From 22a359c790145f77fe62b57d3b2a84e4051d5280 Mon Sep 17 00:00:00 2001 From: zhangkaibin0921 <82947463+zhangkaibin0921@users.noreply.github.com> Date: Sat, 4 Nov 2023 15:40:26 +0800 Subject: [PATCH 1/3] Update rtsp.go MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 会出现有的banner中不存在server字段,但仍然是rtsp的情况。将cseq字段的判断删除。 可使用186.3.215.148:554进行测试 --- pkg/plugins/services/rtsp/rtsp.go | 25 +++++-------------------- 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/pkg/plugins/services/rtsp/rtsp.go b/pkg/plugins/services/rtsp/rtsp.go index 24945b8..d0607e9 100644 --- a/pkg/plugins/services/rtsp/rtsp.go +++ b/pkg/plugins/services/rtsp/rtsp.go @@ -83,28 +83,13 @@ func (p *RTSPPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Ta return nil, nil } if string(response[:RtspMagicHeaderLength]) == RtspMagicHeader { - cseqStart := strings.Index(response, RtspCseqHeader) - if cseqStart == -1 { - return nil, nil - } - - cseqValueStart := cseqStart + RtspCseqHeaderLength - if response[cseqValueStart:cseqValueStart+len(cseq)+RtspNewlineLength] != cseq+"\r\n" { - return nil, nil - } - + var serverinfo string serverStart := strings.Index(response, RtspServerHeader) - if serverStart == -1 { - return nil, nil + if serverStart != -1 { + serverValueStart := serverStart + RtspServerHeaderLength + serverValueEnd := strings.Index(response[serverValueStart:], "\r\n") + serverinfo = response[serverValueStart+2 : serverValueStart+serverValueEnd] } - - serverValueStart := serverStart + RtspServerHeaderLength - serverValueEnd := strings.Index(response[serverValueStart:], "\r\n") - if serverValueStart+serverValueEnd >= len(response) { - return nil, nil - } - - serverinfo := response[serverValueStart : serverValueStart+serverValueEnd] payload := plugins.ServiceRtsp{ ServerInfo: serverinfo, } From 85c1ffb938bbf4493687e25c48f7b1dd8473d4a6 Mon Sep 17 00:00:00 2001 From: zhangkaibin0921 <82947463+zhangkaibin0921@users.noreply.github.com> Date: Sat, 4 Nov 2023 16:49:31 +0800 Subject: [PATCH 2/3] =?UTF-8?q?Update=20snmp.go(=E6=8F=90=E5=8F=96?= =?UTF-8?q?=E5=87=BA=E6=9D=A5=E7=9A=84Server=E6=9C=89=E9=97=AE=E9=A2=98)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 例如181.10.29.129:161 提取出来的Server有问题 \x06\x01\x02\x01\x01\x01\x00\x04\x82\x00\xa1VRP Comware Platform Software, Software Version 5.20, Release 5303\r\nQuidway S3528P-EA\r\nCopyright (c) 1998-2008 Huawei Techno --- pkg/plugins/services/snmp/snmp.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/pkg/plugins/services/snmp/snmp.go b/pkg/plugins/services/snmp/snmp.go index 90753a4..251c87c 100644 --- a/pkg/plugins/services/snmp/snmp.go +++ b/pkg/plugins/services/snmp/snmp.go @@ -64,8 +64,20 @@ func (f *SNMPPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Ta stringBegin := idx + InfoOffset if bytes.Contains(response, RequestID) { if stringBegin < len(response) { + stringEnd := len(response) + if bytes.Contains(response, []byte("\r\n")) { + stringEnd = bytes.Index(response, []byte("\r\n")) + } + + for i, c := range response[stringBegin:stringEnd] { + if c > 32 && c < 127 { // 判断字符是否可见 + stringBegin = stringBegin + i + break + } + } + print(string(response[stringBegin:stringEnd])) return plugins.CreateServiceFrom(target, plugins.ServiceSNMP{}, false, - string(response[stringBegin:]), plugins.UDP), nil + string(response[stringBegin:stringEnd]), plugins.UDP), nil } return plugins.CreateServiceFrom(target, plugins.ServiceSNMP{}, false, "", plugins.UDP), nil } From d4e78d0e176a94e4e34b7ac2e6d669f69ad275e7 Mon Sep 17 00:00:00 2001 From: zhangkaibin0921 <82947463+zhangkaibin0921@users.noreply.github.com> Date: Sat, 4 Nov 2023 16:58:36 +0800 Subject: [PATCH 3/3] =?UTF-8?q?Update=20snmp.go(=E6=8F=90=E5=8F=96?= =?UTF-8?q?=E7=9A=84server=E4=BF=A1=E6=81=AF=E6=9C=89=E9=97=AE=E9=A2=98)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1、处理Linux FRR-CORE 5.14.0-70.13.1.el9_0.x86_64 #1 SMP PREEMPT Tue May 17 15:53:11 EDT 2022 x86_64:161情况 2、处理\x06\x01\x02\x01\x01\x01\x00\x04\x82\x00\xa1VRP Comware Platform Software, Software Version 5.20, Release 5303\r\nQuidway S3528P-EA\r\nCopyright (c) 1998-2008 Huawei Techno情况 --- pkg/plugins/services/snmp/snmp.go | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/pkg/plugins/services/snmp/snmp.go b/pkg/plugins/services/snmp/snmp.go index 251c87c..1326da4 100644 --- a/pkg/plugins/services/snmp/snmp.go +++ b/pkg/plugins/services/snmp/snmp.go @@ -68,16 +68,20 @@ func (f *SNMPPlugin) Run(conn net.Conn, timeout time.Duration, target plugins.Ta if bytes.Contains(response, []byte("\r\n")) { stringEnd = bytes.Index(response, []byte("\r\n")) } - + //处理\x06\x01\x02\x01\x01\x01\x00\x04\x82\x00\xa1VRP Comware Platform Software, Software Version 5.20, Release 5303\r\nQuidway S3528P-EA\r\nCopyright (c) 1998-2008 Huawei Techno情况 for i, c := range response[stringBegin:stringEnd] { if c > 32 && c < 127 { // 判断字符是否可见 stringBegin = stringBegin + i break } } - print(string(response[stringBegin:stringEnd])) + //处理Linux FRR-CORE 5.14.0-70.13.1.el9_0.x86_64 #1 SMP PREEMPT Tue May 17 15:53:11 EDT 2022 x86_64:161情况 + serverInfo := string(response[stringBegin:stringEnd]) + if strings.Contains(serverInfo, "#") { + serverInfo = strings.Split(serverInfo, "#")[0] + } return plugins.CreateServiceFrom(target, plugins.ServiceSNMP{}, false, - string(response[stringBegin:stringEnd]), plugins.UDP), nil + serverInfo, plugins.UDP), nil } return plugins.CreateServiceFrom(target, plugins.ServiceSNMP{}, false, "", plugins.UDP), nil }