refactor: 为MS17010插件添加包控制功能

- 在checkMS17010Vulnerability和checkDoublePulsar方法中添加包控制检查 - 统一错误处理和包计数逻辑 - 确保所有TCP连接遵循发包限制
2025-09-14 14:06:44 +08:00 · 2025-09-02 12:04:26 +00:00 · 2025-09-02 12:04:26 +00:00 · 4054c767dd
commit 4054c767dd
parent 2385a730eb
1 changed files with 16 additions and 2 deletions
--- a/plugins/services/ms17010.go
+++ b/plugins/services/ms17010.go
@ -296,11 +296,18 @@ func init() {
 // checkMS17010Vulnerability 检测MS17-010漏洞 (从原始MS17010.go复制和适配)
 func (p *MS17010Plugin) checkMS17010Vulnerability(ip string) (bool, string, error) {
 	// 检查发包限制
 	if canSend, reason := common.CanSendPacket(); !canSend {
 		return false, "", fmt.Errorf("发包受限: %s", reason)
 	}
 	// 连接目标
 	conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
 	if err != nil {
 		common.IncrementTCPFailedPacketCount()
 		return false, "", fmt.Errorf("连接错误: %v", err)
 	}
 	common.IncrementTCPSuccessPacketCount()
 	defer conn.Close()
 	if err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)); err != nil {
@ -401,10 +408,17 @@ func (p *MS17010Plugin) checkMS17010Vulnerability(ip string) (bool, string, erro
 // checkDoublePulsar 检测DOUBLEPULSAR后门
 func (p *MS17010Plugin) checkDoublePulsar(ip string) bool {
-	conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
+	// 检查发包限制
-	if err != nil {
+	if canSend, _ := common.CanSendPacket(); !canSend {
 		return false
 	}
 	conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
 	if err != nil {
 		common.IncrementTCPFailedPacketCount()
 		return false
 	}
 	common.IncrementTCPSuccessPacketCount()
 	defer conn.Close()
 	// 简化的后门检测逻辑