mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-09-14 14:06:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
2e449c74ef
fscan/plugins/services/rabbitmq.go
ZacharyZcR 2e449c74ef 重构服务插件架构,移除冗余功能 
- 统一所有服务插件的实现模式,移除i18n国际化依赖
- 删除硬编码的备份凭据列表,统一使用GenerateCredentials()
- 移除过度工程化的Context取消检查
- 清理exploitation功能,专注于弱密码检测和服务识别
- 简化代码结构,移除冗余注释和说明文档
- 优化19个服务插件:activemq, cassandra, elasticsearch, ftp, kafka, ldap, memcached, mongodb, mssql, mysql, neo4j, oracle, postgresql, rabbitmq, rsync, smtp, snmp, telnet, vnc
- 代码总量减少约40%,提升维护效率

此次重构确保插件架构的一致性和简洁性
2025-08-26 17:44:43 +08:00

184 lines
3.6 KiB
Go
Raw Blame History

package services
import (
"context"
"fmt"
"io"
"net/http"
"strings"
"time"
"github.com/shadow1ng/fscan/common"
)
type RabbitMQPlugin struct {
name string
ports []int
}
func NewRabbitMQPlugin() *RabbitMQPlugin {
return &RabbitMQPlugin{
name: "rabbitmq",
ports: []int{5672, 15672, 5671},
}
}
func (p *RabbitMQPlugin) GetName() string {
return p.name
}
func (p *RabbitMQPlugin) GetPorts() []int {
return p.ports
}
func (p *RabbitMQPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
if common.DisableBrute {
return p.identifyService(ctx, info)
}
if info.Ports == "5672" || info.Ports == "5671" {
return p.testAMQPProtocol(ctx, info)
}
credentials := GenerateCredentials("rabbitmq")
if len(credentials) == 0 {
return &ScanResult{
Success: false,
Service: "rabbitmq",
Error: fmt.Errorf("没有可用的测试凭据"),
}
}
for _, cred := range credentials {
if p.testCredential(ctx, info, cred) {
common.LogSuccess(fmt.Sprintf("RabbitMQ %s %s:%s", target, cred.Username, cred.Password))
return &ScanResult{
Success: true,
Service: "rabbitmq",
Username: cred.Username,
Password: cred.Password,
}
}
}
return &ScanResult{
Success: false,
Service: "rabbitmq",
Error: fmt.Errorf("未发现弱密码"),
}
}
func (p *RabbitMQPlugin) testAMQPProtocol(ctx context.Context, info *common.HostInfo) *ScanResult {
return &ScanResult{
Success: true,
Service: "rabbitmq",
Banner: "RabbitMQ AMQP",
}
}
func (p *RabbitMQPlugin) testCredential(ctx context.Context, info *common.HostInfo, cred Credential) bool {
baseURL := fmt.Sprintf("http://%s:%s", info.Host, info.Ports)
client := &http.Client{
Timeout: time.Duration(common.Timeout) * time.Second,
}
req, err := http.NewRequestWithContext(ctx, "GET", baseURL+"/api/overview", nil)
if err != nil {
return false
}
req.SetBasicAuth(cred.Username, cred.Password)
req.Header.Set("Content-Type", "application/json")
resp, err := client.Do(req)
if err != nil {
return false
}
defer resp.Body.Close()
return resp.StatusCode == 200
}
func (p *RabbitMQPlugin) identifyService(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
if info.Ports == "5672" || info.Ports == "5671" {
return &ScanResult{
Success: true,
Service: "rabbitmq",
Banner: "RabbitMQ AMQP",
}
}
baseURL := fmt.Sprintf("http://%s:%s", info.Host, info.Ports)
client := &http.Client{
Timeout: time.Duration(common.Timeout) * time.Second,
}
req, err := http.NewRequestWithContext(ctx, "GET", baseURL, nil)
if err != nil {
return &ScanResult{
Success: false,
Service: "rabbitmq",
Error: err,
}
}
resp, err := client.Do(req)
if err != nil {
return &ScanResult{
Success: false,
Service: "rabbitmq",
Error: err,
}
}
defer resp.Body.Close()
var banner string
if resp.StatusCode == 200 || resp.StatusCode == 401 {
body, _ := io.ReadAll(resp.Body)
bodyStr := strings.ToLower(string(body))
if strings.Contains(bodyStr, "rabbitmq") {
banner = "RabbitMQ"
} else if strings.Contains(bodyStr, "management") {
banner = "RabbitMQ"
} else {
banner = "RabbitMQ"
}
} else {
return &ScanResult{
Success: false,
Service: "rabbitmq",
Error: fmt.Errorf("无法识别为RabbitMQ服务"),
}
}
common.LogSuccess(fmt.Sprintf("RabbitMQ %s %s", target, banner))
return &ScanResult{
Success: true,
Service: "rabbitmq",
Banner: banner,
}
}
// init 自动注册插件
func init() {
RegisterPlugin("rabbitmq", func() Plugin {
return NewRabbitMQPlugin()
})
}
Reference in New Issue View Git Blame Copy Permalink