mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-09-14 14:06:44 +08:00
120bd9f341
将所有29个services插件从RegisterPlugin()转换为高效的RegisterPluginWithPorts()注册方式: 核心优化: - 消除启动时1200+无用插件实例创建(25插件×47次调用) - 统一插件注册机制,移除性能较差的旧接口 - 优化插件存在性检查,使用O(1)查询替代实例化检查 技术改进: - 移除旧RegisterPlugin()函数,简化代码路径 - 所有service插件使用统一高效注册方式 - 保持业务逻辑和外部接口完全不变 性能提升: - 显著减少启动时间和内存占用 - 消除重复的"加载了175个AV产品信息"日志输出 - 插件系统响应更快,扫描启动更迅速 影响范围:29个services插件全部完成转换 向后兼容:保持所有现有功能和接口不变
151 lines
3.2 KiB
Go
151 lines
3.2 KiB
Go
package services
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
"fmt"
|
|
"strings"
|
|
"time"
|
|
|
|
_ "github.com/lib/pq"
|
|
"github.com/shadow1ng/fscan/common"
|
|
)
|
|
|
|
type PostgreSQLPlugin struct {
|
|
name string
|
|
ports []int
|
|
}
|
|
|
|
func NewPostgreSQLPlugin() *PostgreSQLPlugin {
|
|
return &PostgreSQLPlugin{
|
|
name: "postgresql",
|
|
ports: []int{5432, 5433, 5434},
|
|
}
|
|
}
|
|
|
|
func (p *PostgreSQLPlugin) GetName() string {
|
|
return p.name
|
|
}
|
|
|
|
func (p *PostgreSQLPlugin) GetPorts() []int {
|
|
return p.ports
|
|
}
|
|
|
|
func (p *PostgreSQLPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult {
|
|
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
|
|
|
|
if common.DisableBrute {
|
|
return p.identifyService(ctx, info)
|
|
}
|
|
|
|
credentials := GenerateCredentials("postgresql")
|
|
if len(credentials) == 0 {
|
|
return &ScanResult{
|
|
Success: false,
|
|
Service: "postgresql",
|
|
Error: fmt.Errorf("没有可用的测试凭据"),
|
|
}
|
|
}
|
|
|
|
for _, cred := range credentials {
|
|
if db := p.testCredential(ctx, info, cred); db != nil {
|
|
db.Close()
|
|
|
|
common.LogSuccess(fmt.Sprintf("PostgreSQL %s %s:%s", target, cred.Username, cred.Password))
|
|
|
|
return &ScanResult{
|
|
Success: true,
|
|
Service: "postgresql",
|
|
Username: cred.Username,
|
|
Password: cred.Password,
|
|
}
|
|
}
|
|
}
|
|
|
|
return &ScanResult{
|
|
Success: false,
|
|
Service: "postgresql",
|
|
Error: fmt.Errorf("未发现弱密码"),
|
|
}
|
|
}
|
|
|
|
|
|
func (p *PostgreSQLPlugin) testCredential(ctx context.Context, info *common.HostInfo, cred Credential) *sql.DB {
|
|
connStr := fmt.Sprintf("postgres://%s:%s@%s:%s/postgres?sslmode=disable&connect_timeout=%d",
|
|
cred.Username, cred.Password, info.Host, info.Ports, common.Timeout)
|
|
|
|
db, err := sql.Open("postgres", connStr)
|
|
if err != nil {
|
|
return nil
|
|
}
|
|
|
|
db.SetConnMaxLifetime(time.Duration(common.Timeout) * time.Second)
|
|
db.SetMaxOpenConns(1)
|
|
db.SetMaxIdleConns(0)
|
|
|
|
pingCtx, cancel := context.WithTimeout(ctx, time.Duration(common.Timeout)*time.Second)
|
|
defer cancel()
|
|
|
|
err = db.PingContext(pingCtx)
|
|
if err != nil {
|
|
db.Close()
|
|
return nil
|
|
}
|
|
|
|
return db
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (p *PostgreSQLPlugin) identifyService(ctx context.Context, info *common.HostInfo) *ScanResult {
|
|
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
|
|
|
|
connStr := fmt.Sprintf("postgres://invalid:invalid@%s:%s/postgres?sslmode=disable&connect_timeout=%d",
|
|
info.Host, info.Ports, common.Timeout)
|
|
|
|
db, err := sql.Open("postgres", connStr)
|
|
if err != nil {
|
|
return &ScanResult{
|
|
Success: false,
|
|
Service: "postgresql",
|
|
Error: err,
|
|
}
|
|
}
|
|
defer db.Close()
|
|
|
|
pingCtx, cancel := context.WithTimeout(ctx, time.Duration(common.Timeout)*time.Second)
|
|
defer cancel()
|
|
|
|
err = db.PingContext(pingCtx)
|
|
|
|
var banner string
|
|
if err != nil && strings.Contains(strings.ToLower(err.Error()), "postgres") {
|
|
banner = "PostgreSQL"
|
|
} else if err == nil {
|
|
banner = "PostgreSQL"
|
|
} else {
|
|
return &ScanResult{
|
|
Success: false,
|
|
Service: "postgresql",
|
|
Error: fmt.Errorf("无法识别为PostgreSQL服务"),
|
|
}
|
|
}
|
|
|
|
common.LogSuccess(fmt.Sprintf("PostgreSQL %s %s", target, banner))
|
|
|
|
return &ScanResult{
|
|
Success: true,
|
|
Service: "postgresql",
|
|
Banner: banner,
|
|
}
|
|
}
|
|
|
|
func init() {
|
|
// 使用高效注册方式:直接传递端口信息,避免实例创建
|
|
RegisterPluginWithPorts("postgresql", func() Plugin {
|
|
return NewPostgreSQLPlugin()
|
|
}, []int{5432, 5433, 5434})
|
|
} |