package vnc

import (
	"context"
	"fmt"

	"github.com/shadow1ng/fscan/common"
	"github.com/shadow1ng/fscan/common/i18n"
	"github.com/shadow1ng/fscan/plugins/base"
)

// VNCExploiter VNC利用器
type VNCExploiter struct {
	connector *VNCConnector
}

// NewVNCExploiter 创建VNC利用器
func NewVNCExploiter() *VNCExploiter {
	return &VNCExploiter{
		connector: NewVNCConnector(),
	}
}

// Exploit 执行VNC利用
func (e *VNCExploiter) Exploit(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
	target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
	
	// 尝试连接VNC服务
	conn, err := e.connector.Connect(ctx, info)
	if err != nil {
		return &base.ExploitResult{
			Success: false,
			Error:   fmt.Errorf("VNC连接失败: %v", err),
		}, nil
	}
	
	// 尝试认证
	authErr := e.connector.Authenticate(ctx, conn, creds)
	if authErr != nil {
		return &base.ExploitResult{
			Success: false,
			Error:   authErr,
		}, nil
	}
	
	// 认证成功，收集信息
	connectionInfo := conn.(map[string]interface{})
	version := connectionInfo["version"].(string)
	
	exploitData := map[string]interface{}{
		"service":     "VNC",
		"target":      target,
		"version":     version,
		"credentials": map[string]string{
			"username": creds.Username,
			"password": creds.Password,
		},
		"access_type": e.getAccessType(creds),
		"description": "VNC远程桌面访问",
	}
	
	// 尝试获取更多信息
	e.gatherVNCInfo(ctx, info, exploitData)
	
	common.LogSuccess(i18n.GetText("exploit_success", "VNC", target))
	
	return &base.ExploitResult{
		Success: true,
		Output:  fmt.Sprintf("VNC利用成功 - %s", target),
		Data:    exploitData,
	}, nil
}

// IsExploitSupported 检查是否支持指定的利用类型
func (e *VNCExploiter) IsExploitSupported(exploitType base.ExploitType) bool {
	switch exploitType {
	case base.ExploitDataExtraction:
		return true
	case base.ExploitUnauthorized:
		return true
	default:
		return false
	}
}

// getAccessType 获取访问类型描述
func (e *VNCExploiter) getAccessType(creds *base.Credential) string {
	if creds.Password == "" {
		return "无认证访问"
	}
	return "密码认证访问"
}

// gatherVNCInfo 收集VNC相关信息
func (e *VNCExploiter) gatherVNCInfo(ctx context.Context, info *common.HostInfo, data map[string]interface{}) {
	// 添加端口信息
	if portNum := info.Ports; portNum != "" {
		data["port"] = portNum
		
		// VNC端口通常对应显示器编号
		if len(portNum) >= 4 && portNum[:2] == "59" {
			if displayNum := portNum[2:]; len(displayNum) >= 2 {
				data["display_number"] = displayNum
				data["display_info"] = fmt.Sprintf("VNC显示器 :%s", displayNum)
			}
		}
	}
	
	// 添加安全信息
	data["security_info"] = map[string]interface{}{
		"encryption_support":    "取决于VNC版本",
		"authentication_types":  []string{"None", "VNC Authentication", "RA2", "RA2ne", "Tight", "ARD"},
		"common_vulnerabilities": []string{
			"弱密码",
			"无认证访问",
			"未加密传输",
			"DES加密漏洞",
		},
	}
	
	// 添加建议的后续操作
	data["next_steps"] = []string{
		"尝试连接VNC客户端进行远程控制",
		"检查VNC服务配置",
		"查看可用的安全设置",
		"评估网络流量加密状态",
	}
	
	// 添加风险评估
	risk := "中等"
	if data["access_type"] == "无认证访问" {
		risk = "高"
	}
	data["risk_level"] = risk
}

// GetSupportedExploits 获取支持的利用类型
func (e *VNCExploiter) GetSupportedExploits() []base.ExploitType {
	return []base.ExploitType{
		base.ExploitDataExtraction,
		base.ExploitUnauthorized,
	}
}

// GetExploitDescription 获取利用描述
func (e *VNCExploiter) GetExploitDescription(exploitType base.ExploitType) string {
	switch exploitType {
	case base.ExploitDataExtraction:
		return "收集VNC服务信息，包括版本、认证类型等"
	case base.ExploitUnauthorized:
		return "尝试无认证访问或弱密码攻击VNC服务"
	default:
		return "未知的利用类型"
	}
}