From 6a452d59596b0a1b8adab8260f2642375ec86f71 Mon Sep 17 00:00:00 2001 From: ZacharyZcR <2903735704@qq.com> Date: Wed, 18 Dec 2024 23:40:03 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96Memcached.go=E7=9A=84?= =?UTF-8?q?=E4=BB=A3=E7=A0=81=EF=BC=8C=E6=B7=BB=E5=8A=A0=E6=B3=A8=E9=87=8A?= =?UTF-8?q?=EF=BC=8C=E8=A7=84=E8=8C=83=E8=BE=93=E5=87=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Plugins/Memcached.go | 62 +++++++++++++++++++++++++------------------- 1 file changed, 36 insertions(+), 26 deletions(-) diff --git a/Plugins/Memcached.go b/Plugins/Memcached.go index cade9ba..1acdaa7 100644 --- a/Plugins/Memcached.go +++ b/Plugins/Memcached.go @@ -8,32 +8,42 @@ import ( "time" ) -func MemcachedScan(info *Config.HostInfo) (err error) { +// MemcachedScan 检测Memcached未授权访问 +func MemcachedScan(info *Config.HostInfo) error { realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports) - client, err := Common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(Common.Timeout)*time.Second) - defer func() { - if client != nil { - client.Close() - } - }() - if err == nil { - err = client.SetDeadline(time.Now().Add(time.Duration(Common.Timeout) * time.Second)) - if err == nil { - _, err = client.Write([]byte("stats\n")) //Set the key randomly to prevent the key on the server from being overwritten - if err == nil { - rev := make([]byte, 1024) - n, err := client.Read(rev) - if err == nil { - if strings.Contains(string(rev[:n]), "STAT") { - result := fmt.Sprintf("[+] Memcached %s unauthorized", realhost) - Common.LogSuccess(result) - } - } else { - errlog := fmt.Sprintf("[-] Memcached %v:%v %v", info.Host, info.Ports, err) - Common.LogError(errlog) - } - } - } + timeout := time.Duration(Common.Timeout) * time.Second + + // 建立TCP连接 + client, err := Common.WrapperTcpWithTimeout("tcp", realhost, timeout) + if err != nil { + return err } - return err + defer client.Close() + + // 设置超时时间 + if err := client.SetDeadline(time.Now().Add(timeout)); err != nil { + return err + } + + // 发送stats命令 + if _, err := client.Write([]byte("stats\n")); err != nil { + return err + } + + // 读取响应 + rev := make([]byte, 1024) + n, err := client.Read(rev) + if err != nil { + errlog := fmt.Sprintf("[-] Memcached %v:%v %v", info.Host, info.Ports, err) + Common.LogError(errlog) + return err + } + + // 检查响应内容 + if strings.Contains(string(rev[:n]), "STAT") { + result := fmt.Sprintf("[+] Memcached %s 未授权访问", realhost) + Common.LogSuccess(result) + } + + return nil }