-
Notifications
You must be signed in to change notification settings - Fork 50
/
Copy pathscan_mongodb.go
115 lines (98 loc) · 2.24 KB
/
scan_mongodb.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package main
import (
"bufio"
"fmt"
"github.com/MG-RAST/golib/mgo"
"os"
"runtime"
"strings"
"time"
)
// Host Info define
type HostInfo struct {
Host string
Port string
Dbs []string
Is_weak bool
}
// help function
func Usage(cmd string) {
fmt.Println(strings.Repeat("-", 50))
fmt.Println("Redis Scanner by hartnett [email protected]")
fmt.Println("Usage:")
fmt.Printf("%s iplist \n", cmd)
fmt.Println(strings.Repeat("-", 50))
}
// read line from file and Scan
func Prepare(iplist string) (slice_iplist []string) {
iplistFile, _ := os.Open(iplist)
defer iplistFile.Close()
scanner := bufio.NewScanner(iplistFile)
scanner.Split(bufio.ScanLines)
for scanner.Scan() {
slice_iplist = append(slice_iplist, scanner.Text())
}
return slice_iplist
}
// main function
func main() {
runtime.GOMAXPROCS(runtime.NumCPU())
if len(os.Args) != 2 {
Usage(os.Args[0])
} else {
Usage(os.Args[0])
iplist := os.Args[1]
Scan(Prepare(iplist))
}
}
// Connect to mongodb
func TestConnect(host_info HostInfo, chan_host_info chan HostInfo) {
host := host_info.Host
port := host_info.Port
is_weak := host_info.Is_weak
url := fmt.Sprintf("%s:%s", host, port)
session, err := mgo.DialWithTimeout(url, 2*time.Second)
if err == nil {
dbs, err := session.DatabaseNames()
if err == nil {
is_weak = true
host_info.Dbs = dbs
}
}
host_info.Is_weak = is_weak
chan_host_info <- host_info
}
// Scan function
func Scan(slice_iplist []string) {
n := len(slice_iplist)
chan_scan_result := make(chan HostInfo, n)
done := make(chan bool, n)
for _, host_port := range slice_iplist {
// fmt.Printf("Try to connect %s\n", host_port)
t := strings.Split(host_port, ":")
host := t[0]
port := t[1]
host_info := HostInfo{host, port, []string{}, false}
go TestConnect(host_info, chan_scan_result)
for runtime.NumGoroutine() > runtime.NumCPU()*200 {
time.Sleep(10 * time.Microsecond)
}
}
go func() {
for i := 0; i < cap(chan_scan_result); i++ {
select {
case r := <-chan_scan_result:
if r.Is_weak {
fmt.Printf("%s:%s is vulnerability, DBs:%s\n", r.Host, r.Port, r.Dbs)
}
case <-time.After(3 * time.Second):
// fmt.Println("timeout")
break
}
done <- true
}
}()
for i := 0; i < cap(done); i++ {
<-done
}
}