mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-09-14 14:06:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor: 重构VNC和RDP插件使用统一发包控制

Browse Source 
- 修改VNC插件,在所有网络连接点添加发包控制和计数
- 修改RDP插件,在testRDPConnection和checkNLAStatus中添加发包控制
- 统一包计数逻辑,确保TCP连接成功和失败都正确计数
- 保持现有远程桌面检测功能完整性
This commit is contained in:
ZacharyZcR 2025-09-02 11:50:06 +00:00
parent 1febb54fe6
commit d9d0271d5b
2 changed files with 49 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
plugins/services/rdp.go
View File

@ -100,10 +100,18 @@ func (p *RDPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult
func (p *RDPPlugin) testRDPConnection(ctx context.Context, info *common.HostInfo) bool { func (p *RDPPlugin) testRDPConnection(ctx context.Context, info *common.HostInfo) bool {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports) target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second) // 检查发包限制
if err != nil { if canSend, reason := common.CanSendPacket(); !canSend {
common.LogError(fmt.Sprintf("RDP连接 %s 受限: %s", target, reason))
return false return false
} }
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil {
common.IncrementTCPFailedPacketCount()
return false
}
common.IncrementTCPSuccessPacketCount()
defer conn.Close() defer conn.Close()
conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)) conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
@ -136,13 +144,19 @@ func (p *RDPPlugin) testRDPConnection(ctx context.Context, info *common.HostInfo
// checkNLAStatus 检查网络级别身份验证状态 // checkNLAStatus 检查网络级别身份验证状态
func (p *RDPPlugin) checkNLAStatus(ctx context.Context, info *common.HostInfo) string { func (p *RDPPlugin) checkNLAStatus(ctx context.Context, info *common.HostInfo) string {
// 简化实现实际需要解析RDP协商响应 // 检查发包限制
target := fmt.Sprintf("%s:%s", info.Host, info.Ports) target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
if canSend, reason := common.CanSendPacket(); !canSend {
common.LogError(fmt.Sprintf("RDP NLA检测 %s 受限: %s", target, reason))
return "检测失败"
}
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second) conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil { if err != nil {
common.IncrementTCPFailedPacketCount()
return "检测失败" return "检测失败"
} }
common.IncrementTCPSuccessPacketCount()
defer conn.Close() defer conn.Close()
conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)) conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))

36
plugins/services/vnc.go
View File

@ -70,10 +70,18 @@ func (p *VNCPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult
func (p *VNCPlugin) testUnauthAccess(ctx context.Context, info *common.HostInfo) *ScanResult { func (p *VNCPlugin) testUnauthAccess(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports) target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second) // 检查发包限制
if err != nil { if canSend, reason := common.CanSendPacket(); !canSend {
common.LogError(fmt.Sprintf("VNC未授权检测 %s 受限: %s", target, reason))
return nil return nil
} }
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil {
common.IncrementTCPFailedPacketCount()
return nil
}
common.IncrementTCPSuccessPacketCount()
defer conn.Close() defer conn.Close()
conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)) conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
@ -105,10 +113,18 @@ func (p *VNCPlugin) testUnauthAccess(ctx context.Context, info *common.HostInfo)
func (p *VNCPlugin) testCredential(ctx context.Context, info *common.HostInfo, cred Credential) bool { func (p *VNCPlugin) testCredential(ctx context.Context, info *common.HostInfo, cred Credential) bool {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports) target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second) // 检查发包限制
if err != nil { if canSend, reason := common.CanSendPacket(); !canSend {
common.LogError(fmt.Sprintf("VNC认证测试 %s 受限: %s", target, reason))
return false return false
} }
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil {
common.IncrementTCPFailedPacketCount()
return false
}
common.IncrementTCPSuccessPacketCount()
defer conn.Close() defer conn.Close()
conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)) conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
@ -229,14 +245,26 @@ func (p *VNCPlugin) reverseBits(b byte) byte {
func (p *VNCPlugin) identifyService(ctx context.Context, info *common.HostInfo) *ScanResult { func (p *VNCPlugin) identifyService(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports) target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
// 检查发包限制
if canSend, reason := common.CanSendPacket(); !canSend {
common.LogError(fmt.Sprintf("VNC识别 %s 受限: %s", target, reason))
return &ScanResult{
Success: false,
Service: "vnc",
Error: fmt.Errorf("发包受限: %s", reason),
}
}
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second) conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil { if err != nil {
common.IncrementTCPFailedPacketCount()
return &ScanResult{ return &ScanResult{
Success: false, Success: false,
Service: "vnc", Service: "vnc",
Error: err, Error: err,
} }
} }
common.IncrementTCPSuccessPacketCount()
defer conn.Close() defer conn.Close()
conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second)) conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))