overflow_backup_2018_0455/overflow_discovery
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ing

Browse Source
This commit is contained in:
crusader 2017-11-22 14:55:40 +09:00
parent 3f730e1fe4
commit 2e81139374
35 changed files with 117 additions and 1567 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
api/module/discovery/model/discovery.go
View File

@ -10,10 +10,15 @@ type DiscoveryHost struct {
FirstScanRange string `json:"firstScanRange"` FirstScanRange string `json:"firstScanRange"`
LastScanRange string `json:"lastScanRange"` LastScanRange string `json:"lastScanRange"`
ExcludeHosts []string `json:"excludeHosts"` ExcludeHosts []string `json:"excludeHosts"`
IncludeHosts []string `json:"includeHosts"`
DiscoveryPort *DiscoveryPort `json:"discoveryPort"` DiscoveryPort *DiscoveryPort `json:"discoveryPort"`
} }
func (dh *DiscoveryHost) Contains(ip string) bool {
}
type DiscoveryPort struct { type DiscoveryPort struct {
FirstScanRange int `json:"firstScanRange"` FirstScanRange int `json:"firstScanRange"`
LastScanRange int `json:"lastScanRange"` LastScanRange int `json:"lastScanRange"`

24
api/module/discovery/model/zone.go
View File

@ -1,9 +1,33 @@
package model package model
import "sync"
type Zone struct { type Zone struct {
ID int `json:"id,omitempty"` ID int `json:"id,omitempty"`
Network string `json:"network"` Network string `json:"network"`
IP string `json:"ip"` IP string `json:"ip"`
Iface string `json:"iface"` Iface string `json:"iface"`
Mac string `json:"mac"` Mac string `json:"mac"`
hosts map[string]*Host
mtx sync.RWMutex
}
func (z *Zone) AddHost(h *Host) {
z.mtx.Lock()
defer z.mtx.Unlock()
if nil == z.hosts {
z.hosts = make(map[string]*Host)
}
z.hosts[h.IP] = h
}
func (z *Zone) GetHost(ip string) *Host {
z.mtx.RLock()
defer z.mtx.RUnlock()
if nil == z.hosts {
return nil
}
return z.hosts[ip]
} }

1
commons/pcap/packet.go
View File

@ -99,7 +99,6 @@ func handlePacketUDP(ps *pCapScan, packet gopacket.Packet) {
chs, ok := ps.udpListenerChans[ip] chs, ok := ps.udpListenerChans[ip]
if ok { if ok {
for _, ch := range chs { for _, ch := range chs {
ch <- packet ch <- packet
} }

1
discovery/discovery.go
View File

@ -100,6 +100,7 @@ func (d *discovery) discoverHost(zone *model.Zone, dh *model.DiscoveryHost) {
}, },
func(result interface{}) { func(result interface{}) {
h := result.(*model.Host) h := result.(*model.Host)
zone.AddHost(h)
logging.Logger().Info(fmt.Sprintf("host: %v", h)) logging.Logger().Info(fmt.Sprintf("host: %v", h))
if nil != dh.DiscoveryPort { if nil != dh.DiscoveryPort {
d.discoverPort(h, dh.DiscoveryPort) d.discoverPort(h, dh.DiscoveryPort)

5
discovery/ipv4/host.go
View File

@ -99,13 +99,14 @@ func sendARP(ps pcap.PCapScanner, zone *model.Zone, hostRanges []net.IP, stopCha
return err return err
} }
timer := time.NewTimer(time.Microsecond * 100)
select { select {
case <-stopChan: case <-stopChan:
return nil return nil
default: case <-timer.C:
} }
time.Sleep(time.Microsecond * 100)
} }
return nil return nil
} }

24
discovery/ipv4/port_tcp.go
View File

@ -33,6 +33,8 @@ func scanPortTCP(host *model.Host, dp *model.DiscoveryPort, resultChan chan inte
}() }()
go func() { go func() {
ports := make(map[int]*model.Port)
for { for {
select { select {
case packet, ok := <-tcpChan: case packet, ok := <-tcpChan:
@ -40,7 +42,7 @@ func scanPortTCP(host *model.Host, dp *model.DiscoveryPort, resultChan chan inte
logging.Logger().Debug(fmt.Sprintf("Discovery: tcp channel is closed")) logging.Logger().Debug(fmt.Sprintf("Discovery: tcp channel is closed"))
return return
} }
if p := handlePacketTCP(host, packet); nil != p { if p := handlePacketTCP(host, ports, packet); nil != p {
resultChan <- p resultChan <- p
} }
case <-stopChan: case <-stopChan:
@ -94,20 +96,19 @@ Loop:
return err return err
} }
timer := time.NewTimer(time.Microsecond * 100)
select { select {
case <-stopChan: case <-stopChan:
return nil return nil
default: case <-timer.C:
} }
time.Sleep(time.Microsecond * 100)
} }
return nil return nil
} }
func handlePacketTCP(host *model.Host, packet *layers.TCP) *model.Port { func handlePacketTCP(host *model.Host, ports map[int]*model.Port, packet *layers.TCP) *model.Port {
if nil == packet || packet.DstPort != 60000 { if nil == packet || packet.DstPort != 60000 {
return nil return nil
} }
@ -117,6 +118,17 @@ func handlePacketTCP(host *model.Host, packet *layers.TCP) *model.Port {
} }
portNumber := int(packet.SrcPort) portNumber := int(packet.SrcPort)
if _, ok := ports[portNumber]; ok || !cr.Contains(ip) {
return nil
}
h := &model.Host{}
h.IP = ip.String()
h.Mac = net.HardwareAddr(packet.SourceHwAddress).String()
h.Zone = zone
hosts[ip.String()] = h
p := &model.Port{ p := &model.Port{
PortType: model.PortTypeTCP, PortType: model.PortTypeTCP,
PortNumber: portNumber, PortNumber: portNumber,

110
discovery/ipv4/port_udp.go
View File

@ -9,6 +9,7 @@ import (
"git.loafle.net/commons_go/logging" "git.loafle.net/commons_go/logging"
"git.loafle.net/overflow/overflow_discovery/api/module/discovery/model" "git.loafle.net/overflow/overflow_discovery/api/module/discovery/model"
"git.loafle.net/overflow/overflow_discovery/commons/pcap" "git.loafle.net/overflow/overflow_discovery/commons/pcap"
"git.loafle.net/overflow/overflow_discovery/service"
"github.com/google/gopacket" "github.com/google/gopacket"
"github.com/google/gopacket/layers" "github.com/google/gopacket/layers"
) )
@ -37,7 +38,7 @@ func scanPortUDP(host *model.Host, dp *model.DiscoveryPort, resultChan chan inte
select { select {
case packet, ok := <-udpChan: case packet, ok := <-udpChan:
if !ok { if !ok {
logging.Logger().Debug(fmt.Sprintf("Discovery: tcp channel is closed")) logging.Logger().Debug(fmt.Sprintf("Discovery: udp channel is closed"))
return return
} }
if p := handlePacketUDP(host, packet); nil != p { if p := handlePacketUDP(host, packet); nil != p {
@ -65,15 +66,23 @@ func scanPortUDP(host *model.Host, dp *model.DiscoveryPort, resultChan chan inte
} }
func sendUDP(host *model.Host, dp *model.DiscoveryPort, stopChan chan struct{}) error { func sendUDP(host *model.Host, dp *model.DiscoveryPort, stopChan chan struct{}) error {
tcpPacket, err := makePacketPortTCP(host) ip := net.ParseIP(host.IP)
if nil != err { if nil == ip {
return fmt.Errorf("Discovery: IP(%s) of host is not valid", host.IP)
}
ms := service.GetUDPMatchers()
conn, err := net.ListenUDP("udp", &net.UDPAddr{IP: net.IPv4zero, Port: 0})
if err != nil {
return err return err
} }
defer func() { defer func() {
tcpPacket.PacketConn.Close() conn.Close()
}() }()
buf := gopacket.NewSerializeBuffer() for indexI := 0; indexI < len(ms); indexI++ {
m := ms[indexI]
Loop: Loop:
for portNumber := dp.FirstScanRange; portNumber < dp.LastScanRange; portNumber++ { for portNumber := dp.FirstScanRange; portNumber < dp.LastScanRange; portNumber++ {
@ -84,91 +93,54 @@ Loop:
} }
} }
} }
tcpPacket.TCP.DstPort = layers.TCPPort(portNumber)
tcpPacket.TCP.SetNetworkLayerForChecksum(tcpPacket.IP)
if err := gopacket.SerializeLayers(buf, tcpPacket.Opts, tcpPacket.TCP); err != nil { if !m.IsSend(portNumber) {
return err continue
} }
if _, err := tcpPacket.PacketConn.WriteTo(buf.Bytes(), &net.IPAddr{IP: tcpPacket.IP.DstIP}); err != nil {
return err addr := &net.UDPAddr{IP: ip.To4(), Port: portNumber}
for i := 0; i < m.PacketCount(); i++ {
p := m.Packet(i)
if _, err := conn.WriteToUDP(p.Buffer, addr); err != nil {
logging.Logger().Error(fmt.Sprintf("Discovery: UDP write error %v", err))
} }
}
timer := time.NewTimer(time.Microsecond * 200)
select { select {
case <-stopChan: case <-stopChan:
return nil return nil
default: case <-timer.C:
}
} }
time.Sleep(time.Microsecond * 100)
} }
return nil return nil
} }
func handlePacketUDP(host *model.Host, packet *layers.TCP) *model.Port { func handlePacketUDP(host *model.Host, packet gopacket.Packet) *model.Port {
if nil == packet || packet.DstPort != 60000 { ipLayer := packet.Layer(layers.LayerTypeIPv4)
if ipLayer.(*layers.IPv4).SrcIP.String() == host.Zone.IP {
return nil return nil
} }
if packet.RST { if net := packet.NetworkLayer(); net == nil {
return nil } else if udpLayer := packet.Layer(layers.LayerTypeUDP); udpLayer == nil {
} } else if udp, ok := udpLayer.(*layers.UDP); ok {
srcIP := ipLayer.(*layers.IPv4).SrcIP
port := int(udp.SrcPort)
logging.Logger().Debug(fmt.Sprintf("Discovery: IP of UPD(%d) src %v", port, srcIP))
portNumber := int(packet.SrcPort)
p := &model.Port{ p := &model.Port{
PortType: model.PortTypeTCP, PortType: model.PortTypeUDP,
PortNumber: portNumber, PortNumber: port,
} }
p.Host = host p.Host = host
return p return p
} }
type PortPacketTCP struct { return nil
IP *layers.IPv4
TCP *layers.TCP
Opts gopacket.SerializeOptions
PacketConn net.PacketConn
}
func makePacketPortTCP(host *model.Host) (*PortPacketTCP, error) {
packetTCP := &PortPacketTCP{}
srcIP := net.ParseIP(host.Zone.IP)
if nil == srcIP {
return nil, fmt.Errorf("Discovery: IP(%s) of zone is not valid", host.Zone.IP)
}
dstIP := net.ParseIP(host.IP)
if nil == dstIP {
return nil, fmt.Errorf("Discovery: IP(%s) of host is not valid", host.IP)
}
packetTCP.IP = &layers.IPv4{
SrcIP: srcIP.To4(),
DstIP: dstIP.To4(),
Version: 4,
TTL: 64,
Protocol: layers.IPProtocolTCP,
}
packetTCP.TCP = &layers.TCP{
SrcPort: 60000,
DstPort: 0, // will be incremented during the scan
SYN: true,
Seq: 0,
}
packetTCP.Opts = gopacket.SerializeOptions{
ComputeChecksums: true,
FixLengths: true,
}
conn, err := net.ListenPacket("ip4:tcp", "0.0.0.0")
if err != nil {
return nil, fmt.Errorf("Discovery: SYN create socket error %v", err)
}
packetTCP.PacketConn = conn
return packetTCP, nil
} }

79
discovery/service/match/activedirectory/activedirectory_test.go
View File

@ -1,79 +0,0 @@
package activedirectory
import (
"crypto/tls"
"net"
"testing"
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
)
func TestADNor(t *testing.T) {
client, err := net.Dial("tcp", "192.168.1.15:389")
if err != nil {
t.Log(err)
}
defer client.Close()
dDRun(client, t)
}
func TestADTLS(t *testing.T) {
conn, err := tls.Dial(
"tcp",
"192.168.1.1:636",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.1",
},
)
if err != nil {
t.Log(err)
return
}
defer conn.Close()
dDRun(conn, t)
}
func dDRun(client net.Conn, t *testing.T) {
lm := NewActiveDirectoryMatcher()
//port := types.NewPort("389", types.NewHost("192.168.1.1"), types.TYPE_TCP)
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//
//fmt.Println(ipport)
//
//fmt.Println(lm.PacketCount())
for ii := 0; ii < lm.PacketCount(); ii++ {
pack := lm.Packet(ii)
fmt.Println(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 1024)
read, _ := client.Read(bytes)
fmt.Println(bytes)
b := lm.Match(ii, matcher.NewPacket(bytes, read), nil)
if b {
fmt.Println("Good")
}
}
}

73
discovery/service/match/cassandra/cassandra_test.go
View File

@ -1,73 +0,0 @@
package cassandra
import (
"crypto/tls"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestCassandra(t *testing.T) {
m := NewCassandraMatcher()
conn, err := net.Dial("tcp", "192.168.1.16:19042")
if err != nil {
t.Error(err)
return
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("Cassandra found")
return
}
t.Error("Cassandra not found")
}
}
func TestCassandraTLS(t *testing.T) {
m := NewCassandraMatcher()
conn, err := tls.Dial(
"tcp",
"192.168.1.16:19042",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.16",
},
)
if err != nil {
t.Fatal(err)
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("Cassandra found")
return
}
t.Error("Cassandra not found")
}
}

33
discovery/service/match/dns/dns_test.go
View File

@ -1,33 +0,0 @@
package dns
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestDns(t *testing.T) {
m := NewDnsMatcher()
conn, _ := net.Dial("udp", "168.126.63.1:53")
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
if m.IsSend(53) != true {
t.Error("not port")
}
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("dns found")
return
}
t.Error("dns not found")
}
}

234
discovery/service/match/ftp/ftp_test.go
View File

@ -1,234 +0,0 @@
package ftp
import (
"fmt"
"testing"
"git.loafle.net/overflow/overflow_discovery/model/scaninfo"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
)
//type FTP struct {
// conn net.Conn
// addr string
//
// reader *bufio.Reader
// writer *bufio.Writer
//}
//
//func (ftp *FTP) Close() {
// ftp.conn.Close()
//}
//
//func Connect(addr string) (*FTP, error) {
// var err error
// var conn net.Conn
//
// if conn, err = net.Dial("tcp", addr); err != nil {
// return nil, err
// }
//
// writer := bufio.NewWriter(conn)
// reader := bufio.NewReader(conn)
//
// obj := &FTP{
// conn:conn,
// addr:addr,
// reader:reader,
// writer:writer,
// }
// recv, _ := obj.receive()
//
// fmt.Println(recv)
//
// return obj, nil
//
//}
//
//func (ftp *FTP) receive() (string, error) {
// line, err := ftp.receiveLine()
//
// if err != nil {
// return line, err
// }
//
// fmt.Println("len : ", len(line))
// fmt.Println("line[3] :", line[3])
// //
// //if (len(line) >= 4) && (line[3] == '-') {
// // closingCode := line[:3] + " "
// //
// // for {
// // str, err := ftp.receiveLine()
// // fmt.Println("str pre: ", str)
// // line = line + str
// // fmt.Println("str after: ", line)
// // if err != nil {
// // return line, err
// // }
// //
// // if len(str) < 4 {
// // fmt.Println("Uncorrectly terminated response")
// // }else {
// // if str[:4] == closingCode {
// // break
// // }
// // }
// // }
// //}
//
// ftp.ReadAndDiscard()
//
// fmt.Println("receive line: ", line)
// return line, err
//}
//
//func (ftp *FTP) ReadAndDiscard() (int, error) {
// var i int
// bufferSize := ftp.reader.Buffered()
//
// for i = 0; i < bufferSize ; i++ {
// if _, err := ftp.reader.ReadByte(); err != nil {
// return i, err
// }
// }
//
// return i, nil
//}
//
//func (ftp *FTP) send(command string, arguments ...interface{}) error {
//
// command = fmt.Sprintf(command)
// command += "\r\n"
//
// if _, err := ftp.writer.WriteString(command); err != nil {
// return err
// }
//
// if err := ftp.writer.Flush(); err != nil {
// return err
// }
//
// return nil
//}
//
//func (ftp *FTP) cmd(expects string, command string, args ...interface{}) (line string, err error) {
//
// if err = ftp.send(command, args); err != nil {
// return
// }
//
// if line, err = ftp.receive(); err != nil {
// return
// }
//
//
// if !strings.HasPrefix(line, expects) {
// err = errors.New(line)
// return
// }
//
// return
//}
//
//func (ftp *FTP) receiveLine() (string, error) {
// line, err := ftp.reader.ReadString('\n')
//
// log.Printf("< %s", line)
//
// return line, err
//}
//
//func (ftp *FTP) Syst() (line string, err error) {
// if err := ftp.send("SYST"); err != nil {
// return "", err
// }
//
// if line, err = ftp.receive(); err != nil {
// return
// }
//
// if !strings.HasPrefix(line, "215") {
// err = errors.New(line)
// return
// }
//
// return strings.SplitN(strings.TrimSpace(line), " ", 2)[1], nil
//}
//func TestFtp(t *testing.T) {
// var err error
// var ftp *FTP
// //var f *FTPMatcher
//
// if ftp, err = Connect("192.168.1.202:21"); err != nil {
// panic(err)
// }
//
// //f.Match(0, nil,nil)
// ftp.Syst()
// ftp.cmd("503","PASS ")
// ftp.cmd("221","QUIT")
// defer ftp.Close()
//}
func TestMatchFTP(t *testing.T) {
ftm := NewFTPMatcher()
//fmt.Println(ftm)
//fmt.Println(ftm.sendPackets[0])
//log.LoadLogConfig("../../../../../../../../bin/log.xml")
//defer log.Flush()
//port := types.NewPort("21", types.NewHost("192.168.1.202"), types.TYPE_TCP)
info := scaninfo.NewScanInfoImpl("192.168.1.15","21")
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//
//log.Debug(ipport)
client, _ := net.Dial("tcp", "192.168.1.15:21")
defer client.Close()
//reader := bufio.NewReader(client)
//writer := bufio.NewWriter(client)
fmt.Println(ftm.PacketCount())
//fmt.Println(reader.ReadString('\n'))
bytes := make([]byte, 512)
le, _ := client.Read(bytes)
fmt.Println(bytes)
b := ftm.Match(0, matcher.NewPacket(bytes, le), nil)
fmt.Println(b)
for ii := 0; ii < ftm.PacketCount(); ii++ {
pack := ftm.Packet(ii)
fmt.Println(pack)
//writer.WriteString(pack)
client.Write(pack.Buffer)
//fmt.Println(reader.ReadString('\n'))
bytes := make([]byte, 512)
l, _ := client.Read(bytes)
//fmt.Println(bytes)
b := ftm.Match(ii+1, matcher.NewPacket(bytes, l), info)
fmt.Println(b)
}
fmt.Println("Service Name : ", ftm.ServiceName())
}

49
discovery/service/match/http/http_test.go
View File

@ -1,49 +0,0 @@
package http
import (
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
//"git.loafle.net/overflow/overflow_discovery/discovery/discovery/types"
"net"
"testing"
)
func TestHTTPMatcher_Packet(t *testing.T) {
hm := NewHTTPMatcher()
fmt.Println(hm)
fmt.Println(hm.sendPackets[0])
}
func TestHTTPMatcher_Match(t *testing.T) {
fmt.Println("Match")
hm := NewHTTPMatcher()
//port := types.NewPort("80", types.NewHost("192.168.1.103"), types.TYPE_TCP)
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//fmt.Println(ipport)
client, _ := net.Dial("tcp", "192.168.1.15:38980")
defer client.Close()
pack := hm.Packet(0)
//fmt.Println(pack)
//writer.WriteString(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 512)
l, _ := client.Read(bytes)
//fmt.Println(bytes)
hm.Match(0, matcher.NewPacket(bytes, l), nil)
}

55
discovery/service/match/http/https_test.go
View File

@ -1,55 +0,0 @@
package http
import (
"crypto/tls"
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"log"
"net"
"testing"
"time"
)
func TestHTTPSMatcher_Match(t *testing.T) {
netinfo := "192.168.1.10:10443"
dialer := &net.Dialer{
Timeout: 5 * time.Second,
}
conn, err := tls.DialWithDialer(
dialer,
"tcp",
netinfo,
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.103",
},
)
if err != nil {
log.Println(err)
return
}
defer conn.Close()
//fmt.Println(conn)
h := NewHTTPMatcher()
pac := h.Packet(0)
//fmt.Println(pac)
//fmt.Println(pac.Buffer)
//bytes := make([]byte, 1024)
l, _ := conn.Write(pac.Buffer)
buf := make([]byte, 1024)
l, _ = conn.Read(buf)
fmt.Println(string(buf))
fmt.Println(l)
is := h.Match(0, matcher.NewPacket(buf, l), nil)
fmt.Println(is)
}

153
discovery/service/match/imap/imap_test.go
View File

@ -1,153 +0,0 @@
package imap
import (
"crypto/tls"
"fmt"
//"git.loafle.net/overflow/overflow_discovery/collector/core/scan/port"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
//"git.loafle.net/overflow/overflow_discovery/collector/core/scan/service/matcher/scaninfo"
//"git.loafle.net/overflow/overflow_discovery/collector/discovery/types"
"net"
"testing"
)
func ImapRun(client net.Conn, t *testing.T) {
lm := NewIMAPMatcher()
//port := types.NewPort("143", types.NewHost("192.168.1.215"), types.TYPE_TCP)
//
//scanInfo := types.NewServiceScanInfo(port)
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//
//fmt.Println(ipport)
//client, _ := net.Dial("tcp", ipport)
//defer client.Close()
bytett := make([]byte, 1024)
rr, _ := client.Read(bytett)
bb := lm.Match(0, matcher.NewPacket(bytett, rr), nil)
if bb {
t.Log("good!")
}
fmt.Println(lm.PacketCount())
for ii := 0; ii < lm.PacketCount(); ii++ {
pack := lm.Packet(ii)
//fmt.Println(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 1024)
read, _ := client.Read(bytes)
fmt.Println(cap(bytes))
//fmt.Println(bytes)
b := lm.Match(ii+1, matcher.NewPacket(bytes, read), nil)
if b {
t.Log("send Good!")
}
}
}
func TestIMapTls(t *testing.T) {
conn, _ := tls.Dial(
"tcp",
"192.168.1.15:993",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.15",
},
)
defer conn.Close()
ImapRun(conn, t)
}
func TestIMapNormal(t *testing.T) {
client, err := net.Dial("tcp", "192.168.1.15:143")
if err != nil {
t.Fatal(err)
}
defer client.Close()
ImapRun(client, t)
}
func TestImap(t *testing.T) {
lm := NewIMAPMatcher()
//port := types.NewPort("143", types.NewHost("192.168.1.215"), types.TYPE_TCP)
//scanInfo := scaninfo.NewServiceScanInfo(port)
var ipport string
//ipport = port.Host.Ip + ":" + port.Port_
fmt.Println(ipport)
client, _ := net.Dial("tcp", ipport)
defer client.Close()
bytett := make([]byte, 1024)
rr, _ := client.Read(bytett)
//bb := lm.Match(0, matcher.NewPacket(bytett, rr), scanInfo)
bb := lm.Match(0, matcher.NewPacket(bytett, rr), nil)
if bb {
t.Log("good!")
}
fmt.Println(lm.PacketCount())
for ii := 0; ii < lm.PacketCount(); ii++ {
pack := lm.Packet(ii)
//fmt.Println(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 1024)
read, _ := client.Read(bytes)
fmt.Println(cap(bytes))
//fmt.Println(bytes)
b := lm.Match(ii+1, matcher.NewPacket(bytes, read), nil)
if b {
t.Log("send Good!")
}
}
//t.Log(scanInfo)
}

54
discovery/service/match/mongodb/mongodb_test.go
View File

@ -1,54 +0,0 @@
package mongodb
import (
"crypto/tls"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestMongoNor(t *testing.T) {
conn, _ := net.Dial("tcp", "192.168.1.16:37017")
defer conn.Close()
MongoRun(conn, t)
}
func TestMongoTLS(t *testing.T) {
conn, _ := tls.Dial(
"tcp",
"192.168.1.16:47017",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.16",
},
)
defer conn.Close()
MongoRun(conn, t)
}
func MongoRun(conn net.Conn, t *testing.T) {
m := NewMongoDBMatcher()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("MongoDB found")
return
}
t.Error("MongoDB not found")
}
}

63
discovery/service/match/mssql/mssql_test.go
View File

@ -1,63 +0,0 @@
package mssql
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
/*
192.168.1.106:1433 - normal
192.168.1.103:1433 - ssl
*/
func TestSqlNor(t *testing.T) {
conn, _ := net.Dial("tcp", "192.168.1.16:11433")
defer conn.Close()
sqlServerRun(conn, t)
}
//func TestSqlTLS(t *testing.T) {
// conn, err := tls.Dial(
// "tcp",
// "192.168.1.103:7680",
// &tls.Config{
// InsecureSkipVerify: true,
// ServerName: "192.168.1.103",
// },
// )
//
// if err != nil {
// t.Log(err)
// return
// }
//
// defer conn.Close()
//
// sqlServerRun(conn, t)
//}
func sqlServerRun(conn net.Conn, t *testing.T) {
m := NewMSSqlMatcher()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log(m.ServiceName())
return
}
t.Error("MSSQL not found")
}
}

71
discovery/service/match/mysql/mysql_test.go
View File

@ -1,71 +0,0 @@
package mysql
import (
"crypto/tls"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestMySql(t *testing.T) {
m := NewMySqlMatcher()
/*
192.168.1.103:3306 - normal
192.168.1.105:8306 - ssl
192.168.1.203:3306 - mysql with error code
*/
conn, _ := net.Dial("tcp", "192.168.1.15:33068")
defer conn.Close()
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(0, p, nil) {
t.Log(m.ServiceName())
return
}
t.Error("MySQL not found")
}
func TestCassandraTLS(t *testing.T) {
m := NewMySqlMatcher()
conn, err := tls.Dial(
"tcp",
"192.168.1.105:8306",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.105",
},
)
if err != nil {
t.Fatal(err)
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log(m.ServiceName())
return
}
t.Error("MySQL not found")
}
}

34
discovery/service/match/netbios/netbios_test.go
View File

@ -1,34 +0,0 @@
package netbios
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestNBSS(t *testing.T) {
m := NewNetBiosMatcher()
conn, _ := net.Dial("tcp", "192.168.1.106:139")
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("NBSS found")
return
}
t.Error("NBSS not found")
}
}

53
discovery/service/match/oracle/oracle_test.go
View File

@ -1,53 +0,0 @@
package oracle
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestOracle(t *testing.T) {
lm := NewOracleMatcher()
//port := types.NewPort("1521", types.NewHost("192.168.1.30"), types.TYPE_TCP)
//scanInfo := scaninfo.NewServiceScanInfo(port)
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
client, _ := net.Dial("tcp", "192.168.1.15:1521")
defer client.Close()
t.Log(lm.PacketCount())
for ii := 0; ii < lm.PacketCount(); ii++ {
pack := lm.Packet(ii)
t.Log(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 1024)
read, _ := client.Read(bytes)
t.Log(bytes)
b := lm.Match(ii, matcher.NewPacket(bytes, read), nil)
if b {
t.Log("Good")
}
}
}

70
discovery/service/match/pgsql/pgsql_test.go
View File

@ -1,70 +0,0 @@
package pgsql
import (
"crypto/tls"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestPG(t *testing.T) {
m := NewPostgreSQLMatcher()
conn, err := net.Dial("tcp", "192.168.1.106:5432") //107
if err != nil {
t.Error(err)
return
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("PostgreSQL found")
return
}
t.Error("PostgreSQL not found")
}
}
func TestSqlTLS(t *testing.T) {
conn, err := tls.Dial(
"tcp",
"192.168.1.107:5432",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.107",
},
)
if err != nil {
t.Error(err)
return
}
defer conn.Close()
m := NewPostgreSQLMatcher()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("PostgreSQL found")
return
}
t.Error("PostgreSQL not found")
}
}

86
discovery/service/match/pop/pop_test.go
View File

@ -1,86 +0,0 @@
package pop
import (
"crypto/tls"
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestPopTLS(t *testing.T) {
conn, _ := tls.Dial(
"tcp",
"192.168.1.15:995",
&tls.Config{
InsecureSkipVerify: true,
ServerName: "192.168.1.15",
},
)
defer conn.Close()
pop3Run(conn, t)
}
func TestPopNor(t *testing.T) {
client, _ := net.Dial("tcp", "192.168.1.15:110")
defer client.Close()
pop3Run(client, t)
}
func pop3Run(client net.Conn, t *testing.T) {
lm := NewPOPMatcher()
//port := types.NewPort("110", types.NewHost("192.168.1.215"), types.TYPE_TCP)
//scanInfo := scaninfo.NewServiceScanInfo(port)
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//
//fmt.Println(ipport)
bytett := make([]byte, 1024)
read, _ := client.Read(bytett)
bb := lm.Match(0, matcher.NewPacket(bytett, read), nil)
if bb {
t.Log("good!")
}
fmt.Println(lm.PacketCount())
for ii := 0; ii < lm.PacketCount(); ii++ {
pack := lm.Packet(ii)
//fmt.Println(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 1024)
rr, _ := client.Read(bytes)
//fmt.Println(bytes)
b := lm.Match(ii+1, matcher.NewPacket(bytes, rr), nil)
if b {
t.Log("send Good!")
}
}
}

33
discovery/service/match/redis/redisProtected_test.go
View File

@ -1,33 +0,0 @@
package redis
//import (
// "git.loafle.net/overflow/overflow_discovery/collector/core/scan/service/matcher/packet"
// "net"
// "testing"
//)
//
//func TestRedisProtected(t *testing.T) {
//
// m := NewRedisProtectedMatcher()
//
// conn, err := net.Dial("tcp", "192.168.1.215:8379")
//
// if err != nil {
// t.Log(err)
// return
// }
//
// defer conn.Close()
//
// bytes := make([]byte, 1024)
// n, _ := conn.Read(bytes)
//
// //fmt.Println(string(bytes[:n]))
//
// b := m.Match(0, matcher.NewPacket(bytes, n), nil)
//
// if b {
// t.Log("good!")
// }
//
//}

37
discovery/service/match/redis/redis_test.go
View File

@ -1,37 +0,0 @@
package redis
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
const (
ADDR string = "192.168.1.16:26379"
)
func TestRedisMatcher(t *testing.T) {
m := NewRedisMatcher()
conn, _ := net.Dial("tcp", ADDR)
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("Redis found.")
return
}
t.Error("Redis not found")
}
}

52
discovery/service/match/rmi/rmi_test.go
View File

@ -1,52 +0,0 @@
package rmi
import (
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
//"git.loafle.net/overflow/overflow_discovery/discovery/discovery/types"
"net"
"testing"
)
func TestNew(t *testing.T) {
r := NewRMIMatcher()
fmt.Println("TestNew: ", r)
}
func TestRMIMatcher_Match(t *testing.T) {
fmt.Println("Match")
hm := NewRMIMatcher()
//port := types.NewPort("9840", types.NewHost("192.168.1.101"), types.TYPE_TCP)
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//fmt.Println(ipport)
client, err := net.Dial("tcp", "192.168.1.101:9840")
if err != nil {
t.Fatal(err)
}
defer client.Close()
pack := hm.Packet(0)
fmt.Println(pack.Buffer)
//writer.WriteString(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 512)
l, _ := client.Read(bytes)
//fmt.Println(bytes)
t1 := hm.Match(0, matcher.NewPacket(bytes, l), nil)
fmt.Println(t1)
}

42
discovery/service/match/smb/smb_test.go
View File

@ -1,42 +0,0 @@
package smb
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
const (
ADDR string = "192.168.1.106:445"
)
func TestSMBMatcher(t *testing.T) {
m := NewSMBMatcher()
conn, err := net.Dial("tcp", ADDR)
if err != nil {
t.Fatal(err)
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("SMB found.")
return
}
t.Error("SMB not found")
}
}

37
discovery/service/match/snmp/snmpv2_test.go
View File

@ -1,37 +0,0 @@
package snmp
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestSNMP2(t *testing.T) {
m := NewSNMPv2Matcher()
conn, err := net.Dial("udp", "192.168.1.15:161")
if err != nil {
t.Error(err)
return
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("SNMP found")
return
}
t.Error("SNMP not found")
}
}

37
discovery/service/match/snmp/snmpv3_test.go
View File

@ -1,37 +0,0 @@
package snmp
import (
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestSNMP3(t *testing.T) {
m := NewSNMPv3Matcher()
conn, err := net.Dial("udp", "192.168.1.15:161")
if err != nil {
t.Error(err)
return
}
defer conn.Close()
for i := 0; i < m.PacketCount(); i++ {
pack := m.Packet(i)
conn.Write(pack.Buffer)
bytes := make([]byte, 1024)
n, _ := conn.Read(bytes)
p := matcher.NewPacket(bytes, n)
if m.Match(i, p, nil) {
t.Log("SNMP found")
return
}
t.Error("SNMP not found")
}
}

35
discovery/service/match/ssh/ssh_test.go
View File

@ -1,35 +0,0 @@
package ssh
import (
"fmt"
//"git.loafle.net/overflow/overflow_discovery/match/ssh"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
//"git.loafle.net/overflow/overflow_discovery/collector/discovery/types"
"net"
"testing"
)
func TestSSHMatcher_Match(t *testing.T) {
//port := types.NewPort("22", types.NewHost("192.168.1.103"), types.TYPE_TCP)
//ssh := NewSSHMatcher()
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
client, _ := net.Dial("tcp", "192.168.1.10:22")
defer client.Close()
bytes := make([]byte, 512)
l, _ := client.Read(bytes)
fmt.Println(bytes)
b := NewSSHMatcher().Match(0, matcher.NewPacket(bytes, l), nil)
fmt.Println(b)
}

33
discovery/service/match/telnet/telnet_test.go
View File

@ -1,33 +0,0 @@
package telnet
import (
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
"net"
"testing"
)
func TestTelnetMatcher_Match(t *testing.T) {
//port := types.NewPort("23", types.NewHost("192.168.1.210"), types.TYPE_TCP)
//telnet := NewTelnetMatcher()
//
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
client, _ := net.Dial("tcp", "192.168.1.105:23")
defer client.Close()
bytes := make([]byte, 512)
l, _ := client.Read(bytes)
fmt.Println("length :", l)
fmt.Println(bytes)
b := NewTelnetMatcher().Match(0, matcher.NewPacket(bytes, l), nil)
fmt.Println(b)
}

51
discovery/service/match/wmi/wmi_test.go
View File

@ -1,51 +0,0 @@
package wmi
import (
"fmt"
"git.loafle.net/overflow/overflow_discovery/service/matcher"
//"git.loafle.net/overflow/overflow_discovery/collector/discovery/scan/matcher/scaninfo"
//"git.loafle.net/overflow/overflow_discovery/collector/discovery/types"
"net"
"testing"
)
func TestWMI(t *testing.T) {
lm := NewWMIMatcher()
//port := types.NewPort("135", types.NewHost("192.168.1.1"), types.TYPE_TCP)
//scanInfo := scaninfo.NewServiceScanInfo(port)
//var ipport string
//ipport = port.Host.Ip + ":" + string(port.Port)
//fmt.Println(ipport)
client, _ := net.Dial("tcp", "192.168.1.106:135")
defer client.Close()
fmt.Println(lm.PacketCount())
for ii := 0; ii < lm.PacketCount(); ii++ {
pack := lm.Packet(ii)
fmt.Println(pack)
client.Write(pack.Buffer)
bytes := make([]byte, 1024)
read, _ := client.Read(bytes)
//fmt.Println(bytes)
b := lm.Match(ii, matcher.NewPacket(bytes, read), nil)
if b {
fmt.Println("Good")
}
}
}

4
service/matcher/dns/dns.go
View File

@ -109,8 +109,8 @@ func (t *DNSMatcher) Match(info matcher.MatchInfo, index int, packet *matcher.Pa
return true return true
} }
func (t *DNSMatcher) IsSend(info matcher.MatchInfo) bool { func (t *DNSMatcher) IsSend(port int) bool {
if 53 == info.Port() { if 53 == port {
return true return true
} }
return false return false

2
service/matcher/matcher.go
View File

@ -14,7 +14,7 @@ type Matcher interface {
type UDPMatcher interface { type UDPMatcher interface {
Matcher Matcher
IsSend(info MatchInfo) bool IsSend(port int) bool
} }
type Matchers struct { type Matchers struct {

4
service/matcher/snmp/v2/snmpv2.go
View File

@ -118,8 +118,8 @@ func (t *SNMPMatcher) Match(info matcher.MatchInfo, index int, packet *matcher.P
} }
func (t *SNMPMatcher) IsSend(info matcher.MatchInfo) bool { func (t *SNMPMatcher) IsSend(port int) bool {
if info.Port() == 161 { if 161 == port {
return true return true
} }
return false return false

4
service/matcher/snmp/v3/snmpv3.go
View File

@ -130,8 +130,8 @@ func (t *SNMPMatcher) Match(info matcher.MatchInfo, index int, packet *matcher.P
} }
func (t *SNMPMatcher) IsSend(info matcher.MatchInfo) bool { func (t *SNMPMatcher) IsSend(port int) bool {
if info.Port() == 161 { if 161 == port {
return true return true
} }
return false return false

2
service/service.go
View File

@ -94,7 +94,7 @@ func GetUDPMatchers() []matcher.UDPMatcher {
return UDPMatchers return UDPMatchers
} }
func GetMatcherByName(serName string) Matcher { func GetMatcherByName(serName string) matcher.Matcher {
for _, m := range AllMatchers { for _, m := range AllMatchers {
if m.ServiceName() == serName { if m.ServiceName() == serName {
return m return m