package services

import (
	"bytes"
	"context"
	"encoding/hex"
	"fmt"
	"net"
	"strings"
	"time"

	"github.com/shadow1ng/fscan/common"
	"github.com/shadow1ng/fscan/plugins"
)

// SMBInfoPlugin SMB协议信息收集插件 - 收集操作系统和NTLM信息
type SMBInfoPlugin struct {
	plugins.BasePlugin
}

// NewSMBInfoPlugin 创建SMBInfo插件
func NewSMBInfoPlugin() *SMBInfoPlugin {
	return &SMBInfoPlugin{
		BasePlugin: plugins.NewBasePlugin("smbinfo"),
	}
}


// GetPorts 实现Plugin接口

// Scan 执行SMBInfo扫描 - SMB信息收集
func (p *SMBInfoPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult {
	target := fmt.Sprintf("%s:%s", info.Host, info.Ports)

	// 检查端口
	if info.Ports != "445" && info.Ports != "139" {
		return &ScanResult{
			Success: false,
			Service: "smbinfo",
			Error:   fmt.Errorf("SMBInfo插件仅支持139和445端口"),
		}
	}

	// 建立连接
	conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
	if err != nil {
		return &ScanResult{
			Success: false,
			Service: "smbinfo",
			Error:   fmt.Errorf("连接失败: %v", err),
		}
	}
	defer conn.Close()

	conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))

	// 执行SMB信息收集
	smbInfo, err := p.collectSMBInfo(conn, target)
	if err != nil {
		return &ScanResult{
			Success: false,
			Service: "smbinfo",
			Error:   err,
		}
	}

	// 记录SMB信息发现
	if smbInfo.Valid {
		msg := fmt.Sprintf("SMBInfo %s", target)
		if smbInfo.OSVersion != "" {
			msg += fmt.Sprintf(" [%s]", smbInfo.OSVersion)
		}
		if smbInfo.ComputerName != "" {
			msg += fmt.Sprintf(" %s", smbInfo.ComputerName)
		}
		msg += fmt.Sprintf(" %s", smbInfo.Protocol)
		common.LogSuccess(msg)
	}

	return &ScanResult{
		Success: smbInfo.Valid,
		Service: "smbinfo",
		Banner:  smbInfo.Summary(),
	}
}


// SMBInfo SMB信息结构
type SMBInfo struct {
	Valid        bool
	Protocol     string   // SMB1 或 SMB2
	ComputerName string
	DomainName   string
	OSVersion    string
	NativeOS     string
	NativeLM     string
	NTLMFlags    []string
}

// Summary 返回SMB信息摘要
func (si *SMBInfo) Summary() string {
	if !si.Valid {
		return "SMB信息收集失败"
	}

	var parts []string
	parts = append(parts, si.Protocol)
	
	if si.OSVersion != "" {
		parts = append(parts, si.OSVersion)
	}
	
	if si.ComputerName != "" {
		parts = append(parts, si.ComputerName)
	}

	return strings.Join(parts, " ")
}

// SMB协议数据包定义
var (
	smbv1Negotiate1 = []byte{
		0x00, 0x00, 0x00, 0x85, 0xFF, 0x53, 0x4D, 0x42, 0x72, 0x00, 0x00, 0x00, 0x00, 0x18, 0x53, 0xC8,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFE,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x62, 0x00, 0x02, 0x50, 0x43, 0x20, 0x4E, 0x45, 0x54, 0x57, 0x4F,
		0x52, 0x4B, 0x20, 0x50, 0x52, 0x4F, 0x47, 0x52, 0x41, 0x4D, 0x20, 0x31, 0x2E, 0x30, 0x00, 0x02,
		0x4C, 0x41, 0x4E, 0x4D, 0x41, 0x4E, 0x31, 0x2E, 0x30, 0x00, 0x02, 0x57, 0x69, 0x6E, 0x64, 0x6F,
		0x77, 0x73, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x57, 0x6F, 0x72, 0x6B, 0x67, 0x72, 0x6F, 0x75, 0x70,
		0x73, 0x20, 0x33, 0x2E, 0x31, 0x61, 0x00, 0x02, 0x4C, 0x4D, 0x31, 0x2E, 0x32, 0x58, 0x30, 0x30,
		0x32, 0x00, 0x02, 0x4C, 0x41, 0x4E, 0x4D, 0x41, 0x4E, 0x32, 0x2E, 0x31, 0x00, 0x02, 0x4E, 0x54,
		0x20, 0x4C, 0x4D, 0x20, 0x30, 0x2E, 0x31, 0x32, 0x00,
	}

	smbv1SessionSetup = []byte{
		0x00, 0x00, 0x01, 0x0A, 0xFF, 0x53, 0x4D, 0x42, 0x73, 0x00, 0x00, 0x00, 0x00, 0x18, 0x07, 0xC8,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFE,
		0x00, 0x00, 0x40, 0x00, 0x0C, 0xFF, 0x00, 0x0A, 0x01, 0x04, 0x41, 0x32, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x4A, 0x00, 0x00, 0x00, 0x00, 0x00, 0xD4, 0x00, 0x00, 0xA0, 0xCF, 0x00, 0x60,
		0x48, 0x06, 0x06, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x02, 0xA0, 0x3E, 0x30, 0x3C, 0xA0, 0x0E, 0x30,
		0x0C, 0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x02, 0x0A, 0xA2, 0x2A, 0x04,
		0x28, 0x4E, 0x54, 0x4C, 0x4D, 0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00, 0x07, 0x82, 0x08,
		0xA2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x05, 0x02, 0xCE, 0x0E, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x57, 0x00, 0x69, 0x00, 0x6E, 0x00,
		0x64, 0x00, 0x6F, 0x00, 0x77, 0x00, 0x73, 0x00, 0x20, 0x00, 0x53, 0x00, 0x65, 0x00, 0x72, 0x00,
		0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00, 0x32, 0x00, 0x30, 0x00, 0x30, 0x00, 0x33, 0x00,
		0x20, 0x00, 0x33, 0x00, 0x37, 0x00, 0x39, 0x00, 0x30, 0x00, 0x20, 0x00, 0x53, 0x00, 0x65, 0x00,
		0x72, 0x00, 0x76, 0x00, 0x69, 0x00, 0x63, 0x00, 0x65, 0x00, 0x20, 0x00, 0x50, 0x00, 0x61, 0x00,
		0x63, 0x00, 0x6B, 0x00, 0x20, 0x00, 0x32, 0x00, 0x00, 0x00, 0x00, 0x00, 0x57, 0x00, 0x69, 0x00,
		0x6E, 0x00, 0x64, 0x00, 0x6F, 0x00, 0x77, 0x00, 0x73, 0x00, 0x20, 0x00, 0x53, 0x00, 0x65, 0x00,
		0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x20, 0x00, 0x32, 0x00, 0x30, 0x00, 0x30, 0x00,
		0x33, 0x00, 0x20, 0x00, 0x35, 0x00, 0x2E, 0x00, 0x32, 0x00, 0x00, 0x00, 0x00, 0x00,
	}

	smbv2Negotiate1 = []byte{
		0x00, 0x00, 0x00, 0x45, 0xFF, 0x53, 0x4D, 0x42, 0x72, 0x00,
		0x00, 0x00, 0x00, 0x18, 0x01, 0x48, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF,
		0xAC, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x22, 0x00, 0x02,
		0x4E, 0x54, 0x20, 0x4C, 0x4D, 0x20, 0x30, 0x2E, 0x31, 0x32,
		0x00, 0x02, 0x53, 0x4D, 0x42, 0x20, 0x32, 0x2E, 0x30, 0x30,
		0x32, 0x00, 0x02, 0x53, 0x4D, 0x42, 0x20, 0x32, 0x2E, 0x3F,
		0x3F, 0x3F, 0x00,
	}

	smbv2SessionSetup1 = []byte{
		0x00, 0x00, 0x00, 0x68, 0xFE, 0x53, 0x4D, 0x42, 0x40, 0x00,
		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24, 0x00,
		0x02, 0x00, 0x01, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x02, 0x02, 0x10, 0x02,
	}
)

// collectSMBInfo 收集SMB信息
func (p *SMBInfoPlugin) collectSMBInfo(conn net.Conn, target string) (*SMBInfo, error) {
	// 首先尝试SMBv1协商
	_, err := conn.Write(smbv1Negotiate1)
	if err != nil {
		return nil, fmt.Errorf("发送SMBv1协商包失败: %v", err)
	}

	// 读取SMBv1协商响应
	r1, err := p.readBytes(conn)
	if err != nil {
		common.LogDebug(fmt.Sprintf("读取SMBv1协商响应失败: %v", err))
	}

	// 检查是否支持SMBv1
	if len(r1) > 0 {
		// SMBv1路径
		return p.handleSMBv1(conn, target)
	} else {
		// SMBv2路径
		return p.handleSMBv2(target)
	}
}

// handleSMBv1 处理SMBv1协议信息收集
func (p *SMBInfoPlugin) handleSMBv1(conn net.Conn, target string) (*SMBInfo, error) {
	// 发送Session Setup请求
	_, err := conn.Write(smbv1SessionSetup)
	if err != nil {
		return nil, fmt.Errorf("发送SMBv1 Session Setup失败: %v", err)
	}

	ret, err := p.readBytes(conn)
	if err != nil || len(ret) < 45 {
		return nil, fmt.Errorf("读取SMBv1 Session Setup响应失败: %v", err)
	}

	info := &SMBInfo{
		Valid:    true,
		Protocol: "SMBv1",
	}

	// 解析blob信息
	blobLength := p.bytesToUint16(ret[43:45])
	blobCount := p.bytesToUint16(ret[45:47])

	if int(blobCount) > len(ret) {
		return info, nil
	}

	gssNative := ret[47:]
	offNTLM := bytes.Index(gssNative, []byte("NTLMSSP"))
	if offNTLM == -1 {
		return info, nil
	}

	// 提取native OS和LM信息
	native := gssNative[int(blobLength):blobCount]
	ss := strings.Split(string(native), "\x00\x00")

	if len(ss) > 0 {
		info.NativeOS = p.trimName(ss[0])
	}
	if len(ss) > 1 {
		info.NativeLM = p.trimName(ss[1])
	}

	// 解析NTLM信息
	bs := gssNative[offNTLM:blobLength]
	p.parseNTLMChallenge(bs, info)

	return info, nil
}

// handleSMBv2 处理SMBv2协议信息收集
func (p *SMBInfoPlugin) handleSMBv2(target string) (*SMBInfo, error) {
	// 重新建立连接处理SMBv2
	conn2, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
	if err != nil {
		return nil, fmt.Errorf("SMBv2连接失败: %v", err)
	}
	defer conn2.Close()

	conn2.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))

	// 发送SMBv2协商包
	_, err = conn2.Write(smbv2Negotiate1)
	if err != nil {
		return nil, fmt.Errorf("发送SMBv2协商包失败: %v", err)
	}

	r2, err := p.readBytes(conn2)
	if err != nil {
		return nil, fmt.Errorf("读取SMBv2协商响应失败: %v", err)
	}

	// 构建NTLM数据包
	var ntlmData []byte
	if len(r2) > 70 && hex.EncodeToString(r2[70:71]) == "03" {
		flags := []byte{0x15, 0x82, 0x08, 0xa0}
		ntlmData = p.getNTLMSSPData(flags)
	} else {
		flags := []byte{0x05, 0x80, 0x08, 0xa0}
		ntlmData = p.getNTLMSSPData(flags)
	}

	// 发送Session Setup
	_, err = conn2.Write(smbv2SessionSetup1)
	if err != nil {
		return nil, fmt.Errorf("发送SMBv2 Session Setup失败: %v", err)
	}

	_, err = p.readBytes(conn2)
	if err != nil {
		return nil, fmt.Errorf("读取SMBv2 Session Setup响应失败: %v", err)
	}

	// 发送NTLM协商包
	_, err = conn2.Write(ntlmData)
	if err != nil {
		return nil, fmt.Errorf("发送SMBv2 NTLM包失败: %v", err)
	}

	ret, err := p.readBytes(conn2)
	if err != nil {
		return nil, fmt.Errorf("读取SMBv2 NTLM响应失败: %v", err)
	}

	ntlmOff := bytes.Index(ret, []byte("NTLMSSP"))
	if ntlmOff == -1 {
		return &SMBInfo{Valid: true, Protocol: "SMBv2"}, nil
	}

	info := &SMBInfo{
		Valid:    true,
		Protocol: "SMBv2",
	}

	p.parseNTLMChallenge(ret[ntlmOff:], info)
	return info, nil
}

// readBytes 从连接读取NetBIOS消息
func (p *SMBInfoPlugin) readBytes(conn net.Conn) ([]byte, error) {
	// 读取NetBIOS头部(4字节)
	headerBuf := make([]byte, 4)
	n, err := conn.Read(headerBuf)
	if err != nil {
		return nil, err
	}
	if n != 4 {
		return nil, fmt.Errorf("NetBIOS头部长度不足: %d", n)
	}

	// 解析消息长度(大端序)
	messageLength := int(headerBuf[0])<<24 | int(headerBuf[1])<<16 | int(headerBuf[2])<<8 | int(headerBuf[3])

	// 防止过大的消息
	if messageLength > 1024*1024 {
		return nil, fmt.Errorf("消息长度过大: %d", messageLength)
	}

	if messageLength == 0 {
		return headerBuf, nil
	}

	// 读取消息体
	messageBuf := make([]byte, messageLength)
	totalRead := 0
	for totalRead < messageLength {
		n, err := conn.Read(messageBuf[totalRead:])
		if err != nil {
			return nil, err
		}
		totalRead += n
	}

	// 返回完整消息
	result := make([]byte, 0, 4+messageLength)
	result = append(result, headerBuf...)
	result = append(result, messageBuf...)

	return result, nil
}

// parseNTLMChallenge 解析NTLM Challenge消息
func (p *SMBInfoPlugin) parseNTLMChallenge(data []byte, info *SMBInfo) {
	if len(data) < 32 {
		return
	}

	// 检查NTLM签名
	if !bytes.Equal(data[0:8], []byte("NTLMSSP\x00")) {
		return
	}

	// 检查消息类型
	if len(data) < 12 {
		return
	}
	messageType := p.bytesToUint32(data[8:12])
	if messageType != 2 {
		return
	}

	// 解析Target Name
	if len(data) >= 20 {
		targetLength := p.bytesToUint16(data[12:14])
		targetOffset := p.bytesToUint32(data[16:20])

		if targetLength > 0 && int(targetOffset) < len(data) && int(targetOffset+uint32(targetLength)) <= len(data) {
			targetName := p.parseUnicodeString(data[targetOffset : targetOffset+uint32(targetLength)])
			if targetName != "" {
				info.DomainName = targetName
			}
		}
	}

	// 解析Flags
	if len(data) >= 24 {
		flags := p.bytesToUint32(data[20:24])
		info.NTLMFlags = p.parseNTLMFlags(flags)
	}

	// 解析Target Info (AV_PAIR结构)
	if len(data) >= 52 {
		targetInfoLength := p.bytesToUint16(data[40:42])
		targetInfoOffset := p.bytesToUint32(data[44:48])

		if targetInfoLength > 0 && int(targetInfoOffset) < len(data) &&
			int(targetInfoOffset+uint32(targetInfoLength)) <= len(data) {
			targetInfoData := data[targetInfoOffset : targetInfoOffset+uint32(targetInfoLength)]
			p.parseTargetInfo(targetInfoData, info)
		}
	}

	// 解析OS版本信息
	if len(data) >= 56 {
		flags := p.bytesToUint32(data[20:24])
		// NTLMSSP_NEGOTIATE_VERSION = 0x02000000
		if flags&0x02000000 != 0 && len(data) >= 56 {
			p.parseOSVersion(data[48:56], info)
		}
	}
}

// parseTargetInfo 解析Target Information
func (p *SMBInfoPlugin) parseTargetInfo(data []byte, info *SMBInfo) {
	offset := 0

	for offset+4 <= len(data) {
		avId := p.bytesToUint16(data[offset : offset+2])
		avLen := p.bytesToUint16(data[offset+2 : offset+4])

		if avId == 0x0000 { // MsvAvEOL
			break
		}

		if offset+4+int(avLen) > len(data) {
			break
		}

		value := data[offset+4 : offset+4+int(avLen)]

		switch avId {
		case 0x0001: // MsvAvNbComputerName
			computerName := p.parseUnicodeString(value)
			if computerName != "" {
				info.ComputerName = computerName
			}
		case 0x0002: // MsvAvNbDomainName
			if info.DomainName == "" {
				domainName := p.parseUnicodeString(value)
				if domainName != "" {
					info.DomainName = domainName
				}
			}
		case 0x0003: // MsvAvDnsComputerName
			if info.ComputerName == "" {
				dnsComputerName := p.parseUnicodeString(value)
				if dnsComputerName != "" {
					info.ComputerName = dnsComputerName
				}
			}
		}

		offset += 4 + int(avLen)
	}
}

// parseOSVersion 解析操作系统版本
func (p *SMBInfoPlugin) parseOSVersion(data []byte, info *SMBInfo) {
	if len(data) < 8 {
		return
	}

	majorVersion := data[0]
	minorVersion := data[1]
	buildNumber := p.bytesToUint16(data[2:4])

	// Windows版本映射
	var osName string
	switch {
	case majorVersion == 10 && minorVersion == 0:
		if buildNumber >= 22000 {
			osName = "Windows 11"
		} else {
			osName = "Windows 10"
		}
	case majorVersion == 6 && minorVersion == 3:
		osName = "Windows 8.1/Server 2012 R2"
	case majorVersion == 6 && minorVersion == 2:
		osName = "Windows 8/Server 2012"
	case majorVersion == 6 && minorVersion == 1:
		osName = "Windows 7/Server 2008 R2"
	case majorVersion == 6 && minorVersion == 0:
		osName = "Windows Vista/Server 2008"
	case majorVersion == 5 && minorVersion == 2:
		osName = "Windows XP x64/Server 2003"
	case majorVersion == 5 && minorVersion == 1:
		osName = "Windows XP"
	case majorVersion == 5 && minorVersion == 0:
		osName = "Windows 2000"
	default:
		osName = fmt.Sprintf("Windows %d.%d", majorVersion, minorVersion)
	}

	info.OSVersion = fmt.Sprintf("%s (Build %d)", osName, buildNumber)
}

// 辅助函数
func (p *SMBInfoPlugin) bytesToUint16(b []byte) uint16 {
	if len(b) < 2 {
		return 0
	}
	return uint16(b[0]) | uint16(b[1])<<8
}

func (p *SMBInfoPlugin) bytesToUint32(b []byte) uint32 {
	if len(b) < 4 {
		return 0
	}
	return uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24
}

func (p *SMBInfoPlugin) trimName(s string) string {
	return strings.Trim(strings.TrimSpace(s), "\x00")
}

func (p *SMBInfoPlugin) parseUnicodeString(data []byte) string {
	if len(data)%2 != 0 {
		return ""
	}

	var runes []rune
	for i := 0; i < len(data); i += 2 {
		if i+1 >= len(data) {
			break
		}
		// UTF-16LE: 低字节在前
		r := uint16(data[i]) | uint16(data[i+1])<<8
		if r == 0 {
			break
		}
		runes = append(runes, rune(r))
	}
	return string(runes)
}

func (p *SMBInfoPlugin) parseNTLMFlags(flags uint32) []string {
	flagNames := map[uint32]string{
		0x00000001: "NEGOTIATE_UNICODE",
		0x00000002: "NEGOTIATE_OEM",
		0x00000004: "REQUEST_TARGET",
		0x00000010: "NEGOTIATE_SIGN",
		0x00000020: "NEGOTIATE_SEAL",
		0x00000200: "NEGOTIATE_NTLM",
		0x00080000: "NEGOTIATE_EXTENDED_SESSIONSECURITY",
		0x02000000: "NEGOTIATE_VERSION",
		0x20000000: "NEGOTIATE_128",
		0x80000000: "NEGOTIATE_56",
	}

	var activeFlags []string
	for flag, name := range flagNames {
		if flags&flag != 0 {
			activeFlags = append(activeFlags, name)
		}
	}

	return activeFlags
}

func (p *SMBInfoPlugin) getNTLMSSPData(flags []byte) []byte {
	return []byte{
		0x00, 0x00, 0x00, 0x9A, 0xFE, 0x53, 0x4D, 0x42, 0x40, 0x00,
		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x19, 0x00,
		0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x58, 0x00, 0x42, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x60, 0x40, 0x06, 0x06, 0x2B, 0x06, 0x01, 0x05,
		0x05, 0x02, 0xA0, 0x36, 0x30, 0x34, 0xA0, 0x0E, 0x30, 0x0C,
		0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02,
		0x02, 0x0A, 0xA2, 0x22, 0x04, 0x20, 0x4E, 0x54, 0x4C, 0x4D,
		0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00,
		flags[0], flags[1], flags[2], flags[3],
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	}
}

// init 自动注册插件
func init() {
	// 使用高效注册方式：直接传递端口信息，避免实例创建
	RegisterPluginWithPorts("smbinfo", func() Plugin {
		return NewSMBInfoPlugin()
	}, []int{139, 445})
}