Plugins

package
v0.0.0-...-03b21f9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 17, 2025 License: MIT Imports: 58 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// 写入操作后的延迟时间
	TIME_DELAY_AFTER_WRITE = 300 * time.Millisecond

	// Telnet基础控制字符
	IAC  = byte(255) // 解释为命令(Interpret As Command)
	DONT = byte(254) // 请求对方停止执行某选项
	DO   = byte(253) // 请求对方执行某选项
	WONT = byte(252) // 拒绝执行某选项
	WILL = byte(251) // 同意执行某选项

	// 子协商相关控制字符
	SB = byte(250) // 子协商开始(Subnegotiation Begin)
	SE = byte(240) // 子协商结束(Subnegotiation End)

	// 特殊功能字符
	NULL  = byte(0)   // 空字符
	EOF   = byte(236) // 文档结束
	SUSP  = byte(237) // 暂停进程
	ABORT = byte(238) // 停止进程
	REOR  = byte(239) // 记录结束

	// Telnet选项代码
	BINARY = byte(0) // 8位数据通道
	ECHO   = byte(1) // 回显
	SGA    = byte(3) // 禁止继续

	// 服务器类型常量定义
	Closed              = iota // 连接关闭
	UnauthorizedAccess         // 无需认证
	OnlyPassword               // 仅需密码
	UsernameAndPassword        // 需要用户名和密码
)

Telnet协议常量定义

Variables

View Source 
var (
	UNIQUE_NAMES = map[string]string{
		"\x00": "WorkstationService",
		"\x03": "Messenger Service",
		"\x06": "RAS Server Service",
		"\x1F": "NetDDE Service",
		"\x20": "ServerService",
		"\x21": "RAS Client Service",
		"\xBE": "Network Monitor Agent",
		"\xBF": "Network Monitor Application",
		"\x1D": "Master Browser",
		"\x1B": "Domain Master Browser",
	}

	GROUP_NAMES = map[string]string{
		"\x00": "DomainName",
		"\x1C": "DomainControllers",
		"\x1E": "Browser Service Elections",
	}

	NetBIOS_ITEM_TYPE = map[string]string{
		"\x01\x00": "NetBiosComputerName",
		"\x02\x00": "NetBiosDomainName",
		"\x03\x00": "ComputerName",
		"\x04\x00": "DomainName",
		"\x05\x00": "DNS tree name",
		"\x07\x00": "Time stamp",
	}
	NegotiateSMBv1Data1 = []byte{}/* 137 elements not displayed */

	NegotiateSMBv1Data2 = []byte{}/* 270 elements not displayed */

)
View Source 
var (
	ErrNoTitle        = fmt.Errorf("无法获取标题")
	ErrHTTPClientInit = fmt.Errorf("HTTP客户端未初始化")
	ErrReadRespBody   = fmt.Errorf("读取响应内容失败")
)

错误定义

Functions

func ActiveMQConn 

func ActiveMQConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

ActiveMQConn 尝试ActiveMQ连接

func ActiveMQScan 

func ActiveMQScan(info *Common.HostInfo) (tmperr error)

func AesDecrypt 

func AesDecrypt(crypted string, key string) (string, error)

AesDecrypt 使用AES-CBC模式解密字符串

func AesEncrypt 

func AesEncrypt(orig string, key string) (string, error)

AesEncrypt 使用AES-CBC模式加密字符串

func CassandraConn 

func CassandraConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

CassandraConn 尝试Cassandra连接,支持上下文超时

func CassandraScan 

func CassandraScan(info *Common.HostInfo) (tmperr error)

func DCInfoScan 

func DCInfoScan(info *Common.HostInfo) (err error)

func ElasticConn 

func ElasticConn(ctx context.Context, info *Common.HostInfo, user string, pass string, timeoutSeconds int64) (bool, error)

ElasticConn 尝试Elasticsearch连接

func ElasticScan 

func ElasticScan(info *Common.HostInfo) error

func ExploitRedis 

func ExploitRedis(ctx context.Context, info *Common.HostInfo, conn net.Conn, password string) error

ExploitRedis 执行Redis漏洞利用

func Findnet 

func Findnet(info *Common.HostInfo) error

func FindnetScan 

func FindnetScan(info *Common.HostInfo) error

func FtpConn 

func FtpConn(info *Common.HostInfo, user string, pass string) (success bool, directories []string, err error)

FtpConn 建立FTP连接并尝试登录

func FtpScan 

func FtpScan(info *Common.HostInfo) error

func HexUnicodeStringToString 

func HexUnicodeStringToString(src string) string

func IMAPConn 

func IMAPConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

IMAPConn 连接测试函数

func IMAPScan 

func IMAPScan(info *Common.HostInfo) error

IMAPScan 主扫描函数

func KafkaConn 

func KafkaConn(info *Common.HostInfo, user string, pass string) (bool, error)

KafkaConn 尝试 Kafka 连接

func KafkaScan 

func KafkaScan(info *Common.HostInfo) error

func LDAPConn 

func LDAPConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

LDAPConn 尝试LDAP连接

func LDAPScan 

func LDAPScan(info *Common.HostInfo) error

func LocalInfoScan 

func LocalInfoScan(info *Common.HostInfo) (err error)

LocalInfoScan 本地信息收集主函数

func MS17010 

func MS17010(info *Common.HostInfo) error

MS17010 扫描入口函数

func MS17010EXP 

func MS17010EXP(info *Common.HostInfo)

MS17010EXP 执行MS17-010漏洞利用

func MS17010Scan 

func MS17010Scan(info *Common.HostInfo) error

func MemcachedScan 

func MemcachedScan(info *Common.HostInfo) error

MemcachedScan 检测Memcached未授权访问

func MiniDump 

func MiniDump(info *Common.HostInfo) (err error)

func ModbusScan 

func ModbusScan(info *Common.HostInfo) error

ModbusScan 执行 Modbus 服务扫描

func MongodbScan 

func MongodbScan(info *Common.HostInfo) error

MongodbScan 执行MongoDB未授权扫描

func MongodbUnauth 

func MongodbUnauth(ctx context.Context, info *Common.HostInfo) (bool, error)

MongodbUnauth 检测MongoDB未授权访问

func MssqlConn 

func MssqlConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

MssqlConn 尝试MSSQL连接

func MssqlScan 

func MssqlScan(info *Common.HostInfo) error

MssqlScan 执行MSSQL服务扫描

func MysqlConn 

func MysqlConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

MysqlConn 尝试MySQL连接

func MysqlScan 

func MysqlScan(info *Common.HostInfo) error

MysqlScan 执行MySQL服务扫描

func Neo4jConn 

func Neo4jConn(info *Common.HostInfo, user string, pass string) (bool, error)

Neo4jConn 尝试Neo4j连接

func Neo4jScan 

func Neo4jScan(info *Common.HostInfo) error

func NetBIOS 

func NetBIOS(info *Common.HostInfo) error

func OracleConn 

func OracleConn(ctx context.Context, info *Common.HostInfo, user string, pass string, serviceName string, asSysdba bool) (bool, error)

OracleConn 尝试Oracle连接

func OracleScan 

func OracleScan(info *Common.HostInfo) error

func PKCS7Padding 

func PKCS7Padding(data []byte, blockSize int) []byte

PKCS7Padding 对数据进行PKCS7填充

func PKCS7UnPadding 

func PKCS7UnPadding(data []byte) ([]byte, error)

PKCS7UnPadding 去除PKCS7填充

func POP3Conn 

func POP3Conn(ctx context.Context, info *Common.HostInfo, user string, pass string) (success bool, isTLS bool, err error)

POP3Conn 尝试POP3连接

func POP3Scan 

func POP3Scan(info *Common.HostInfo) error

func PostgresConn 

func PostgresConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error)

PostgresConn 尝试PostgreSQL连接

func PostgresScan 

func PostgresScan(info *Common.HostInfo) error

PostgresScan 执行PostgreSQL服务扫描

func RabbitMQConn 

func RabbitMQConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, error, string)

RabbitMQConn 尝试 RabbitMQ 连接

func RabbitMQScan 

func RabbitMQScan(info *Common.HostInfo) error

RabbitMQScan 执行 RabbitMQ 服务扫描

func RdpConn 

func RdpConn(ip, domain, user, password string, port int, timeout int64) (bool, error)

RdpConn 尝试RDP连接

func RdpScan 

func RdpScan(info *Common.HostInfo) error

RdpScan 执行RDP服务扫描

func ReadBytes 

func ReadBytes(conn net.Conn) ([]byte, error)

ReadBytes 从连接读取数据直到EOF或错误

func Readfile 

func Readfile(filename string) (string, error)

Readfile 读取文件内容并返回第一个非空行

func RedisConn 

func RedisConn(info *Common.HostInfo, pass string) (bool, error)

RedisConn 尝试Redis连接

func RedisScan 

func RedisScan(info *Common.HostInfo) error

func RedisUnauth 

func RedisUnauth(ctx context.Context, info *Common.HostInfo) (flag bool, err error)

RedisUnauth 尝试Redis未授权访问检测

func RsyncConn 

func RsyncConn(ctx context.Context, info *Common.HostInfo, user string, pass string) (bool, string, error)

RsyncConn 尝试Rsync连接

func RsyncScan 

func RsyncScan(info *Common.HostInfo) error

func SNMPConnect 

func SNMPConnect(info *Common.HostInfo, community string, portNum int) (bool, string, error)

SNMPConnect 尝试SNMP连接

func SNMPScan 

func SNMPScan(info *Common.HostInfo) (tmperr error)

SNMPScan 执行SNMP服务扫描

func Smb2Con 

func Smb2Con(ctx context.Context, info *Common.HostInfo, user string, pass string, hash []byte, hasprint bool) (flag bool, err error, shares []string)

Smb2Con 尝试SMB2连接并进行认证,检查共享访问权限

func SmbGhost 

func SmbGhost(info *Common.HostInfo) error

SmbGhost 检测SMB Ghost漏洞(CVE-2020-0796)的入口函数

func SmbGhostScan 

func SmbGhostScan(info *Common.HostInfo) error

SmbGhostScan 执行具体的SMB Ghost漏洞检测逻辑

func SmbScan 

func SmbScan(info *Common.HostInfo) error

func SmbScan2 

func SmbScan2(info *Common.HostInfo) error

SmbScan2 执行SMB2服务的认证扫描,支持密码和哈希两种认证方式

func SmblConn 

func SmblConn(info *Common.HostInfo, user string, pass string, signal chan struct{}) (flag bool, err error)

SmblConn 尝试建立SMB连接并认证

func SmtpConn 

func SmtpConn(info *Common.HostInfo, user string, pass string, timeoutSeconds int64) (bool, error)

SmtpConn 尝试 SMTP 连接

func SmtpScan 

func SmtpScan(info *Common.HostInfo) error

SmtpScan 执行 SMTP 服务扫描

func SshScan 

func SshScan(info *Common.HostInfo) error

SshScan 扫描SSH服务弱密码

func TelnetScan 

func TelnetScan(info *Common.HostInfo) error

TelnetScan 执行Telnet服务扫描和密码爆破

func VncConn 

func VncConn(ctx context.Context, info *Common.HostInfo, pass string) (bool, error)

VncConn 尝试建立VNC连接

func VncScan 

func VncScan(info *Common.HostInfo) error

func WebPoc 

func WebPoc(info *Common.HostInfo) error

WebPoc 直接执行Web漏洞扫描

func WebTitle 

func WebTitle(info *Common.HostInfo) error

WebTitle 获取Web标题和指纹信息

Types

type ActiveMQCredential 

type ActiveMQCredential struct {
	Username string
	Password string
}

ActiveMQCredential 表示一个ActiveMQ凭据

type ActiveMQScanResult 

type ActiveMQScanResult struct {
	Success    bool
	Error      error
	Credential ActiveMQCredential
}

ActiveMQScanResult 表示扫描结果

type CassandraCredential 

type CassandraCredential struct {
	Username string
	Password string
}

CassandraCredential 表示一个Cassandra凭据

type CassandraScanResult 

type CassandraScanResult struct {
	Success     bool
	IsAnonymous bool
	Error       error
	Credential  CassandraCredential
}

CassandraScanResult 表示扫描结果

type Client 

type Client struct {
	Host string // 服务地址(ip:port)
	// contains filtered or unexported fields
}

Client RDP客户端结构

func NewClient 

func NewClient(host string, logLevel glog.LEVEL) *Client

NewClient 创建新的RDP客户端

func (*Client) Login 

func (g *Client) Login(domain, user, pwd string, timeout int64) error

Login 执行RDP登录

type ElasticCredential 

type ElasticCredential struct {
	Username string
	Password string
}

ElasticCredential 表示Elasticsearch的凭据

type ElasticScanResult 

type ElasticScanResult struct {
	Success    bool
	IsUnauth   bool
	Error      error
	Credential ElasticCredential
}

ElasticScanResult 表示扫描结果

type FtpCredential 

type FtpCredential struct {
	Username string
	Password string
}

FtpCredential 表示一个FTP凭据

type FtpScanResult 

type FtpScanResult struct {
	Success     bool
	Error       error
	Credential  FtpCredential
	Directories []string
	IsAnonymous bool
}

FtpScanResult 表示FTP扫描结果

type IMAPCredential 

type IMAPCredential struct {
	Username string
	Password string
}

IMAPCredential 表示一个IMAP凭据

type IMAPScanResult 

type IMAPScanResult struct {
	Success    bool
	Error      error
	Credential IMAPCredential
}

IMAPScanResult 表示IMAP扫描结果

type KafkaCredential 

type KafkaCredential struct {
	Username string
	Password string
}

KafkaCredential 表示Kafka凭据

type KafkaScanResult 

type KafkaScanResult struct {
	Success    bool
	IsUnauth   bool
	Error      error
	Credential KafkaCredential
}

KafkaScanResult 表示扫描结果

type LDAPCredential 

type LDAPCredential struct {
	Username string
	Password string
}

LDAPCredential 表示一个LDAP凭据

type LDAPScanResult 

type LDAPScanResult struct {
	Success     bool
	Error       error
	Credential  LDAPCredential
	IsAnonymous bool
}

LDAPScanResult 表示LDAP扫描结果

type MemcachedScanResult 

type MemcachedScanResult struct {
	Success bool
	Error   error
	Stats   string
}

MemcachedScanResult 表示Memcached扫描结果

type ModbusScanResult 

type ModbusScanResult struct {
	Success    bool
	DeviceInfo string
	Error      error
}

ModbusScanResult 表示 Modbus 扫描结果

type MssqlCredential 

type MssqlCredential struct {
	Username string
	Password string
}

MssqlCredential 表示一个MSSQL凭据

type MssqlScanResult 

type MssqlScanResult struct {
	Success    bool
	Error      error
	Credential MssqlCredential
}

MssqlScanResult 表示MSSQL扫描结果

type MySQLCredential 

type MySQLCredential struct {
	Username string
	Password string
}

MySQLCredential 表示一个MySQL凭据

type MySQLScanResult 

type MySQLScanResult struct {
	Success    bool
	Error      error
	Credential MySQLCredential
}

MySQLScanResult 表示MySQL扫描结果

type Neo4jCredential 

type Neo4jCredential struct {
	Username string
	Password string
}

Neo4jCredential 表示一个Neo4j凭据

type Neo4jScanResult 

type Neo4jScanResult struct {
	Success        bool
	Error          error
	Credential     Neo4jCredential
	IsUnauth       bool
	IsDefaultCreds bool
}

Neo4jScanResult 表示Neo4j扫描结果

type NetBiosInfo 

type NetBiosInfo struct {
	GroupName          string
	WorkstationService string `yaml:"WorkstationService"`
	ServerService      string `yaml:"ServerService"`
	DomainName         string `yaml:"DomainName"`
	DomainControllers  string `yaml:"DomainControllers"`
	ComputerName       string `yaml:"ComputerName"`
	OsVersion          string `yaml:"OsVersion"`
	NetDomainName      string `yaml:"NetBiosDomainName"`
	NetComputerName    string `yaml:"NetBiosComputerName"`
}

func GetNbnsname 

func GetNbnsname(info *Common.HostInfo) (netbios NetBiosInfo, err error)

func JoinNetBios 

func JoinNetBios(netbios1, netbios2 *NetBiosInfo) *NetBiosInfo

func NetBIOS1 

func NetBIOS1(info *Common.HostInfo) (netbios NetBiosInfo, err error)

func ParseNTLM 

func ParseNTLM(ret []byte) (netbios NetBiosInfo, err error)

func ParseNetBios 

func ParseNetBios(input []byte) (netbios NetBiosInfo, err error)

func (*NetBiosInfo) String 

func (info *NetBiosInfo) String() (output string)

type OracleCredential 

type OracleCredential struct {
	Username string
	Password string
}

OracleCredential 表示一个Oracle凭据

type OracleScanResult 

type OracleScanResult struct {
	Success     bool
	Error       error
	Credential  OracleCredential
	ServiceName string
}

OracleScanResult 表示Oracle扫描结果

type POP3Credential 

type POP3Credential struct {
	Username string
	Password string
}

POP3Credential 表示一个POP3凭据

type POP3ScanResult 

type POP3ScanResult struct {
	Success    bool
	Error      error
	Credential POP3Credential
	IsTLS      bool
}

POP3ScanResult 表示POP3扫描结果

type PostgresCredential 

type PostgresCredential struct {
	Username string
	Password string
}

PostgresCredential 表示一个PostgreSQL凭据

type PostgresScanResult 

type PostgresScanResult struct {
	Success    bool
	Error      error
	Credential PostgresCredential
}

PostgresScanResult 表示PostgreSQL扫描结果

type ProtocolResult 

type ProtocolResult struct {
	Protocol string
	Success  bool
}

协议检测结果

type RDPCredential 

type RDPCredential struct {
	Username string
	Password string
	Domain   string
}

RDPCredential 表示一个RDP凭据

type RDPScanResult 

type RDPScanResult struct {
	Success    bool
	Error      error
	Credential RDPCredential
}

RDPScanResult 表示RDP扫描结果

type RabbitMQCredential 

type RabbitMQCredential struct {
	Username string
	Password string
}

RabbitMQCredential 表示一个RabbitMQ凭据

type RabbitMQScanResult 

type RabbitMQScanResult struct {
	Success    bool
	Error      error
	Credential RabbitMQCredential
	ErrorMsg   string // 保存详细的错误信息
}

RabbitMQScanResult 表示扫描结果

type RedisCredential 

type RedisCredential struct {
	Password string
}

type RedisScanResult 

type RedisScanResult struct {
	Success    bool
	IsUnauth   bool
	Error      error
	Credential RedisCredential
}

type RsyncCredential 

type RsyncCredential struct {
	Username string
	Password string
}

RsyncCredential 表示一个Rsync凭据

type RsyncScanResult 

type RsyncScanResult struct {
	Success     bool
	Error       error
	Credential  RsyncCredential
	IsAnonymous bool
	ModuleName  string
}

RsyncScanResult 表示Rsync扫描结果

type Smb2Credential 

type Smb2Credential struct {
	Username string
	Password string
	Hash     []byte
	IsHash   bool
}

Smb2Credential 表示一个SMB2凭据

type Smb2ScanResult 

type Smb2ScanResult struct {
	Success    bool
	Error      error
	Credential Smb2Credential
	Shares     []string
}

Smb2ScanResult 表示SMB2扫描结果

type SmbCredential 

type SmbCredential struct {
	Username string
	Password string
}

SmbCredential 表示一个SMB凭据

type SmbScanResult 

type SmbScanResult struct {
	Success    bool
	Error      error
	Credential SmbCredential
}

SmbScanResult 表示SMB扫描结果

type SmtpCredential 

type SmtpCredential struct {
	Username string
	Password string
}

SmtpCredential 表示一个SMTP凭据

type SmtpScanResult 

type SmtpScanResult struct {
	Success     bool
	Error       error
	Credential  SmtpCredential
	IsAnonymous bool
}

SmtpScanResult 表示SMTP扫描结果

type SshCredential 

type SshCredential struct {
	Username string
	Password string
}

SshCredential 表示一个SSH凭据

type SshScanResult 

type SshScanResult struct {
	Success    bool
	Error      error
	Credential SshCredential
}

SshScanResult 表示SSH扫描结果

type TelnetClient 

type TelnetClient struct {
	IPAddr   string // 服务器IP地址
	Port     string // 服务器端口
	UserName string // 用户名
	Password string // 密码

	LastResponse string // 最近一次响应内容
	ServerType   int    // 服务器类型
	// contains filtered or unexported fields
}

TelnetClient Telnet客户端结构体

func (*TelnetClient) Clear 

func (c *TelnetClient) Clear()

Clear 清空最近一次响应

func (*TelnetClient) Close 

func (c *TelnetClient) Close()

Close 关闭Telnet连接

func (*TelnetClient) LogBaserOnlyPassword 

func (c *TelnetClient) LogBaserOnlyPassword() error

LogBaserOnlyPassword 处理只需密码的登录

func (*TelnetClient) LogBaserUsernameAndPassword 

func (c *TelnetClient) LogBaserUsernameAndPassword() error

LogBaserUsernameAndPassword 处理需要用户名和密码的登录

func (*TelnetClient) Login 

func (c *TelnetClient) Login() error

Login 根据服务器类型执行登录

func (*TelnetClient) MakeReply 

func (c *TelnetClient) MakeReply(command []byte) []byte

MakeReply 根据命令生成对应的回复

func (*TelnetClient) MakeReplyFromList 

func (c *TelnetClient) MakeReplyFromList(list [][]byte) []byte

MakeReplyFromList 处理命令列表并生成回复

func (*TelnetClient) MakeServerType 

func (c *TelnetClient) MakeServerType() int

MakeServerType 通过分析服务器响应判断服务器类型

func (*TelnetClient) Netloc 

func (c *TelnetClient) Netloc() string

Netloc 获取网络地址字符串

func (*TelnetClient) ReadContext 

func (c *TelnetClient) ReadContext() string

ReadContext 读取Telnet连接返回的内容

func (*TelnetClient) SerializationResponse 

func (c *TelnetClient) SerializationResponse(responseBuf []byte) (displayBuf []byte, commandList [][]byte)

SerializationResponse 解析Telnet响应数据

func (*TelnetClient) WriteContext 

func (c *TelnetClient) WriteContext(s string)

WriteContext 写入数据到Telnet连接

type TelnetCredential 

type TelnetCredential struct {
	Username string
	Password string
}

TelnetCredential 表示一个Telnet凭据

type TelnetScanResult 

type TelnetScanResult struct {
	Success    bool
	Error      error
	Credential TelnetCredential
	NoAuth     bool
}

TelnetScanResult 表示Telnet扫描结果

type VncCredential 

type VncCredential struct {
	Password string
}

VncCredential 表示VNC凭据

type VncScanResult 

type VncScanResult struct {
	Success    bool
	Error      error
	Credential VncCredential
}

VncScanResult 表示VNC扫描结果

type WebResponse 

type WebResponse struct {
	Url         string
	StatusCode  int
	Title       string
	Length      string
	Headers     map[string]string
	RedirectUrl string
	Body        []byte
	Error       error
}

响应结果

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.