mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-09-14 14:06:44 +08:00
a71092b514
- 新增MSSQL协议识别和弱密码检测 - 支持sa等管理员账户暴力破解 - 实现ServiceConnector三层架构模式 - 添加MSSQL专用国际化消息 - 支持SOCKS代理连接 - 自动注册到插件系统
42 lines
1.1 KiB
Go
42 lines
1.1 KiB
Go
package mssql
|
||
|
||
import (
|
||
"context"
|
||
"fmt"
|
||
|
||
"github.com/shadow1ng/fscan/common"
|
||
"github.com/shadow1ng/fscan/plugins/base"
|
||
)
|
||
|
||
// MSSQLExploiter MSSQL利用器实现
|
||
type MSSQLExploiter struct{}
|
||
|
||
// NewMSSQLExploiter 创建MSSQL利用器
|
||
func NewMSSQLExploiter() *MSSQLExploiter {
|
||
return &MSSQLExploiter{}
|
||
}
|
||
|
||
// Exploit 执行MSSQL利用
|
||
func (e *MSSQLExploiter) Exploit(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
|
||
// MSSQL插件主要用于服务识别和认证测试,不进行进一步利用
|
||
return &base.ExploitResult{
|
||
Success: false,
|
||
Error: fmt.Errorf("MSSQL插件不支持进一步利用"),
|
||
}, nil
|
||
}
|
||
|
||
// GetExploitMethods 获取支持的利用方法
|
||
func (e *MSSQLExploiter) GetExploitMethods() []base.ExploitMethod {
|
||
return []base.ExploitMethod{
|
||
{
|
||
Name: "信息收集",
|
||
Type: base.ExploitDataExtraction,
|
||
Description: "收集MSSQL服务信息",
|
||
},
|
||
}
|
||
}
|
||
|
||
// IsExploitSupported 检查是否支持指定的利用类型
|
||
func (e *MSSQLExploiter) IsExploitSupported(method base.ExploitType) bool {
|
||
return method == base.ExploitDataExtraction
|
||
} |