fix: 修复Kafka扫描

2025-07-13 21:02:44 +08:00 · 2024-12-22 03:28:53 +08:00 · 2024-12-22 03:28:53 +08:00 · bbbc4317df
commit bbbc4317df
parent 1b9c9a00fe
2 changed files with 30 additions and 22 deletions
--- a/Common/Config.go
+++ b/Common/Config.go
@ -14,6 +14,7 @@ var Userdict = map[string][]string{
 	"telnet":     {"root", "admin", "test"},
 	"elastic":    {"elastic", "admin", "kibana"},
 	"rabbitmq":   {"guest", "admin", "administrator", "rabbit", "rabbitmq", "root"},
 	"kafka":      {"admin", "kafka", "root", "test"},
 }
 var Passwords = []string{"123456", "admin", "admin123", "root", "", "pass123", "pass@123", "password", "P@ssword123", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}111", "{user}123", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "{user}@123#4", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "123456!a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1qaz!QAZ", "2wsx@WSX", "qwe123!@#", "Aa123456!", "A123456s!", "sa123456", "1q2w3e", "Charge123", "Aa123456789", "elastic123"}
--- a/Plugins/Kafka.go
+++ b/Plugins/Kafka.go
@ -53,40 +53,26 @@ func KafkaConn(info *Common.HostInfo, user string, pass string) (bool, error) {
 	host, port := info.Host, info.Ports
 	timeout := time.Duration(Common.Timeout) * time.Second
 	// 配置Kafka客户端
 	config := sarama.NewConfig()
 	config.Net.DialTimeout = timeout
 	// 禁用TLS
 	config.Net.TLS.Enable = false
-	config.Version = sarama.V2_0_0_0 // 设置一个通用版本
+	config.Version = sarama.V2_0_0_0
-	// 如果提供了认证信息
+	// 设置 SASL 配置
 	if user != "" || pass != "" {
 		config.Net.SASL.Enable = true
 		config.Net.SASL.Mechanism = sarama.SASLTypePlaintext
 		config.Net.SASL.User = user
 		config.Net.SASL.Password = pass
 		config.Net.SASL.Handshake = true
 	}
 	// 构造broker列表
 	brokers := []string{fmt.Sprintf("%s:%s", host, port)}
-	// 尝试创建客户端
+	// 尝试作为消费者连接测试
-	client, err := sarama.NewClient(brokers, config)
+	consumer, err := sarama.NewConsumer(brokers, config)
-	if err != nil {
+	if err == nil {
-		return false, err
+		defer consumer.Close()
 	}
 	defer client.Close()
 	// 尝试获取topics列表来验证连接
 	topics, err := client.Topics()
 	if err != nil {
 		return false, err
 	}
 	// 如果成功连接并获取topics
 	if len(topics) >= 0 {
 		result := fmt.Sprintf("[+] Kafka服务 %v:%v ", host, port)
 		if user != "" {
 			result += fmt.Sprintf("爆破成功 用户名: %v 密码: %v", user, pass)
@ -97,5 +83,26 @@ func KafkaConn(info *Common.HostInfo, user string, pass string) (bool, error) {
 		return true, nil
 	}
-	return false, fmt.Errorf("认证失败")
+	// 如果消费者连接失败，尝试作为客户端连接
 	client, err := sarama.NewClient(brokers, config)
 	if err == nil {
 		defer client.Close()
 		result := fmt.Sprintf("[+] Kafka服务 %v:%v ", host, port)
 		if user != "" {
 			result += fmt.Sprintf("爆破成功 用户名: %v 密码: %v", user, pass)
 		} else {
 			result += "无需认证即可访问"
 		}
 		Common.LogSuccess(result)
 		return true, nil
 	}
 	// 检查错误类型
 	if strings.Contains(err.Error(), "SASL") ||
 		strings.Contains(err.Error(), "authentication") ||
 		strings.Contains(err.Error(), "credentials") {
 		return false, fmt.Errorf("认证失败")
 	}
 	return false, err
 }