mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-09-14 05:56:46 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
8f54702c02
fscan/plugins/services/smtp.go
ZacharyZcR 8f54702c02 refactor: 精准修复插件系统三个设计问题 
经Linus式架构审计,发现并修复插件系统中的具体问题:

## 核心修复

### 1. 消除local插件GetPorts()方法冗余
- 删除21个local插件中无意义的GetPorts()方法
- 简化local.Plugin接口:移除端口概念
- 理由:本地插件不涉及网络,端口概念完全多余

### 2. 消除web插件GetPorts()方法冗余
- 删除2个web插件中无用的GetPorts()方法
- 简化web.WebPlugin接口:专注智能HTTP检测
- 理由:Web插件使用动态HTTP检测,预定义端口无价值

### 3. 统一插件命名规范
- 统一所有插件接口使用Name()方法(符合Go惯例)
- 消除GetName()与Name()不一致问题
- 简化适配器:不再需要方法名转换

## 技术改进

接口精简:
- local插件:GetName() + GetPorts() → Name()
- web插件:GetName() + GetPorts() → Name()
- services插件:GetName() → Name()(保留GetPorts(),业务必需)

代码减少:
- 删除23个无用GetPorts()方法
- 重命名52个Name()方法
- 简化3个插件接口定义

## 影响范围

修改文件:55个插件文件
代码变更:-155行 +61行(净减少94行)
功能影响:零破坏性,保持所有业务逻辑不变

这是基于业务需求分析的精准重构,消除真正多余的部分,
保持系统架构合理性和向后兼容性。
2025-08-26 20:38:39 +08:00

204 lines
4.2 KiB
Go
Raw Blame History

package services
import (
"context"
"crypto/tls"
"fmt"
"net"
"net/smtp"
"strings"
"time"
"github.com/shadow1ng/fscan/common"
)
type SMTPPlugin struct {
name string
ports []int
}
func NewSMTPPlugin() *SMTPPlugin {
return &SMTPPlugin{
name: "smtp",
ports: []int{25, 465, 587, 2525},
}
}
func (p *SMTPPlugin) Name() string {
return p.name
}
func (p *SMTPPlugin) GetPorts() []int {
return p.ports
}
func (p *SMTPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
if common.DisableBrute {
return p.identifyService(ctx, info)
}
if result := p.testOpenRelay(ctx, info); result != nil && result.Success {
common.LogSuccess(fmt.Sprintf("SMTP %s 开放中继", target))
return result
}
credentials := GenerateCredentials("smtp")
if len(credentials) == 0 {
return &ScanResult{
Success: false,
Service: "smtp",
Error: fmt.Errorf("没有可用的测试凭据"),
}
}
for _, cred := range credentials {
if p.testCredential(ctx, info, cred) {
common.LogSuccess(fmt.Sprintf("SMTP %s %s:%s", target, cred.Username, cred.Password))
return &ScanResult{
Success: true,
Service: "smtp",
Username: cred.Username,
Password: cred.Password,
}
}
}
return &ScanResult{
Success: false,
Service: "smtp",
Error: fmt.Errorf("未发现弱密码"),
}
}
func (p *SMTPPlugin) testOpenRelay(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
client, err := smtp.Dial(target)
if err != nil {
return nil
}
defer client.Quit()
if err := client.Hello("fscan.test"); err != nil {
return nil
}
if err := client.Mail("test@fscan.test"); err != nil {
return nil
}
if err := client.Rcpt("external@example.com"); err != nil {
return nil
}
return &ScanResult{
Success: true,
Service: "smtp",
Banner: "开放中继",
}
}
func (p *SMTPPlugin) testCredential(ctx context.Context, info *common.HostInfo, cred Credential) bool {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
var client *smtp.Client
var err error
if info.Ports == "465" {
conn, err := tls.Dial("tcp", target, &tls.Config{InsecureSkipVerify: true})
if err != nil {
return false
}
defer conn.Close()
client, err = smtp.NewClient(conn, info.Host)
if err != nil {
return false
}
} else {
client, err = smtp.Dial(target)
if err != nil {
return false
}
}
defer client.Quit()
if ok, _ := client.Extension("STARTTLS"); ok {
if err := client.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil {
}
}
auth := smtp.PlainAuth("", cred.Username, cred.Password, info.Host)
if err := client.Auth(auth); err != nil {
return false
}
return true
}
func (p *SMTPPlugin) getServerInfo(ctx context.Context, info *common.HostInfo) string {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil {
return ""
}
defer conn.Close()
conn.SetReadDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
buffer := make([]byte, 1024)
n, err := conn.Read(buffer)
if err != nil {
return ""
}
welcome := strings.TrimSpace(string(buffer[:n]))
if strings.HasPrefix(welcome, "220") {
return strings.TrimPrefix(welcome, "220 ")
}
return welcome
}
func (p *SMTPPlugin) identifyService(ctx context.Context, info *common.HostInfo) *ScanResult {
target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
serverInfo := p.getServerInfo(ctx, info)
var banner string
if serverInfo != "" {
banner = fmt.Sprintf("SMTP邮件服务 (%s)", serverInfo)
} else {
conn, err := net.DialTimeout("tcp", target, time.Duration(common.Timeout)*time.Second)
if err != nil {
return &ScanResult{
Success: false,
Service: "smtp",
Error: err,
}
}
defer conn.Close()
banner = "SMTP邮件服务"
}
common.LogSuccess(fmt.Sprintf("SMTP %s %s", target, banner))
return &ScanResult{
Success: true,
Service: "smtp",
Banner: banner,
}
}
func init() {
// 使用高效注册方式:直接传递端口信息,避免实例创建
RegisterPluginWithPorts("smtp", func() Plugin {
return NewSMTPPlugin()
}, []int{25, 465, 587, 2525})
}
Reference in New Issue View Git Blame Copy Permalink