(ctx context.Context, info *common.HostInfo, session *common.ScanSession)
| 37 | } |
| 38 | |
| 39 | func (p *MySQLPlugin) Scan(ctx context.Context, info *common.HostInfo, session *common.ScanSession) *ScanResult { |
| 40 | config := session.Config |
| 41 | state := session.State |
| 42 | if config.DisableBrute { |
| 43 | return p.identifyService(ctx, info, session) |
| 44 | } |
| 45 | |
| 46 | credentials := GenerateCredentials("mysql", config) |
| 47 | if len(credentials) == 0 { |
| 48 | return &ScanResult{ |
| 49 | Success: false, |
| 50 | Service: "mysql", |
| 51 | Error: fmt.Errorf("没有可用的测试凭据"), |
| 52 | } |
| 53 | } |
| 54 | |
| 55 | target := info.Target() |
| 56 | |
| 57 | // 使用公共框架进行并发凭据测试 |
| 58 | authFn := p.createAuthFunc(info, config, state) |
| 59 | testConfig := DefaultConcurrentTestConfigWithTarget(config, info) |
| 60 | |
| 61 | result := TestCredentialsConcurrently(ctx, credentials, authFn, "mysql", testConfig) |
| 62 | |
| 63 | if result.Success { |
| 64 | common.LogVuln(i18n.Tr("mysql_credential", target, result.Username, result.Password)) |
| 65 | } |
| 66 | |
| 67 | return result |
| 68 | } |
| 69 | |
| 70 | // createAuthFunc 创建MySQL认证函数 |
| 71 | func (p *MySQLPlugin) createAuthFunc(info *common.HostInfo, config *common.Config, state *common.State) AuthFunc { |
nothing calls this directly
no test coverage detected