| skipped 8 lines |
9 | 9 | | "github.com/zan8in/afrog/pkg/utils" |
10 | 10 | | ) |
11 | 11 | | |
12 | | - | var redisAuthName = "redis-unauth" |
| 12 | + | var ( |
| 13 | + | redisPort = "6379" |
| 14 | + | redisUnAuthName = "redis-unauth" |
| 15 | + | ) |
13 | 16 | | |
14 | | - | func redisAuth(args *GoPocArgs) (Result, error) { |
15 | | - | // init pocinfo & result |
| 17 | + | func redisUnAuth(args *GoPocArgs) (Result, error) { |
16 | 18 | | poc := poc.Poc{ |
17 | | - | Id: redisAuthName, |
| 19 | + | Id: redisUnAuthName, |
18 | 20 | | Info: poc.Info{ |
19 | 21 | | Name: "Redis 未授权访问", |
20 | 22 | | Author: "zan8in", |
| skipped 28 lines |
49 | 51 | | } |
50 | 52 | | } |
51 | 53 | | |
52 | | - | addr := args.Host + ":6379" |
| 54 | + | addr := args.Host + ":" + redisPort |
53 | 55 | | payload := []byte("*1\r\n$4\r\ninfo\r\n") |
54 | 56 | | |
55 | 57 | | resp, err := utils.Tcp(addr, payload) |
| skipped 3 lines |
59 | 61 | | |
60 | 62 | | if bytes.Contains(resp, []byte("redis_version")) { |
61 | 63 | | result.IsVul = true |
62 | | - | url := proto.UrlType{Host: args.Host, Port: "6379"} |
| 64 | + | url := proto.UrlType{Host: args.Host, Port: redisPort} |
63 | 65 | | result.SetAllPocResult(true, &url, payload, resp) |
64 | 66 | | return result, nil |
65 | 67 | | } |
| skipped 2 lines |
68 | 70 | | } |
69 | 71 | | |
70 | 72 | | func init() { |
71 | | - | GoPocRegister(redisAuthName, redisAuth) |
| 73 | + | GoPocRegister(redisUnAuthName, redisUnAuth) |
72 | 74 | | } |
73 | 75 | | |