admin/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-11-05 10:45:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
fscan/Plugins/SSH.go

183 lines
4.3 KiB
Go
Raw Normal View History

commit message
2020-12-29 17:17:10 +08:00
package Plugins
import (
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
"context"
commit message
2020-12-29 17:17:10 +08:00
"fmt"
refactor: 规范化文件命名
2024-12-18 22:00:18 +08:00
"github.com/shadow1ng/fscan/Common"
Update ssh.go
2023-11-13 11:27:01 +08:00
"golang.org/x/crypto/ssh"
"io/ioutil"
commit message
2020-12-29 17:17:10 +08:00
"net"
"strings"
"time"
)
refacor: 结构化修改
2024-12-19 16:15:53 +08:00
func SshScan(info *Common.HostInfo) (tmperr error) {
refactor: 大型重构
2024-12-20 03:46:09 +08:00
if Common.DisableBrute {
增加爆破关闭参数 -nobr
2021-11-25 10:16:39 +08:00
return
}
refactor: SSH模块重构
2024-12-18 15:19:53 +08:00
refactor: 全部优化为多线程
2024-12-31 20:25:54 +08:00
maxRetries := Common.MaxRetries
feat: 分离结果输出和日志
2025-01-14 23:38:58 +08:00
target := fmt.Sprintf("%v:%v", info.Host, info.Ports)
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
feat: 分离结果输出和日志
2025-01-14 23:38:58 +08:00
Common.LogDebug(fmt.Sprintf("开始扫描 %s", target))
feat: 增加端口识别,修复插件总超时
2025-01-03 16:29:54 +08:00
totalUsers := len(Common.Userdict["ssh"])
totalPass := len(Common.Passwords)
Common.LogDebug(fmt.Sprintf("开始尝试用户名密码组合 (总用户数: %d, 总密码数: %d)", totalUsers, totalPass))
tried := 0
total := totalUsers * totalPass
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
// 遍历所有用户名密码组合
refactor: 规范化文件命名
2024-12-18 22:00:18 +08:00
for _, user := range Common.Userdict["ssh"] {
for _, pass := range Common.Passwords {
feat: 增加端口识别,修复插件总超时
2025-01-03 16:29:54 +08:00
tried++
commit message
2020-12-29 17:17:10 +08:00
pass = strings.Replace(pass, "{user}", user, -1)
feat: 增加端口识别,修复插件总超时
2025-01-03 16:29:54 +08:00
Common.LogDebug(fmt.Sprintf("[%d/%d] 尝试: %s:%s", tried, total, user, pass))
refactor: 全部优化为多线程
2024-12-31 20:25:54 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
// 重试循环
for retryCount := 0; retryCount < maxRetries; retryCount++ {
feat: 增加端口识别,修复插件总超时
2025-01-03 16:29:54 +08:00
if retryCount > 0 {
Common.LogDebug(fmt.Sprintf("第%d次重试: %s:%s", retryCount+1, user, pass))
}
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
ctx, cancel := context.WithTimeout(context.Background(), time.Duration(Common.Timeout)*time.Second)
done := make(chan struct {
success bool
err error
}, 1)
refactor: 全部优化为多线程
2024-12-31 20:25:54 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
go func(user, pass string) {
success, err := SshConn(info, user, pass)
refactor: 全部优化为多线程
2024-12-31 20:25:54 +08:00
select {
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
case <-ctx.Done():
case done <- struct {
success bool
err error
}{success, err}:
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
}
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
}(user, pass)
var err error
select {
case result := <-done:
err = result.err
if result.success {
feat: 分离结果输出和日志
2025-01-14 23:38:58 +08:00
successMsg := fmt.Sprintf("SSH认证成功 %s User:%v Pass:%v", target, user, pass)
Common.LogSuccess(successMsg)
// 保存结果
details := map[string]interface{}{
"port": info.Ports,
"service": "ssh",
"username": user,
"password": pass,
"type": "weak-password",
}
// 如果使用了密钥认证,添加密钥信息
if Common.SshKeyPath != "" {
details["auth_type"] = "key"
details["key_path"] = Common.SshKeyPath
details["password"] = nil
}
// 如果执行了命令,添加命令信息
if Common.Command != "" {
details["command"] = Common.Command
}
vulnResult := &Common.ScanResult{
Time: time.Now(),
Type: Common.VULN,
Target: info.Host,
Status: "vulnerable",
Details: details,
}
Common.SaveResult(vulnResult)
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
time.Sleep(100 * time.Millisecond)
cancel()
return nil
refactor: 全部优化为多线程
2024-12-31 20:25:54 +08:00
}
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
case <-ctx.Done():
err = fmt.Errorf("连接超时")
}
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
cancel()
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
if err != nil {
feat: 分离结果输出和日志
2025-01-14 23:38:58 +08:00
errMsg := fmt.Sprintf("SSH认证失败 %s User:%v Pass:%v Err:%v",
target, user, pass, err)
Common.LogError(errMsg)
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
if retryErr := Common.CheckErrs(err); retryErr != nil {
if retryCount == maxRetries-1 {
return err
}
continue
}
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
}
refactor: SSH模块重构
2024-12-18 15:19:53 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
if Common.SshKeyPath != "" {
feat: 增加端口识别,修复插件总超时
2025-01-03 16:29:54 +08:00
Common.LogDebug("检测到SSH密钥路径停止密码尝试")
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
return err
}
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
break
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
}
commit message
2020-12-29 17:17:10 +08:00
}
}
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
feat: 增加端口识别,修复插件总超时
2025-01-03 16:29:54 +08:00
Common.LogDebug(fmt.Sprintf("扫描完成,共尝试 %d 个组合", tried))
commit message
2020-12-29 17:17:10 +08:00
return tmperr
}
fix: SSH连接超时问题
2024-12-20 20:44:59 +08:00
func SshConn(info *Common.HostInfo, user string, pass string) (flag bool, err error) {
refactor: SSH模块重构
2024-12-18 15:19:53 +08:00
var auth []ssh.AuthMethod
refactor: 大型重构
2024-12-20 03:46:09 +08:00
if Common.SshKeyPath != "" {
pemBytes, err := ioutil.ReadFile(Common.SshKeyPath)
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
if err != nil {
refactor: 输出格式重构,重构SMB、SMB2、FTP的一些验证逻辑
2025-01-01 05:24:49 +08:00
return false, fmt.Errorf("读取密钥失败: %v", err)
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
}
refactor: SSH模块重构
2024-12-18 15:19:53 +08:00
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
signer, err := ssh.ParsePrivateKey(pemBytes)
if err != nil {
refactor: 输出格式重构,重构SMB、SMB2、FTP的一些验证逻辑
2025-01-01 05:24:49 +08:00
return false, fmt.Errorf("解析密钥失败: %v", err)
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
}
refactor: SSH模块重构
2024-12-18 15:19:53 +08:00
auth = []ssh.AuthMethod{ssh.PublicKeys(signer)}
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
} else {
refactor: SSH模块重构
2024-12-18 15:19:53 +08:00
auth = []ssh.AuthMethod{ssh.Password(pass)}
ssh模块加入私钥连接
2021-05-31 10:03:01 +08:00
}
commit message
2020-12-29 17:17:10 +08:00
config := &ssh.ClientConfig{
refactor: 重构SSH扫描部分,超时生效
2024-12-19 19:31:32 +08:00
User: user,
Auth: auth,
commit message
2020-12-29 17:17:10 +08:00
HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
return nil
},
fix: SSH连接超时问题
2024-12-20 20:57:27 +08:00
Timeout: time.Duration(Common.Timeout) * time.Millisecond,
commit message
2020-12-29 17:17:10 +08:00
}
fix: SSH连接超时问题
2024-12-20 20:44:59 +08:00
client, err := ssh.Dial("tcp", fmt.Sprintf("%v:%v", info.Host, info.Ports), config)
refactor: 重构SSH扫描部分,超时生效
2024-12-19 19:31:32 +08:00
if err != nil {
return false, err
}
defer client.Close()
session, err := client.NewSession()
if err != nil {
return false, err
}
defer session.Close()
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
// 如果需要执行命令
refactor: 重构SSH扫描部分,超时生效
2024-12-19 19:31:32 +08:00
if Common.Command != "" {
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
_, err := session.CombinedOutput(Common.Command)
fix: SSH连接超时问题
2024-12-20 20:44:59 +08:00
if err != nil {
return true, err
}
commit message
2020-12-29 17:17:10 +08:00
}
refactor: 重构SSH扫描部分,超时生效
2024-12-19 19:31:32 +08:00
refactor: 输出格式重构,去掉所有插件的多线程,因为多线程会导致结果不准确,加入进度条
2025-01-01 07:18:36 +08:00
return true, nil
commit message
2020-12-29 17:17:10 +08:00
}
Reference in New Issue Copy Permalink