mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-09-14 14:06:44 +08:00
dc8579f554
- 新增Neo4j Bolt协议识别和弱密码检测 - 支持未授权访问和默认凭据检测 - 实现ServiceConnector三层架构模式 - 添加Neo4j专用国际化消息 - 支持7474/7687端口扫描 - 自动注册到插件系统
42 lines
1.1 KiB
Go
42 lines
1.1 KiB
Go
package neo4j
|
||
|
||
import (
|
||
"context"
|
||
"fmt"
|
||
|
||
"github.com/shadow1ng/fscan/common"
|
||
"github.com/shadow1ng/fscan/plugins/base"
|
||
)
|
||
|
||
// Neo4jExploiter Neo4j利用器实现
|
||
type Neo4jExploiter struct{}
|
||
|
||
// NewNeo4jExploiter 创建Neo4j利用器
|
||
func NewNeo4jExploiter() *Neo4jExploiter {
|
||
return &Neo4jExploiter{}
|
||
}
|
||
|
||
// Exploit 执行Neo4j利用
|
||
func (e *Neo4jExploiter) Exploit(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
|
||
// Neo4j插件主要用于服务识别和认证测试,不进行进一步利用
|
||
return &base.ExploitResult{
|
||
Success: false,
|
||
Error: fmt.Errorf("Neo4j插件不支持进一步利用"),
|
||
}, nil
|
||
}
|
||
|
||
// GetExploitMethods 获取支持的利用方法
|
||
func (e *Neo4jExploiter) GetExploitMethods() []base.ExploitMethod {
|
||
return []base.ExploitMethod{
|
||
{
|
||
Name: "信息收集",
|
||
Type: base.ExploitDataExtraction,
|
||
Description: "收集Neo4j图数据库信息",
|
||
},
|
||
}
|
||
}
|
||
|
||
// IsExploitSupported 检查是否支持指定的利用类型
|
||
func (e *Neo4jExploiter) IsExploitSupported(method base.ExploitType) bool {
|
||
return method == base.ExploitDataExtraction
|
||
} |