──(User💀Host)-[~/Downloads]
└─$ date
2022年 8月 4日 星期四 18时02分15秒 CST
                                                                                                                                                              
┌──(User💀Host)-[~/Downloads]
└─$ ./cf version
+--------------------+------------------------+
| 当前版本 (VERSION) | 更新时间 (UPDATE TIME) |
+--------------------+------------------------+
|       v0.3.3       |        2022.8.3        |
+--------------------+------------------------+
                                                                                                                                                              
┌──(User💀Host)-[~/Downloads]
└─$ ./cf alibaba ecs exec -b
[2022-08-04 18:02:20]  WARN 未发现实例，可以使用 --flushCache 刷新缓存后再试 (No instances found, You can use the --flushCache command to flush the cache and try again)
                                                                                                                                                              
┌──(User💀Host)-[~/Downloads]
└─$ ./cf.old version
+--------------------+------------------------+
| 当前版本 (VERSION) | 更新时间 (UPDATE TIME) |
+--------------------+------------------------+
|       v0.2.4       |       2022.7.13        |
+--------------------+------------------------+
                                                                                                                                                              
┌──(User💀Host)-[~/Downloads]
└─$ ./cf.old ecs exec -b
? 选择一个实例 (Choose a instance):   [Use arrows to move, type to filter]
> 全部实例 (all instances)
  I-**** (CentOS  7.6 64位)
  i-**** (CentOS  7.6 64位)
  i-****l (Alibaba Cloud Linux  2.1903 LTS 64位)
  i-**** (Windows Server  2016 数据中心版 64位中文版)

  I-****  > whoami && id && hostname && ifconfig

^C
                                                                                                                                                              
┌──(User💀Host)-[~/Downloads]
└─$

我使用的操作系统为macOS 12.5

关于key的问题

描述你遇到的问题 (What happened?)

LTAI4Fnxxxxxxxxxxxx
hKDxxxxxxxxxxxxx8MxxxxxxxxHeR93hxxxxxxxxxxxcam9YY=
请问这种后面带等于号的KEY有办法利用吗

复现步骤 (Steps To Reproduce)

LTAI4Fnxxxxxxxxxxxx
hKDxxxxxxxxxxxxx8MxxxxxxxxHeR93hxxxxxxxxxxxcam9YY=
请问这种后面带等于号的KEY有办法利用吗

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

0.4.0

补充信息 (Anything else?)

No response

[Bug] 腾讯云找不到云主机

描述你遇到的问题 (What happened?)

使用行云管家可以搜索到有云主机
地区位于,华北地区(上海)

但是用cf却找不到

复现步骤 (Steps To Reproduce)

因密钥涉及企业不方便公开

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

[Feat] 是否支持创建阿里云或腾讯云按量付费云服务器？

描述你希望增加的功能 (Describe the features you wish to add)

详细描述你希望增加的功能，并且描述为什么想要增加这个功能以及意义，描述的越完善该反馈越有可能被采纳。(Describe in detail the feature you want to add, and describe why you want to add this feature and the significance, the better the description the more likely the feedback will be adopted.)

补充信息 (Anything else?)

No response

批量执行任务的时候如果主机有没有装云助手的话会提示超时

批量执行任务的时候如果主机有没有装云助手的话会提示超时，导致后续的流程不会继续进行。
大佬方便的话修复一下。

aws支持[Feat]

可以后续增加对aws云服务的支持吗

windows版本

描述你遇到的问题 (What happened?)

提示版本不支持

复现步骤 (Steps To Reproduce)

cf.exe -h
This version of E:\Tools\Cloud\cf\cf.exe is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher.

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

MissingParameter

描述你遇到的问题 (What happened?)

执行命令报错MissingParameter

复现步骤 (Steps To Reproduce)

操作系统 (Operating System)

MacOS

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

ErrorCode: MissingParameter
Recommend: https://next.api.aliyun.com/troubleshoot?q=MissingParameter&product=Ecs
RequestId: 7C8F316E-F081-3D70-8D18-D46CD103E1AB
Message: The input parameter "CommandId" that is mandatory for processing this request is not supplied.
RespHeaders: map[Access-Control-Allow-Origin:[*] Connection:[keep-alive] Content-Length:[313] Content-Type:[application/json;charset=utf-8] Date:[Fri, 24 Feb 2023 10:10:36 GMT] X-Acs-Request-Id:[7C8F316E-F081-3D70-8D18-D46CD103E1AB] X-Acs-Trace-Id:[33af20fdb18a710ffb57fd7ff88223c4]]

[Bug] 获取阿里云esc只能获取100个单地区.

Bug 描述
单地区主机超过100 就GG .没有做分页读取.

补充代码
cloud\alibaba\aliecs\ecsls.go

ecsls.zip

问题已经修复,可能有bug.反正能用修改代码即可.

panic: runtime error: invalid memory address or nil pointer dereference

描述你遇到的问题 (What happened?)

`panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x0 pc=0x1ef49ee]

goroutine 1 [running]:
github.com/teamssix/cf/pkg/cloud/tencent/tencentconsole.GetUserUin({0x23ac17d, 0x9})
/home/runner/work/cf/cf/pkg/cloud/tencent/tencentconsole/takeoverConsole.go:42 +0x30e
github.com/teamssix/cf/pkg/cloud/tencent/tencentconsole.AttachPolicyToUser({0x23ac17d, 0x9})
/home/runner/work/cf/cf/pkg/cloud/tencent/tencentconsole/takeoverConsole.go:46 +0x3b
github.com/teamssix/cf/pkg/cloud/tencent/tencentconsole.TakeoverConsole({0x23ac17d, 0x9})
/home/runner/work/cf/cf/pkg/cloud/tencent/tencentconsole/takeoverConsole.go:68 +0x7a
github.com/teamssix/cf/cmd/tencent.glob..func1(0x3af63a0?, {0x23a8099?, 0x0?, 0x0?})
/home/runner/work/cf/cf/cmd/tencent/console.go:27 +0x27
github.com/spf13/cobra.(*Command).execute(0x3af63a0, {0x3b57c50, 0x0, 0x0})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0x3af13a0)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3b4
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
github.com/teamssix/cf/cmd.Execute()
/home/runner/work/cf/cf/cmd/root.go:50 +0x55
main.main()
/home/runner/work/cf/cf/main.go:12 +0x17
`

复现步骤 (Steps To Reproduce)

cf tencent console

操作系统 (Operating System)

win10

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

[Bug] 关于错误输入AK、SK和STS时导致的程序报错

描述你遇到的问题 (What happened?)

随便输入少位数的AK能够存储成功

然后再次访问就报错

复现步骤 (Steps To Reproduce)

找到源码位置cf/pkg/util/cmdutil/config.go

func MaskAK(ak string) string {
	prefix := ak[:2]
	suffix := ak[len(ak)-6:]
	return prefix + strings.Repeat("*", 18) + suffix
}

在下面位置调用触发报错

if AccessKeyId != "" {
		OldAccessKeyId = fmt.Sprintf(" [%s] ", MaskAK(AccessKeyId))
	}

这里我对该部分代码进行了修改

package cmdutil

import (
	"fmt"
	"io/ioutil"
	"os"
	"path"
	"path/filepath"
	"sort"
	"strconv"
	"strings"

	"github.com/gookit/color"
	"github.com/teamssix/cf/pkg/util/database"
	"github.com/teamssix/cf/pkg/util/errutil"
	"github.com/teamssix/cf/pkg/util/global"
	"github.com/teamssix/cf/pkg/util/pubutil"

	"github.com/AlecAivazis/survey/v2"

	"github.com/bitly/go-simplejson"
	log "github.com/sirupsen/logrus"
	"github.com/teamssix/cf/pkg/cloud"
)

const (
	alibaba = "alibaba"
	tencent = "tencent"
	aws     = "aws"
)

func ConfigureAccessKey() {
	cloudConfigList, cloudProviderList, cloudProvider := selectProvider()
	for i, j := range cloudProviderList {
		if j == cloudProvider {
			var credList []cloud.Config
			switch cloudConfigList[i] {
			case alibaba:
				// 1. credential file
				alibabaConfigFile := filepath.Join(pubutil.GetUserDir(), "/.aliyun/config.json")
				isTrue, content := pubutil.ReadFile(alibabaConfigFile)
				if isTrue {
					contentJson, _ := simplejson.NewJson([]byte(content))
					contentJsonArray, _ := contentJson.Get("profiles").Array()
					for _, v := range contentJsonArray {
						cred := cloud.Config{}
						contentResult, _ := v.(map[string]interface{})
						cred.Alias = "local_" + contentResult["name"].(string)
						cred.AccessKeyId = contentResult["access_key_id"].(string)
						cred.AccessKeySecret = contentResult["access_key_secret"].(string)
						cred.STSToken = contentResult["sts_token"].(string)
						cred.Provider = alibaba
						credList = append(credList, cred)
					}
				}
				// 2. environment variables
				cred := cloud.Config{}
				cred.Provider = alibaba
				cred.Alias = "local_env"
				cred.AccessKeyId = os.Getenv("ALIBABACLOUD_ACCESS_KEY_ID")
				cred.AccessKeySecret = os.Getenv("ALIBABACLOUD_ACCESS_KEY_SECRET")
				cred.STSToken = os.Getenv("SECURITY_TOKEN")
				if cred.AccessKeyId != "" {
					credList = append(credList, cred)
				}
			case tencent:
				// 1. credential file
				tencentConfigPath := filepath.Join(pubutil.GetUserDir(), "/.tccli")
				tencentConfigFiles, _ := ioutil.ReadDir(tencentConfigPath)
				for _, f := range tencentConfigFiles {
					tencentConfigName := f.Name()
					if path.Ext(tencentConfigName) == ".credential" {
						tencentConfigFile := filepath.Join(tencentConfigPath, tencentConfigName)
						isTrue, content := pubutil.ReadFile(tencentConfigFile)
						if isTrue {
							contentJson, _ := simplejson.NewJson([]byte(content))
							cred := cloud.Config{}
							cred.Alias = "local_" + strings.TrimSuffix(tencentConfigName, ".credential")
							cred.AccessKeyId = contentJson.Get("secretId").MustString()
							cred.AccessKeySecret = contentJson.Get("secretKey").MustString()
							cred.Provider = tencent
							credList = append(credList, cred)
						}
					}
				}
				// 2. environment variables
				cred := cloud.Config{}
				cred.Provider = tencent
				cred.Alias = "local_env"
				cred.AccessKeyId = os.Getenv("TENCENTCLOUD_SECRET_ID")
				cred.AccessKeySecret = os.Getenv("TENCENTCLOUD_SECRET_KEY")
				cred.STSToken = os.Getenv("SECURITY_TOKEN")
				if cred.AccessKeyId != "" {
					credList = append(credList, cred)
				}
			case aws:
				// 1. credential file
				awsConfigFile := filepath.Join(pubutil.GetUserDir(), "/.aws/credentials")
				isTrue, content := pubutil.ReadFile(awsConfigFile)
				if isTrue {
					for _, v := range strings.Split(content, "[") {
						cred := cloud.Config{}
						if len(pubutil.StringClean(v)) != 0 {
							for _, j := range strings.Split(v, "\n") {
								if strings.Contains(j, "]") {
									cred.Alias = "local_" + strings.Replace(j, "]", "", -1)
								} else if strings.Contains(j, "aws_access_key_id") {
									cred.AccessKeyId = pubutil.StringClean(strings.Split(j, "=")[1])
								} else if strings.Contains(j, "aws_secret_access_key") {
									cred.AccessKeySecret = pubutil.StringClean(strings.Split(j, "=")[1])
								} else if strings.Contains(j, "aws_session_token") {
									cred.STSToken = pubutil.StringClean(strings.Split(j, "=")[1])
								}
							}
							cred.Provider = aws
							credList = append(credList, cred)
						}
					}
				}
				// 2. environment variables
				cred := cloud.Config{}
				cred.Provider = aws
				cred.Alias = "local_env"
				cred.AccessKeyId = os.Getenv("AWS_ACCESS_KEY_ID")
				cred.AccessKeySecret = os.Getenv("AWS_SECRET_ACCESS_KEY")
				cred.STSToken = os.Getenv("AWS_SESSION_TOKEN")
				if cred.AccessKeyId != "" {
					credList = append(credList, cred)
				}
			}
			if len(credList) != 0 {
				var (
					isTrue     bool
					selectedAK string
				)
				prompt := &survey.Confirm{
					Message: "在当前系统中发现访问密钥，是否导入？(Access keys were found in the current system, are they import?)",
					Default: false,
				}
				err := survey.AskOne(prompt, &isTrue)
				errutil.HandleErr(err)
				if isTrue {
					var accessKeyList []string
					if len(credList) > 1 {
						accessKeyList = append(accessKeyList, "全部访问密钥 (All access keys)")
					}
					for i, v := range credList {
						i = i + 1
						accessKeyList = append(accessKeyList, strconv.Itoa(i)+"\t"+v.Provider+"\t"+v.Alias+"\t"+v.AccessKeyId)
					}
					accessKeyList = append(accessKeyList, "退出 (Exit)")
					sort.Strings(accessKeyList)
					prompt := &survey.Select{
						Message: "选择您要导入的访问密钥 (Select the access key you want to import): ",
						Options: accessKeyList,
					}
					err := survey.AskOne(prompt, &selectedAK)
					errutil.HandleErr(err)
					if selectedAK == "全部访问密钥 (All access keys)" {
						log.Infoln("在导入全部的访问密钥后，您可以通过 \"cf config sw\" 来切换访问密钥。 (After importing all access keys, you can switch access key via \"cf config sw\".)")
						for _, v := range credList {
							SaveAccessKey(v)
						}
					} else if selectedAK == "退出 (Exit)" {
						log.Debugln("正在退出…… (Exiting...)")
					} else {
						for _, v := range credList {
							if v.AccessKeyId == strings.Split(selectedAK, "\t")[3] {
								SaveAccessKey(v)
							}
						}
					}
				} else {
					log.Infoln("已取消自动导入，请输入您要添加的访问密钥 (Automatic import has been cancelled, please enter the access key you want to add.)")
					config := GetConfig(cloudConfigList[i])
					inputAccessKey(config, cloudConfigList[i])
				}
			} else {
				config := GetConfig(cloudConfigList[i])
				inputAccessKey(config, cloudConfigList[i])
			}
		}
	}
}

func selectProvider() ([]string, []string, string) {
	var cloudProvider string
	cloudConfigList, cloudProviderList := ReturnCloudProviderList()
	prompt := &survey.Select{
		Message: "选择您要设置的云服务商 (Select a cloud provider): ",
		Options: cloudProviderList,
	}
	err := survey.AskOne(prompt, &cloudProvider)
	errutil.HandleErr(err)
	return cloudConfigList, cloudProviderList, cloudProvider
}

func ReturnCloudProviderList() ([]string, []string) {
	var (
		cloudConfigList   []string
		cloudProviderList []string
		CloudProviderMap  = global.CloudProviderMap
	)
	for k, v := range CloudProviderMap {
		cloudConfigList = append(cloudConfigList, k)
		cloudProviderList = append(cloudProviderList, v)
	}
	return cloudConfigList, cloudProviderList
}

func inputAccessKey(config cloud.Config, provider string) {
	OldAlias := ""
	OldAccessKeyId := ""
	OldAccessKeySecret := ""
	OldSTSToken := ""
	Alias := config.Alias
	AccessKeyId := config.AccessKeyId
	AccessKeySecret := config.AccessKeySecret
	STSToken := config.STSToken
	if AccessKeyId != "" {
		OldAccessKeyId = fmt.Sprintf(" [%s] ", MaskAK(AccessKeyId))
	}
	if AccessKeySecret != "" {
		OldAccessKeySecret = fmt.Sprintf(" [%s] ", MaskAK(AccessKeySecret))
	}
	if STSToken != "" {
		OldSTSToken = fmt.Sprintf(" [%s] ", MaskAK(STSToken))
	}
	var qs = []*survey.Question{
		{
			Name:   "Alias",
			Prompt: &survey.Input{Message: "输入访问密钥别名 (Input Access Key Alias) (必须 Required)" + OldAlias + ":"},
		},
		{
			Name:   "AccessKeyId",
			Prompt: &survey.Input{Message: "输入访问密钥 ID (Input Access Key Id) (必须 Required)" + OldAccessKeyId + ":"},
		},
		{
			Name:   "AccessKeySecret",
			Prompt: &survey.Password{Message: "输入访问密钥密钥 (Input Access Key Secret) (必须 Required)" + OldAccessKeySecret + ":"},
		},
		{
			Name:   "STSToken",
			Prompt: &survey.Input{Message: "输入临时凭证的 Token (Input STS Token) (可选 Optional)" + OldSTSToken + ":"},
		},
	}
	cred := cloud.Config{}
	err := survey.Ask(qs, &cred)
	//增加对输入的AK、SK和STS进行标准化校验
	MaskAK(cred.AccessKeyId)
	MaskAK(cred.AccessKeySecret)
	MaskAK(cred.STSToken)
	cred.Alias = strings.TrimSpace(cred.Alias)
	cred.AccessKeyId = strings.TrimSpace(cred.AccessKeyId)
	cred.AccessKeySecret = strings.TrimSpace(cred.AccessKeySecret)
	cred.STSToken = strings.TrimSpace(cred.STSToken)
	cred.Provider = provider
	if cred.Alias == "" {
		cred.Alias = Alias
	}
	if cred.AccessKeyId == "" {
		cred.AccessKeyId = AccessKeyId
	}
	if cred.AccessKeySecret == "" {
		cred.AccessKeySecret = AccessKeySecret
	}
	if cred.STSToken == "" && strings.Contains(cred.AccessKeyId, "STS.") {
		cred.STSToken = STSToken
	}
	errutil.HandleErr(err)
	SaveAccessKey(cred)
}

func SaveAccessKey(config cloud.Config) {
	configFilePath := pubutil.GetConfigFilePath()
	database.InsertConfig(config)
	database.UpdateConfigInUse(config)
	log.Debugf("配置文件路径 (Configuration file path): %s ", configFilePath)
	pubutil.CreateFolder(ReturnCacheDict())
}

func GetConfig(provider string) cloud.Config {
	return database.SelectConfigInUse(provider)
}

func ConfigLs(selectAll bool) {
	var (
		STSToken          string
		CommonTableHeader = []string{"别名 (Alias)", "访问密钥 ID (Access Key Id)", "访问密钥密钥 (Secret Key)", "临时访问密钥令牌 (STS Token)", "云服务提供商 (Provider)", "是否在使用 (In Use)"}
	)
	configList := database.SelectConfig()
	if selectAll {
		for _, v := range configList {
			color.Tag("info").Print("\n别名 (Alias): ")
			fmt.Println(v.Alias)
			color.Tag("info").Print("访问密钥 ID (Access Key Id): ")
			fmt.Println(v.AccessKeyId)
			color.Tag("info").Print("访问密钥密钥 (Secret Key): ")
			fmt.Println(v.AccessKeySecret)
			color.Tag("info").Print("临时访问密钥令牌 (STS Token): ")
			fmt.Println(v.STSToken)
			color.Tag("info").Print("云服务提供商 (Provider): ")
			fmt.Println(v.Provider)
			color.Tag("info").Print("是否在使用 (In Use): ")
			fmt.Println(v.InUse)
		}
	} else {
		Data := cloud.TableData{
			Header: CommonTableHeader,
		}
		if len(configList) == 0 {
			log.Info("未找到任何密钥 (No key found)")
		} else {
			for _, v := range configList {
				if len(v.STSToken) > 10 {
					STSToken = MaskAK(v.STSToken)
				} else {
					STSToken = v.STSToken
				}
				Data.Body = append(Data.Body, []string{
					v.Alias,
					v.AccessKeyId,
					v.AccessKeySecret,
					STSToken,
					v.Provider,
					strconv.FormatBool(v.InUse),
				})
			}
			cloud.PrintTable(Data, "当前存储的访问密钥信息 (Current stored access key information)")
		}
	}
}

func ConfigMf() {
	database.UpdateConfigModify()
}

func ConfigSw() {
	cloudConfigList, cloudProviderList, cloudProvider := selectProvider()
	for i, j := range cloudProviderList {
		if j == cloudProvider {
			database.UpdateConfigSwitch(cloudConfigList[i])
		}
	}
}

func ConfigDel() {
	database.DeleteConfig()
}

func MaskAK(ak string) string {
	if ak != "" {
		//捕获异常
		defer func() {
			err := recover() 
			if err != nil {  
				log.Error("输入的 AK 或者 SK有误 (Input Error)")
				os.Exit(1)
				
			}
		}()
		prefix := ak[:2]
		suffix := ak[len(ak)-6:]
		return prefix + strings.Repeat("*", 18) + suffix
	}
	return ""
}

当然我相信大佬有更好的解决方案

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

0.4.0

补充信息 (Anything else?)

No response

阿里云报警是否可以bypass

描述你希望优化的功能 (Describe your needs)

配置阿里云执行命令会有报警，是否有什么办法bypass一下。

补充信息 (Anything else?)

No response

[Bug] Program will not stop when Ctrl-c is pressed.

描述你遇到的问题 (What happened?)

当尝试 config key 的时候发现自己输入错误第一时间执行 ctrl -c 的时候会发现程序无法正常退出

复现步骤 (Steps To Reproduce)

cf config

操作系统 (Operating System)

MacOS

系统类型 (System Type)

arm64

CF 版本 ( CF Version)

0.4.0

补充信息 (Anything else?)

errutils 包中没有对用户取消 interrupt 做出正确的响应

[Feat] <什么时候能增加对七牛云的接管 >

描述你希望增加的功能 (Describe the features you wish to add)

补充信息 (Anything else?)

No response

公网 IP (PUBLIC IP) 为[]是什么意思，执行命令一直无响应

描述你遇到的问题 (What happened?)

刚好这个ECS执行命令就一直无响应，怎么回事呢

复现步骤 (Steps To Reproduce)

可以获取到ECS资源等。

操作系统 (Operating System)

Windows

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

[Feat] 列出存储桶对象时可指定数量

描述你希望增加的需求 (Describe your needs)

使用如下命令列出存储桶对象时希望增加指定数量参数
./cf alibaba oss obj ls

大批量查询耗时较久。

补充信息 (Anything else?)

No response

华为云接管功能加入

师傅啥时候把华为云接管控制台功能加入

[Feat] 列出桶对象时搜索过滤

描述你希望增加的需求 (Describe your needs)

由于桶对象过多，需要过滤需求文件，本想使用正则等搜索发现不行，查看api文档貌似只能过滤前缀，不知大佬可否新增搜索功能，如果没有，望增加过滤功能，obj ls 和obj get

补充信息 (Anything else?)

No response

[Bug] <v0.4.4 huawei执行出错>

描述你遇到的问题 (What happened?)

./cf huawei obs ls
[2023-03-03 21:01:36] INFO 在全部区域下获取到 8 条 obs Bucket 信息 (Find 8 obs Bucket under all areas)
[2023-03-03 21:01:45] ERROR obs: service returned error: Status=500 Server Error, Code=InternalError, Message=We encountered an internal error. Please try again., RequestId=00000186A7906B7980584FCF09B4A888
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x201c459]

goroutine 1 [running]:
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.GetBucketRegion({0xc0003883d0, 0xa})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obsls.go:31 +0x79
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.PrintBucketsListRealTime({0x250d673, 0x3}, {0x250d673, 0x3})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obsls.go:123 +0x325
github.com/teamssix/cf/pkg/cloud/huawei/huaweiobs.PrintBucketsList({0x250d673, 0x3}, 0x6f?, {0x250d673, 0x3})
/home/runner/work/cf/cf/pkg/cloud/huawei/huaweiobs/obsls.go:158 +0x8a
github.com/teamssix/cf/cmd/huawei.glob..func1(0x3c53000?, {0x250e9e9?, 0x0?, 0x0?})
/home/runner/work/cf/cf/cmd/huawei/obs.go:37 +0xbe
github.com/spf13/cobra.(*Command).execute(0x3c53000, {0x3c8e4e0, 0x0, 0x0})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0x3c4e280)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3b4
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
github.com/teamssix/cf/cmd.Execute()
/home/runner/work/cf/cf/cmd/root.go:50 +0x55
main.main()
/home/runner/work/cf/cf/main.go:12 +0x17

复现步骤 (Steps To Reproduce)

./cf huawei obs ls

操作系统 (Operating System)

MacOS

系统类型 (System Type)

amd64

CF 版本 ( CF Version)

最新的 (Latest)

补充信息 (Anything else?)

No response

baidu bos[Feat]

https://cloud.baidu.com/doc/BOS/s/Ojwvyrpgd#%E4%BD%BF%E7%94%A8sts%E5%88%9B%E5%BB%BAbosclient

希望增加对OSS跨域规则操作功能的添加

默认不开启CORS，开启需要进行接口操作

见
https://help.aliyun.com/document_detail/32001.htm?spm=a2c4g.11186623.0.0.372421dc2M1gHs#reference-wtg-ttc-xdb