优化密码破解 的控制流程 2022-09-27

hktalent · hktalent · commit c9316e1c8989 · 2022-09-27T22:48:26.000+08:00
diff --git a/pkg/hydra/doNmapResult.go b/pkg/hydra/doNmapResult.go
@@ -65,11 +65,7 @@ func DoParseXml(s string, bf *bytes.Buffer) {
 				//bf.Write([]byte(fmt.Sprintf("%s:%s\n", ip, szPort)))
 				szUlr := fmt.Sprintf("http://%s:%s\n", ip, szPort)
 				bf.Write([]byte(szUlr))
-				if bCheckWeakPassword {
-					CheckWeakPassword(ip, service, port)
-				} else {
-					log.Println("bCheckWeakPassword = ", bCheckWeakPassword)
-				}
+
 				// 存储结果到其他地方
 				//x9 := AuthInfo{IPAddr: ip, Port: port, Protocol: service}
 				// 构造发送es等数据
@@ -81,9 +77,7 @@ func DoParseXml(s string, bf *bytes.Buffer) {
 					m1[ip] = append(xx09, []string{szPort, service})
 				}
 				if os.Getenv("NoPOC") != "true" {
-					if "socks5" == service || "vnc" == service {
-						CheckWeakPassword(ip, service, port)
-					} else if "445" == szPort && service == "microsoft-ds" || "135" == szPort && service == "msrpc" {
+					if "445" == szPort && service == "microsoft-ds" || "135" == szPort && service == "msrpc" {
 						util.PocCheck_pipe <- &util.PocCheck{
 							Wappalyzertechnologies: &[]string{service},
 							URL:                    szUlr,
@@ -97,8 +91,6 @@ func DoParseXml(s string, bf *bytes.Buffer) {
 							FinalURL:               szUlr,
 							Checklog4j:             false,
 						}
-					} else if bCheckWeakPassword && ("110" == szPort || "995" == szPort) && service == "pop3" {
-						CheckWeakPassword(ip, service, port)
 					} else if "2181" == szPort {
 						util.PocCheck_pipe <- &util.PocCheck{
 							Wappalyzertechnologies: &[]string{"ZookeeperUnauthority"},
@@ -108,11 +100,14 @@ func DoParseXml(s string, bf *bytes.Buffer) {
 						}
 					}
 				}
+				// 若密码、破解
 				if bCheckWeakPassword {
 					if "8728" == szPort && service == "unknown" {
 						CheckWeakPassword(ip, "router", port)
 					} else if ("5985" == szPort || "5986" == szPort) && -1 < strings.Index(service, "microsoft ") {
 						CheckWeakPassword(ip, "winrm", port)
+					} else { // if ("110" == szPort || "995" == szPort) && service == "pop3" || "socks5" == service || "vnc" == service {
+						CheckWeakPassword(ip, service, port)
 					}
 				}
 
diff --git a/pkg/hydra/hydra.go b/pkg/hydra/hydra.go
@@ -22,7 +22,7 @@ var (
 	CustomAuthMap  *AuthList
 	// rtsp://admin:admin@192.168.0.111:554/0x8b6c42
 	// rtsp: 554, 5554,8554
-	ProtocolList = strings.Split("rdp,ssh,rsh-spx,mysql,mssql,oracle,postgresql,redis,ftp,mongodb,mongod,smb,telnet,snmp,wap-wsp,router,winrm,pop3,socks5,vnc", ",")
+	ProtocolList = strings.Split("rdp,ssh,rsh-spx,mysql,mssql,oracle,postgresql,redis,ftp,mongodb,mongod,smb,telnet,snmp,wap-wsp,router,winrm,pop3,socks5,vnc,pop3s", ",")
 )
 
 func NewCracker(info *AuthInfo, isAuthUpdate bool, threads int) *Cracker {
@@ -67,6 +67,8 @@ func (c *Cracker) Run() {
 		c.Pool.Function = rdpCracker(ip, port)
 	case "mysql":
 		c.Pool.Function = mysqlCracker
+	case "pop3s":
+		c.Pool.Function = pop3Cracker
 	case "pop3":
 		c.Pool.Function = pop3Cracker
 	case "mssql":
