2020-12-29 17:17:10 +08:00
|
|
|
package Plugins
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
2024-12-18 22:00:18 +08:00
|
|
|
"github.com/shadow1ng/fscan/Common"
|
2020-12-29 17:17:10 +08:00
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
)
|
|
|
|
|
|
2024-12-18 23:40:03 +08:00
|
|
|
// MemcachedScan 检测Memcached未授权访问
|
2024-12-19 16:15:53 +08:00
|
|
|
func MemcachedScan(info *Common.HostInfo) error {
|
2021-04-21 00:13:04 +08:00
|
|
|
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
|
2024-12-18 23:40:03 +08:00
|
|
|
timeout := time.Duration(Common.Timeout) * time.Second
|
|
|
|
|
|
|
|
|
|
// 建立TCP连接
|
|
|
|
|
client, err := Common.WrapperTcpWithTimeout("tcp", realhost, timeout)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer client.Close()
|
|
|
|
|
|
|
|
|
|
// 设置超时时间
|
|
|
|
|
if err := client.SetDeadline(time.Now().Add(timeout)); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 发送stats命令
|
|
|
|
|
if _, err := client.Write([]byte("stats\n")); err != nil {
|
|
|
|
|
return err
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
2024-12-18 23:40:03 +08:00
|
|
|
|
|
|
|
|
// 读取响应
|
|
|
|
|
rev := make([]byte, 1024)
|
|
|
|
|
n, err := client.Read(rev)
|
|
|
|
|
if err != nil {
|
|
|
|
|
errlog := fmt.Sprintf("[-] Memcached %v:%v %v", info.Host, info.Ports, err)
|
|
|
|
|
Common.LogError(errlog)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 检查响应内容
|
|
|
|
|
if strings.Contains(string(rev[:n]), "STAT") {
|
|
|
|
|
result := fmt.Sprintf("[+] Memcached %s 未授权访问", realhost)
|
|
|
|
|
Common.LogSuccess(result)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
