From 4054c767dd0a6657df89dce2cc773a4e0022839e Mon Sep 17 00:00:00 2001 From: ZacharyZcR Date: Tue, 2 Sep 2025 12:04:26 +0000 Subject: [PATCH] =?UTF-8?q?refactor:=20=E4=B8=BAMS17010=E6=8F=92=E4=BB=B6?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E5=8C=85=E6=8E=A7=E5=88=B6=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 在checkMS17010Vulnerability和checkDoublePulsar方法中添加包控制检查 - 统一错误处理和包计数逻辑 - 确保所有TCP连接遵循发包限制 --- plugins/services/ms17010.go | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/plugins/services/ms17010.go b/plugins/services/ms17010.go index 9b55e28..0f0948a 100644 --- a/plugins/services/ms17010.go +++ b/plugins/services/ms17010.go @@ -296,11 +296,18 @@ func init() { // checkMS17010Vulnerability 检测MS17-010漏洞 (从原始MS17010.go复制和适配) func (p *MS17010Plugin) checkMS17010Vulnerability(ip string) (bool, string, error) { + // 检查发包限制 + if canSend, reason := common.CanSendPacket(); !canSend { + return false, "", fmt.Errorf("发包受限: %s", reason) + } + // 连接目标 conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second) if err != nil { + common.IncrementTCPFailedPacketCount() return false, "", fmt.Errorf("连接错误: %v", err) } + common.IncrementTCPSuccessPacketCount() defer conn.Close() if err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)); err != nil { @@ -401,10 +408,17 @@ func (p *MS17010Plugin) checkMS17010Vulnerability(ip string) (bool, string, erro // checkDoublePulsar 检测DOUBLEPULSAR后门 func (p *MS17010Plugin) checkDoublePulsar(ip string) bool { - conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second) - if err != nil { + // 检查发包限制 + if canSend, _ := common.CanSendPacket(); !canSend { return false } + + conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second) + if err != nil { + common.IncrementTCPFailedPacketCount() + return false + } + common.IncrementTCPSuccessPacketCount() defer conn.Close() // 简化的后门检测逻辑