From bc8c5648f36fc25b5521e1e63ed153bd99cd698a Mon Sep 17 00:00:00 2001 From: Budi Komarudin <90817826+redhawkeye@users.noreply.github.com> Date: Wed, 19 Mar 2025 12:21:51 +0000 Subject: [PATCH] Translate 3 file from Plugins --- Plugins/ActiveMQ.go | 48 ++++++++++++++++++------------------- Plugins/Base.go | 56 ++++++++++++++++++++++---------------------- Plugins/Cassandra.go | 34 +++++++++++++-------------- 3 files changed, 69 insertions(+), 69 deletions(-) diff --git a/Plugins/ActiveMQ.go b/Plugins/ActiveMQ.go index 3e3a8b2..38f9821 100644 --- a/Plugins/ActiveMQ.go +++ b/Plugins/ActiveMQ.go @@ -16,21 +16,21 @@ func ActiveMQScan(info *Common.HostInfo) (tmperr error) { maxRetries := Common.MaxRetries target := fmt.Sprintf("%v:%v", info.Host, info.Ports) - Common.LogDebug(fmt.Sprintf("开始扫描 %s", target)) - Common.LogDebug("尝试默认账户 admin:admin") + Common.LogDebug(fmt.Sprintf("Starting scan %s", target)) + Common.LogDebug("Trying default account admin:admin") - // 首先测试默认账户 + // First test the default account for retryCount := 0; retryCount < maxRetries; retryCount++ { if retryCount > 0 { - Common.LogDebug(fmt.Sprintf("第%d次重试默认账户", retryCount+1)) + Common.LogDebug(fmt.Sprintf("Retrying default account for the %d time", retryCount+1)) } flag, err := ActiveMQConn(info, "admin", "admin") if flag { - successMsg := fmt.Sprintf("ActiveMQ服务 %s 成功爆破 用户名: admin 密码: admin", target) + successMsg := fmt.Sprintf("ActiveMQ service %s successfully brute-forced Username: admin Password: admin", target) Common.LogSuccess(successMsg) - // 保存结果 + // Save result result := &Common.ScanResult{ Time: time.Now(), Type: Common.VULN, @@ -48,7 +48,7 @@ func ActiveMQScan(info *Common.HostInfo) (tmperr error) { return nil } if err != nil { - errMsg := fmt.Sprintf("ActiveMQ服务 %s 默认账户尝试失败: %v", target, err) + errMsg := fmt.Sprintf("ActiveMQ service %s default account attempt failed: %v", target, err) Common.LogError(errMsg) if retryErr := Common.CheckErrs(err); retryErr != nil { @@ -63,22 +63,22 @@ func ActiveMQScan(info *Common.HostInfo) (tmperr error) { totalUsers := len(Common.Userdict["activemq"]) totalPass := len(Common.Passwords) - Common.LogDebug(fmt.Sprintf("开始尝试用户名密码组合 (总用户数: %d, 总密码数: %d)", totalUsers, totalPass)) + Common.LogDebug(fmt.Sprintf("Starting to try username and password combinations (Total users: %d, Total passwords: %d)", totalUsers, totalPass)) tried := 0 total := totalUsers * totalPass - // 遍历所有用户名密码组合 + // Iterate over all username and password combinations for _, user := range Common.Userdict["activemq"] { for _, pass := range Common.Passwords { tried++ pass = strings.Replace(pass, "{user}", user, -1) - Common.LogDebug(fmt.Sprintf("[%d/%d] 尝试: %s:%s", tried, total, user, pass)) + Common.LogDebug(fmt.Sprintf("[%d/%d] Trying: %s:%s", tried, total, user, pass)) - // 重试循环 + // Retry loop for retryCount := 0; retryCount < maxRetries; retryCount++ { if retryCount > 0 { - Common.LogDebug(fmt.Sprintf("第%d次重试: %s:%s", retryCount+1, user, pass)) + Common.LogDebug(fmt.Sprintf("Retrying for the %d time: %s:%s", retryCount+1, user, pass)) } done := make(chan struct { @@ -102,10 +102,10 @@ func ActiveMQScan(info *Common.HostInfo) (tmperr error) { case result := <-done: err = result.err if result.success { - successMsg := fmt.Sprintf("ActiveMQ服务 %s 成功爆破 用户名: %v 密码: %v", target, user, pass) + successMsg := fmt.Sprintf("ActiveMQ service %s successfully brute-forced Username: %v Password: %v", target, user, pass) Common.LogSuccess(successMsg) - // 保存结果 + // Save result vulnResult := &Common.ScanResult{ Time: time.Now(), Type: Common.VULN, @@ -123,11 +123,11 @@ func ActiveMQScan(info *Common.HostInfo) (tmperr error) { return nil } case <-time.After(time.Duration(Common.Timeout) * time.Second): - err = fmt.Errorf("连接超时") + err = fmt.Errorf("connection timeout") } if err != nil { - errMsg := fmt.Sprintf("ActiveMQ服务 %s 尝试失败 用户名: %v 密码: %v 错误: %v", target, user, pass, err) + errMsg := fmt.Sprintf("ActiveMQ service %s attempt failed Username: %v Password: %v Error: %v", target, user, pass, err) Common.LogError(errMsg) if retryErr := Common.CheckErrs(err); retryErr != nil { @@ -142,11 +142,11 @@ func ActiveMQScan(info *Common.HostInfo) (tmperr error) { } } - Common.LogDebug(fmt.Sprintf("扫描完成,共尝试 %d 个组合", tried)) + Common.LogDebug(fmt.Sprintf("Scan completed, tried %d combinations", tried)) return tmperr } -// ActiveMQConn 统一的连接测试函数 +// ActiveMQConn unified connection test function func ActiveMQConn(info *Common.HostInfo, user string, pass string) (bool, error) { timeout := time.Duration(Common.Timeout) * time.Second addr := fmt.Sprintf("%s:%s", info.Host, info.Ports) @@ -157,16 +157,16 @@ func ActiveMQConn(info *Common.HostInfo, user string, pass string) (bool, error) } defer conn.Close() - // STOMP协议的CONNECT命令 + // STOMP protocol CONNECT command stompConnect := fmt.Sprintf("CONNECT\naccept-version:1.0,1.1,1.2\nhost:/\nlogin:%s\npasscode:%s\n\n\x00", user, pass) - // 发送认证请求 + // Send authentication request conn.SetWriteDeadline(time.Now().Add(timeout)) if _, err := conn.Write([]byte(stompConnect)); err != nil { return false, err } - // 读取响应 + // Read response conn.SetReadDeadline(time.Now().Add(timeout)) respBuf := make([]byte, 1024) n, err := conn.Read(respBuf) @@ -174,7 +174,7 @@ func ActiveMQConn(info *Common.HostInfo, user string, pass string) (bool, error) return false, err } - // 检查认证结果 + // Check authentication result response := string(respBuf[:n]) if strings.Contains(response, "CONNECTED") { @@ -182,8 +182,8 @@ func ActiveMQConn(info *Common.HostInfo, user string, pass string) (bool, error) } if strings.Contains(response, "Authentication failed") || strings.Contains(response, "ERROR") { - return false, fmt.Errorf("认证失败") + return false, fmt.Errorf("authentication failed") } - return false, fmt.Errorf("未知响应: %s", response) + return false, fmt.Errorf("unknown response: %s", response) } diff --git a/Plugins/Base.go b/Plugins/Base.go index 20fa91a..bf7542f 100644 --- a/Plugins/Base.go +++ b/Plugins/Base.go @@ -10,30 +10,30 @@ import ( "net" ) -// ReadBytes 从连接读取数据直到EOF或错误 +// ReadBytes reads data from the connection until EOF or error func ReadBytes(conn net.Conn) ([]byte, error) { - size := 4096 // 缓冲区大小 + size := 4096 // Buffer size buf := make([]byte, size) var result []byte var lastErr error - // 循环读取数据 + // Loop to read data for { count, err := conn.Read(buf) - if err != nil { + if (err != nil) { lastErr = err break } result = append(result, buf[0:count]...) - // 如果读取的数据小于缓冲区,说明已经读完 + // If the read data is less than the buffer size, it means it has been read completely if count < size { break } } - // 如果读到了数据,则忽略错误 + // If data is read, ignore the error if len(result) > 0 { return result, nil } @@ -41,86 +41,86 @@ func ReadBytes(conn net.Conn) ([]byte, error) { return result, lastErr } -// 默认AES加密密钥 +// Default AES encryption key var key = "0123456789abcdef" -// AesEncrypt 使用AES-CBC模式加密字符串 +// AesEncrypt encrypts a string using AES-CBC mode func AesEncrypt(orig string, key string) (string, error) { - // 转为字节数组 + // Convert to byte array origData := []byte(orig) keyBytes := []byte(key) - // 创建加密块,要求密钥长度必须为16/24/32字节 + // Create encryption block, the key length must be 16/24/32 bytes block, err := aes.NewCipher(keyBytes) if err != nil { - return "", fmt.Errorf("创建加密块失败: %v", err) + return "", fmt.Errorf("Failed to create encryption block: %v", err) } - // 获取块大小并填充数据 + // Get block size and pad data blockSize := block.BlockSize() origData = PKCS7Padding(origData, blockSize) - // 创建CBC加密模式 + // Create CBC encryption mode blockMode := cipher.NewCBCEncrypter(block, keyBytes[:blockSize]) - // 加密数据 + // Encrypt data encrypted := make([]byte, len(origData)) blockMode.CryptBlocks(encrypted, origData) - // base64编码 + // Base64 encode return base64.StdEncoding.EncodeToString(encrypted), nil } -// AesDecrypt 使用AES-CBC模式解密字符串 +// AesDecrypt decrypts a string using AES-CBC mode func AesDecrypt(crypted string, key string) (string, error) { - // base64解码 + // Base64 decode cryptedBytes, err := base64.StdEncoding.DecodeString(crypted) if err != nil { - return "", fmt.Errorf("base64解码失败: %v", err) + return "", fmt.Errorf("Failed to base64 decode: %v", err) } keyBytes := []byte(key) - // 创建解密块 + // Create decryption block block, err := aes.NewCipher(keyBytes) if err != nil { - return "", fmt.Errorf("创建解密块失败: %v", err) + return "", fmt.Errorf("Failed to create decryption block: %v", err) } - // 创建CBC解密模式 + // Create CBC decryption mode blockSize := block.BlockSize() blockMode := cipher.NewCBCDecrypter(block, keyBytes[:blockSize]) - // 解密数据 + // Decrypt data origData := make([]byte, len(cryptedBytes)) blockMode.CryptBlocks(origData, cryptedBytes) - // 去除填充 + // Remove padding origData, err = PKCS7UnPadding(origData) if err != nil { - return "", fmt.Errorf("去除PKCS7填充失败: %v", err) + return "", fmt.Errorf("Failed to remove PKCS7 padding: %v", err) } return string(origData), nil } -// PKCS7Padding 对数据进行PKCS7填充 +// PKCS7Padding pads data using PKCS7 func PKCS7Padding(data []byte, blockSize int) []byte { padding := blockSize - len(data)%blockSize padtext := bytes.Repeat([]byte{byte(padding)}, padding) return append(data, padtext...) } -// PKCS7UnPadding 去除PKCS7填充 +// PKCS7UnPadding removes PKCS7 padding func PKCS7UnPadding(data []byte) ([]byte, error) { length := len(data) if length == 0 { - return nil, errors.New("数据长度为0") + return nil, errors.New("Data length is 0") } padding := int(data[length-1]) if padding > length { - return nil, errors.New("填充长度无效") + return nil, errors.New("Invalid padding length") } return data[:length-padding], nil diff --git a/Plugins/Cassandra.go b/Plugins/Cassandra.go index 7a8de35..8411c4e 100644 --- a/Plugins/Cassandra.go +++ b/Plugins/Cassandra.go @@ -17,21 +17,21 @@ func CassandraScan(info *Common.HostInfo) (tmperr error) { target := fmt.Sprintf("%v:%v", info.Host, info.Ports) maxRetries := Common.MaxRetries - Common.LogDebug(fmt.Sprintf("开始扫描 %s", target)) - Common.LogDebug("尝试无认证访问...") + Common.LogDebug(fmt.Sprintf("Starting scan %s", target)) + Common.LogDebug("Trying unauthenticated access...") - // 首先测试无认证访问 + // First test unauthenticated access for retryCount := 0; retryCount < maxRetries; retryCount++ { if retryCount > 0 { - Common.LogDebug(fmt.Sprintf("第%d次重试无认证访问", retryCount+1)) + Common.LogDebug(fmt.Sprintf("Retrying unauthenticated access for the %d time", retryCount+1)) } flag, err := CassandraConn(info, "", "") if flag && err == nil { - successMsg := fmt.Sprintf("Cassandra服务 %s 无认证访问成功", target) + successMsg := fmt.Sprintf("Cassandra service %s unauthenticated access successful", target) Common.LogSuccess(successMsg) - // 保存无认证访问结果 + // Save unauthenticated access result result := &Common.ScanResult{ Time: time.Now(), Type: Common.VULN, @@ -42,7 +42,7 @@ func CassandraScan(info *Common.HostInfo) (tmperr error) { "service": "cassandra", "auth_type": "anonymous", "type": "unauthorized-access", - "description": "数据库允许无认证访问", + "description": "Database allows unauthenticated access", }, } Common.SaveResult(result) @@ -59,21 +59,21 @@ func CassandraScan(info *Common.HostInfo) (tmperr error) { totalUsers := len(Common.Userdict["cassandra"]) totalPass := len(Common.Passwords) - Common.LogDebug(fmt.Sprintf("开始尝试用户名密码组合 (总用户数: %d, 总密码数: %d)", totalUsers, totalPass)) + Common.LogDebug(fmt.Sprintf("Starting to try username and password combinations (Total users: %d, Total passwords: %d)", totalUsers, totalPass)) tried := 0 total := totalUsers * totalPass - // 遍历所有用户名密码组合 + // Iterate over all username and password combinations for _, user := range Common.Userdict["cassandra"] { for _, pass := range Common.Passwords { tried++ pass = strings.Replace(pass, "{user}", user, -1) - Common.LogDebug(fmt.Sprintf("[%d/%d] 尝试: %s:%s", tried, total, user, pass)) + Common.LogDebug(fmt.Sprintf("[%d/%d] Trying: %s:%s", tried, total, user, pass)) for retryCount := 0; retryCount < maxRetries; retryCount++ { if retryCount > 0 { - Common.LogDebug(fmt.Sprintf("第%d次重试: %s:%s", retryCount+1, user, pass)) + Common.LogDebug(fmt.Sprintf("Retrying for the %d time: %s:%s", retryCount+1, user, pass)) } done := make(chan struct { @@ -97,10 +97,10 @@ func CassandraScan(info *Common.HostInfo) (tmperr error) { case result := <-done: err = result.err if result.success && err == nil { - successMsg := fmt.Sprintf("Cassandra服务 %s 爆破成功 用户名: %v 密码: %v", target, user, pass) + successMsg := fmt.Sprintf("Cassandra service %s brute force successful Username: %v Password: %v", target, user, pass) Common.LogSuccess(successMsg) - // 保存爆破成功结果 + // Save brute force success result vulnResult := &Common.ScanResult{ Time: time.Now(), Type: Common.VULN, @@ -118,11 +118,11 @@ func CassandraScan(info *Common.HostInfo) (tmperr error) { return nil } case <-time.After(time.Duration(Common.Timeout) * time.Second): - err = fmt.Errorf("连接超时") + err = fmt.Errorf("connection timeout") } if err != nil { - errlog := fmt.Sprintf("Cassandra服务 %s 尝试失败 用户名: %v 密码: %v 错误: %v", target, user, pass, err) + errlog := fmt.Sprintf("Cassandra service %s attempt failed Username: %v Password: %v Error: %v", target, user, pass, err) Common.LogError(errlog) if retryErr := Common.CheckErrs(err); retryErr != nil { @@ -137,11 +137,11 @@ func CassandraScan(info *Common.HostInfo) (tmperr error) { } } - Common.LogDebug(fmt.Sprintf("扫描完成,共尝试 %d 个组合", tried)) + Common.LogDebug(fmt.Sprintf("Scan completed, tried %d combinations", tried)) return tmperr } -// CassandraConn 清理后的连接测试函数 +// CassandraConn unified connection test function func CassandraConn(info *Common.HostInfo, user string, pass string) (bool, error) { host, port := info.Host, info.Ports timeout := time.Duration(Common.Timeout) * time.Second