From 60eb65766a51f558217d7affc2785e559c317f24 Mon Sep 17 00:00:00 2001 From: ZacharyZcR Date: Mon, 11 Aug 2025 21:16:28 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=B8=BAWrapperTcpWithContext=E5=92=8CW?= =?UTF-8?q?rapperTlsWithContext=E6=B7=BB=E5=8A=A0SOCKS5=E4=BB=A3=E7=90=86?= =?UTF-8?q?=E6=94=AF=E6=8C=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 修复核心TCP包装函数,检测并使用SOCKS5代理配置 - 添加TLS连接的代理支持 - 实现优雅降级:代理失败时自动回退到直连 - 添加详细的调试日志记录代理使用情况 - 修复影响PostgreSQL、Cassandra、Telnet、LDAP、IMAP等服务插件的代理功能 解决的问题: - 之前只有WebScan和MySQL支持SOCKS5代理 - 现在所有使用WrapperTcpWithContext的服务都支持代理 - 保持与现有MySQL自定义实现的兼容性 --- Common/common.go | 49 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 47 insertions(+), 2 deletions(-) diff --git a/Common/common.go b/Common/common.go index 5186863..c557aed 100644 --- a/Common/common.go +++ b/Common/common.go @@ -18,6 +18,7 @@ import ( "github.com/shadow1ng/fscan/common/base" "github.com/shadow1ng/fscan/common/logging" "github.com/shadow1ng/fscan/common/output" + "github.com/shadow1ng/fscan/common/proxy" ) // ============================================================================= @@ -177,14 +178,58 @@ func WrapperTcpWithTimeout(network, address string, timeout time.Duration) (net. return net.DialTimeout(network, address, timeout) } -// WrapperTcpWithContext TCP连接包装器,带上下文 +// WrapperTcpWithContext TCP连接包装器,带上下文和代理支持 func WrapperTcpWithContext(ctx context.Context, network, address string) (net.Conn, error) { + // 检查是否配置了SOCKS5代理 + if Socks5Proxy != "" { + proxyConfig := &proxy.ProxyConfig{ + Type: proxy.ProxyTypeSOCKS5, + Address: Socks5Proxy, + Timeout: time.Second * 10, + } + + proxyManager := proxy.NewProxyManager(proxyConfig) + dialer, err := proxyManager.GetDialer() + if err != nil { + LogDebug(fmt.Sprintf("SOCKS5代理连接失败,回退到直连: %v", err)) + // 代理失败时回退到直连 + var d net.Dialer + return d.DialContext(ctx, network, address) + } + + LogDebug(fmt.Sprintf("使用SOCKS5代理连接: %s -> %s", Socks5Proxy, address)) + return dialer.DialContext(ctx, network, address) + } + + // 没有配置代理,使用直连 var d net.Dialer return d.DialContext(ctx, network, address) } -// WrapperTlsWithContext TLS连接包装器,带上下文 +// WrapperTlsWithContext TLS连接包装器,带上下文和代理支持 func WrapperTlsWithContext(ctx context.Context, network, address string, config *tls.Config) (net.Conn, error) { + // 检查是否配置了SOCKS5代理 + if Socks5Proxy != "" { + proxyConfig := &proxy.ProxyConfig{ + Type: proxy.ProxyTypeSOCKS5, + Address: Socks5Proxy, + Timeout: time.Second * 10, + } + + proxyManager := proxy.NewProxyManager(proxyConfig) + tlsDialer, err := proxyManager.GetTLSDialer() + if err != nil { + LogDebug(fmt.Sprintf("SOCKS5代理TLS连接失败,回退到直连: %v", err)) + // 代理失败时回退到直连 + d := &tls.Dialer{Config: config} + return d.DialContext(ctx, network, address) + } + + LogDebug(fmt.Sprintf("使用SOCKS5代理TLS连接: %s -> %s", Socks5Proxy, address)) + return tlsDialer.DialTLSContext(ctx, network, address, config) + } + + // 没有配置代理,使用直连 d := &tls.Dialer{Config: config} return d.DialContext(ctx, network, address) }