add svn and irc crack 2022-08-07

GhostTroops · Aug 7, 2022 · 53705ce · 53705ce
1 parent d885db2
commit 53705ce
Show file tree

Hide file tree

Showing 7 changed files with 61 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -38,7 +38,7 @@
   * Snmp
   * Wap-wsp (Elasticsearch)
   * RouterOs
-  * HTTP BasicAuth
+  * HTTP BasicAuth, contains SVN（Apache Subversion） crack
   * Weblogic, enable nuclei through enableNuclei=true at the same time, support T3, IIOP and other detection
   * Tomcat
   * Jboss

diff --git a/README_CN.md b/README_CN.md
@@ -38,7 +38,7 @@ Vulnerabilities Scan；15000+PoC漏洞扫描；[ 23 ] 种应用弱口令爆破
   * Snmp
   * Wap-wsp（Elasticsearch）
   * RouterOs
-  * HTTP BasicAuth
+  * HTTP BasicAuth, contains SVN（Apache Subversion） crack
   * Weblogic，同时通过 enableNuclei=true 开启nuclei，支持T3、IIOP等检测
   * Tomcat
   * Jboss

diff --git a/go.mod b/go.mod
@@ -131,6 +131,7 @@ require (
 	golang.org/x/time v0.0.0-20220411224347-583f2d630306
 	google.golang.org/genproto v0.0.0-20220602131408-e326c6e8e9c8
 	google.golang.org/protobuf v1.28.0
+	gopkg.in/irc.v3 v3.1.4
 	gorm.io/driver/sqlite v1.3.6
 	gorm.io/gorm v1.23.8
 )

diff --git a/go.sum b/go.sum
@@ -1358,6 +1358,8 @@ gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/ini.v1 v1.66.4 h1:SsAcf+mM7mRZo2nJNGt8mZCjG8ZRaNGMURJw7BsIST4=
 gopkg.in/ini.v1 v1.66.4/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/irc.v3 v3.1.4 h1:DYGMRFbtseXEh+NadmMUFzMraqyuUj4I3iWYFEzDZPc=
+gopkg.in/irc.v3 v3.1.4/go.mod h1:shO2gz8+PVeS+4E6GAny88Z0YVVQSxQghdrMVGQsR9s=
 gopkg.in/src-d/go-billy.v4 v4.3.0/go.mod h1:tm33zBoOwxjYHZIE+OV8bxTWFMJLrconzFMd38aARFk=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=

diff --git a/pkg/hydra/irc/checkIRC.go b/pkg/hydra/irc/checkIRC.go
@@ -0,0 +1,36 @@
+package irc
+
+import (
+	"fmt"
+	"gopkg.in/irc.v3"
+	"net"
+)
+
+func Check(Host, Username, Password string, Port int) (bool, error) {
+	conn, err := net.Dial("tcp", fmt.Sprintf("%s:%d", Host, Port))
+	bRst := false
+	if err != nil {
+		return bRst, err
+	}
+
+	config := irc.ClientConfig{
+		Nick: Username,
+		Pass: Password,
+		User: Username,
+		Name: Username,
+		Handler: irc.HandlerFunc(func(c *irc.Client, m *irc.Message) {
+			if m.Command == "001" { // 001 is a welcome event, so we join channels there
+				bRst = true
+			} else if m.Command == "PRIVMSG" && c.FromChannel(m) {
+				bRst = false
+			}
+		}),
+	}
+	// Create the client
+	client := irc.NewClient(conn, config)
+	err = client.Run()
+	if err == nil {
+		return true, nil
+	}
+	return bRst, err
+}
diff --git a/pkg/hydra/svn/checksvn.go b/pkg/hydra/svn/checksvn.go
@@ -0,0 +1,17 @@
+package svn
+
+import (
+	"fmt"
+	"github.com/hktalent/scan4all/lib/util"
+)
+
+func Check(Host, Username, Password string, Port int) (bool, error) {
+	szUlr := fmt.Sprintf("https://%s:%s@%s:%d", Username, Password, Host, Port)
+	util.PocCheck_pipe <- &util.PocCheck{
+		Wappalyzertechnologies: &[]string{"basic"},
+		URL:                    szUlr,
+		FinalURL:               szUlr,
+		Checklog4j:             false,
+	}
+	return false, nil
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
@@ -1347,6 +1347,9 @@ gopkg.in/corvus-ch/zbase32.v1
 # gopkg.in/ini.v1 v1.66.4
 ## explicit
 gopkg.in/ini.v1
+# gopkg.in/irc.v3 v3.1.4
+## explicit; go 1.13
+gopkg.in/irc.v3
 # gopkg.in/yaml.v2 v2.4.0
 ## explicit; go 1.15
 gopkg.in/yaml.v2