mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-09-14 14:06:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
120bd9f341
fscan/plugins/services/mssql.go
ZacharyZcR 120bd9f341 perf: 完成services插件注册机制全面优化 
将所有29个services插件从RegisterPlugin()转换为高效的RegisterPluginWithPorts()注册方式:

核心优化:
- 消除启动时1200+无用插件实例创建(25插件×47次调用)
- 统一插件注册机制,移除性能较差的旧接口
- 优化插件存在性检查,使用O(1)查询替代实例化检查

技术改进:
- 移除旧RegisterPlugin()函数,简化代码路径
- 所有service插件使用统一高效注册方式
- 保持业务逻辑和外部接口完全不变

性能提升:
- 显著减少启动时间和内存占用
- 消除重复的"加载了175个AV产品信息"日志输出
- 插件系统响应更快,扫描启动更迅速

影响范围:29个services插件全部完成转换
向后兼容:保持所有现有功能和接口不变
2025-08-26 20:25:37 +08:00

154 lines
3.3 KiB
Go
Raw Blame History

package services
import (
"context"
"database/sql"
"fmt"
"strings"
"time"
_ "github.com/denisenkom/go-mssqldb"
"github.com/shadow1ng/fscan/common"
)
type MSSQLPlugin struct {
name string
ports []int
}
func NewMSSQLPlugin() *MSSQLPlugin {
return &MSSQLPlugin{
name: "mssql",
ports: []int{1433, 1434},
}
}
func (p *MSSQLPlugin) GetName() string {
return p.name
}
func (p *MSSQLPlugin) GetPorts() []int {
return p.ports
}
func (p *MSSQLPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
if common.DisableBrute {
return p.identifyService(ctx, info)
}
credentials := GenerateCredentials("mssql")
if len(credentials) == 0 {
return &ScanResult{
Success: false,
Service: "mssql",
Error: fmt.Errorf("没有可用的测试凭据"),
}
}
for _, cred := range credentials {
if db := p.testCredential(ctx, info, cred); db != nil {
db.Close()
common.LogSuccess(fmt.Sprintf("MSSQL %s %s:%s", target, cred.Username, cred.Password))
return &ScanResult{
Success: true,
Service: "mssql",
Username: cred.Username,
Password: cred.Password,
}
}
}
return &ScanResult{
Success: false,
Service: "mssql",
Error: fmt.Errorf("未发现弱密码"),
}
}
func (p *MSSQLPlugin) testCredential(ctx context.Context, info *common.HostInfo, cred Credential) *sql.DB {
connStr := fmt.Sprintf("server=%s;user id=%s;password=%s;port=%s;database=master;connection timeout=%d",
info.Host, cred.Username, cred.Password, info.Ports, common.Timeout)
db, err := sql.Open("mssql", connStr)
if err != nil {
return nil
}
db.SetConnMaxLifetime(time.Duration(common.Timeout) * time.Second)
db.SetMaxOpenConns(1)
db.SetMaxIdleConns(0)
pingCtx, cancel := context.WithTimeout(ctx, time.Duration(common.Timeout)*time.Second)
defer cancel()
err = db.PingContext(pingCtx)
if err != nil {
db.Close()
return nil
}
return db
}
func (p *MSSQLPlugin) identifyService(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
connStr := fmt.Sprintf("server=%s;user id=invalid;password=invalid;port=%s;database=master;connection timeout=%d",
info.Host, info.Ports, common.Timeout)
db, err := sql.Open("mssql", connStr)
if err != nil {
return &ScanResult{
Success: false,
Service: "mssql",
Error: err,
}
}
defer db.Close()
pingCtx, cancel := context.WithTimeout(ctx, time.Duration(common.Timeout)*time.Second)
defer cancel()
err = db.PingContext(pingCtx)
var banner string
if err != nil && (strings.Contains(strings.ToLower(err.Error()), "login failed") ||
strings.Contains(strings.ToLower(err.Error()), "mssql") ||
strings.Contains(strings.ToLower(err.Error()), "sql server")) {
banner = "MSSQL"
} else if err == nil {
banner = "MSSQL"
} else {
return &ScanResult{
Success: false,
Service: "mssql",
Error: fmt.Errorf("无法识别为MSSQL服务"),
}
}
common.LogSuccess(fmt.Sprintf("MSSQL %s %s", target, banner))
return &ScanResult{
Success: true,
Service: "mssql",
Banner: banner,
}
}
func init() {
// 使用高效注册方式:直接传递端口信息,避免实例创建
RegisterPluginWithPorts("mssql", func() Plugin {
return NewMSSQLPlugin()
}, []int{1433, 1434})
}
Reference in New Issue View Git Blame Copy Permalink