add pop3 2022-08-02

GhostTroops · Aug 2, 2022 · 34a4f07 · 34a4f07
1 parent 1aca113
commit 34a4f07
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 3 deletions.
diff --git a/pkg/hydra/cracker.go b/pkg/hydra/cracker.go
@@ -8,6 +8,7 @@ import (
 	"github.com/hktalent/scan4all/pkg/hydra/mssql"
 	"github.com/hktalent/scan4all/pkg/hydra/mysql"
 	"github.com/hktalent/scan4all/pkg/hydra/oracle"
+	"github.com/hktalent/scan4all/pkg/hydra/pop3"
 	"github.com/hktalent/scan4all/pkg/hydra/postgresql"
 	"github.com/hktalent/scan4all/pkg/hydra/rdp"
 	"github.com/hktalent/scan4all/pkg/hydra/redis"
@@ -111,6 +112,15 @@ func mysqlCracker(i interface{}) interface{} {
 	return nil
 }
 
+func pop3Cracker(i interface{}) interface{} {
+	info := i.(AuthInfo)
+	info.Auth.MakePassword()
+	if ok := pop3.DoPop3(info.IPAddr, info.Auth.Username, info.Auth.Password); ok {
+		info.Status = true
+		return info
+	}
+	return nil
+}
 func mssqlCracker(i interface{}) interface{} {
 	info := i.(AuthInfo)
 	info.Auth.MakePassword()

diff --git a/pkg/hydra/doNmapResult.go b/pkg/hydra/doNmapResult.go
@@ -102,8 +102,9 @@ func DoParseXml(s string, bf *bytes.Buffer) {
 						}
 					}
 				}
-
-				if bCheckWeakPassword && "8728" == szPort && service == "unknown" {
+				if bCheckWeakPassword && "110" == szPort && service == "pop3" {
+					CheckWeakPassword(ip, service, port)
+				} else if bCheckWeakPassword && "8728" == szPort && service == "unknown" {
 					CheckWeakPassword(ip, "router", port)
 				} else if bCheckWeakPassword && ("5985" == szPort || "5986" == szPort) && -1 < strings.Index(service, "microsoft ") {
 					CheckWeakPassword(ip, "winrm", port)

diff --git a/pkg/hydra/hydra.go b/pkg/hydra/hydra.go
@@ -22,7 +22,7 @@ var (
 	CustomAuthMap  *AuthList
 	// rtsp://admin:[email protected]:554/0x8b6c42
 	// rtsp: 554, 5554,8554
-	ProtocolList = strings.Split("rdp,ssh,rsh-spx,mysql,mssql,oracle,postgresql,redis,ftp,mongodb,mongod,smb,telnet,snmp,wap-wsp,router,winrm", ",")
+	ProtocolList = strings.Split("rdp,ssh,rsh-spx,mysql,mssql,oracle,postgresql,redis,ftp,mongodb,mongod,smb,telnet,snmp,wap-wsp,router,winrm,pop3", ",")
 )
 
 func NewCracker(info *AuthInfo, isAuthUpdate bool, threads int) *Cracker {
@@ -67,6 +67,8 @@ func (c *Cracker) Run() {
 		c.Pool.Function = rdpCracker(ip, port)
 	case "mysql":
 		c.Pool.Function = mysqlCracker
+	case "pop3":
+		c.Pool.Function = pop3Cracker
 	case "mssql":
 		c.Pool.Function = mssqlCracker
 	case "oracle":

diff --git a/pkg/hydra/loadDicts.go b/pkg/hydra/loadDicts.go
@@ -143,6 +143,7 @@ func init() {
 			Paswd:     util.GetVal4File("ssh_pswd", pswd),
 			DefaultUp: util.GetVal4Filedefault("ssh_default", ssh_default),
 		}
+		md["pop3"] = md["ssh"]
 		md["rsh-spx"] = md["ssh"]
 		md["snmp"] = &PPDict{
 			Username:  util.GetVal4File("snmp_user", snmp_user),