[fix] 添加客户端渗透服务端

2025-06-16 18:35:05 +08:00 · 2024-09-18 22:03:31 +08:00
parent 2166a1eee6
commit 138752e56d
20 changed files with 689 additions and 104 deletions
--- a/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/advanced/ServerHandleReportClientTransferServerPermeateChannelConnectionSuccessfulTypeAdvanced.java
+++ b/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/advanced/ServerHandleReportClientTransferServerPermeateChannelConnectionSuccessfulTypeAdvanced.java
@ -0,0 +1,36 @@
+package org.framework.lazy.cloud.network.heartbeat.server.netty.advanced;
+
+import io.netty.channel.Channel;
+import org.framework.lazy.cloud.network.heartbeat.common.NettyProxyMsg;
+import org.framework.lazy.cloud.network.heartbeat.common.advanced.server.AbstractHandleReportClientTransferServerPermeateChannelConnectionSuccessfulTypeAdvanced;
+import org.framework.lazy.cloud.network.heartbeat.server.netty.socket.NettyClientPermeateServerConnectRealSocket;
+import org.springframework.stereotype.Component;
+
+/**
+ * 上报客户端通信通道连接成功
+ */
+@Component
+public class ServerHandleReportClientTransferServerPermeateChannelConnectionSuccessfulTypeAdvanced extends AbstractHandleReportClientTransferServerPermeateChannelConnectionSuccessfulTypeAdvanced<NettyProxyMsg> {
+    /**
+     * 处理当前数据
+     *
+     * @param channel       当前通道
+     * @param nettyProxyMsg 通道数据
+     */
+    @Override
+    protected void doHandler(Channel channel, NettyProxyMsg nettyProxyMsg) {
+        // 创建目标地址连接
+        byte[] msgVisitorId = nettyProxyMsg.getVisitorId();
+        byte[] msgVisitorPort = nettyProxyMsg.getVisitorPort();
+        byte[] msgClientTargetIp = nettyProxyMsg.getClientTargetIp();
+        byte[] msgClientTargetPort = nettyProxyMsg.getClientTargetPort();
+        NettyClientPermeateServerConnectRealSocket.buildNewRealServer(new String(msgVisitorId),
+                Integer.parseInt(new String(msgVisitorPort)),
+                new String(msgClientTargetIp),
+                Integer.parseInt(new String(msgClientTargetPort)),
+                channel
+        );
+
+
+    }
+}
--- a/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/handler/PermeateVisitorHandler.java
+++ b/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/handler/PermeateVisitorHandler.java
@ -12,7 +12,7 @@ import org.framework.lazy.cloud.network.heartbeat.common.adapter.ChannelFlowAdap
 import org.framework.lazy.cloud.network.heartbeat.common.enums.ChannelFlowEnum;
 import org.framework.lazy.cloud.network.heartbeat.common.utils.ChannelAttributeKeyUtils;
 import org.framework.lazy.cloud.network.heartbeat.server.netty.flow.ServerChannelFlow;
-import org.framework.lazy.cloud.network.heartbeat.server.netty.socket.NettyPermeateClientRealSocket;
+import org.framework.lazy.cloud.network.heartbeat.server.netty.socket.NettyServerPermeateServerConnectRealSocket;

 import java.util.UUID;

@ -44,7 +44,7 @@ public class PermeateVisitorHandler extends SimpleChannelInboundHandler<ByteBuf>

        log.info("开始准备绑定渗透真实通道: {}", internalNetworkPermeateRealServer.getVisitorPort());
        // 创建这是客户端通道池
-        NettyPermeateClientRealSocket.buildRealServer(internalNetworkPermeateRealServer, visitorChannel, visitorId);
+        NettyServerPermeateServerConnectRealSocket.buildRealServer(internalNetworkPermeateRealServer, visitorChannel, visitorId);

        log.info("内网渗透 服务端访客端口连接成功了");

--- a/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/socket/NettyClientPermeateServerConnectRealSocket.java
+++ b/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/socket/NettyClientPermeateServerConnectRealSocket.java
@ -0,0 +1,87 @@
+package org.framework.lazy.cloud.network.heartbeat.server.netty.socket;
+
+
+import io.netty.bootstrap.Bootstrap;
+import io.netty.channel.*;
+import io.netty.channel.nio.NioEventLoopGroup;
+import io.netty.channel.socket.nio.NioSocketChannel;
+import lombok.extern.slf4j.Slf4j;
+import org.framework.lazy.cloud.network.heartbeat.common.InternalNetworkPermeateRealServer;
+import org.framework.lazy.cloud.network.heartbeat.common.MessageType;
+import org.framework.lazy.cloud.network.heartbeat.common.NettyProxyMsg;
+import org.framework.lazy.cloud.network.heartbeat.common.utils.ChannelAttributeKeyUtils;
+import org.framework.lazy.cloud.network.heartbeat.server.netty.filter.PermeateClientRealFilter;
+
+/**
+ * 客户端渗透服务端 连接真实通道
+ */
+@Slf4j
+public class NettyClientPermeateServerConnectRealSocket {
+    private static final EventLoopGroup eventLoopGroup = new NioEventLoopGroup();
+
+
+    /**
+     * 连接真实服务
+     */
+    public static void buildNewRealServer(
+                                          String visitorId,int visitorPort,String targetIp,int targetPort, Channel visitorChannel) {
+        try {
+            Bootstrap bootstrap = new Bootstrap();
+            bootstrap.group(eventLoopGroup).channel(NioSocketChannel.class)
+//                     设置读缓冲区为2M
+                    .option(ChannelOption.SO_RCVBUF, 2048 * 1024)
+//                     设置写缓冲区为1M
+                    .option(ChannelOption.SO_SNDBUF, 1024 * 1024)
+//                    .option(ChannelOption.TCP_NODELAY, false)
+                    .option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 1000 * 60)//连接超时时间设置为 60 秒
+//                    .option(ChannelOption.SO_BACKLOG, 128)//务端接受连接的队列长度 默认128
+//                    .option(ChannelOption.RCVBUF_ALLOCATOR, new NettyRecvByteBufAllocator(1024 * 1024))//用于Channel分配接受Buffer的分配器 默认AdaptiveRecvByteBufAllocator.DEFAULT
+                    .option(ChannelOption.WRITE_BUFFER_WATER_MARK, new WriteBufferWaterMark(1024 * 1024, 1024 * 1024 * 2))
+                    .handler(new PermeateClientRealFilter())
+
+            ;
+
+
+            bootstrap
+                    .connect(targetIp, targetPort)
+                    .sync()
+                    .addListener((ChannelFutureListener) channelFuture -> {
+                        if (channelFuture.isSuccess()) {
+                            // 客户端链接真实服务成功 设置自动读写false 等待访客连接成功后设置成true
+                            Channel realChannel = channelFuture.channel();
+
+                            log.info("服务端内网渗透通过,绑定本地服务,IP:{},端口:{} channelID:{} 新建通道成功", targetIp, targetPort,realChannel.id().asLongText());
+                            ChannelAttributeKeyUtils.buildVisitorPort(realChannel, visitorPort);
+                            // 缓存当前端口对应的通道、通道池
+                            ChannelAttributeKeyUtils.buildNextChannel(realChannel, visitorChannel);
+                            ChannelAttributeKeyUtils.buildNextChannel(visitorChannel, realChannel);
+
+                            ChannelAttributeKeyUtils.buildVisitorId(realChannel, visitorId);
+
+                            NettyProxyMsg myMsg = new NettyProxyMsg();
+                            myMsg.setType(MessageType.DISTRIBUTE_CLIENT_TRANSFER_SERVER_PERMEATE_CHANNEL_CONNECTION_SUCCESSFUL);
+                            myMsg.setVisitorId(visitorId);
+                            myMsg.setVisitorPort(visitorPort);
+                            myMsg.setClientTargetIp(targetIp);
+                            myMsg.setClientTargetPort(targetPort);
+
+                            myMsg.setVisitorId(visitorId);
+
+                            visitorChannel.writeAndFlush(myMsg);
+
+                        } else {
+                            log.error("服务端内网渗透 无法连接当前网络内的目标IP：【{}】,目标端口:【{}】", targetIp, targetPort);
+//                    future.channel().eventLoop().schedule(() -> {
+//                        buildNewRealServer(internalNetworkPermeateRealServer);
+//                    }, 2, TimeUnit.SECONDS);
+                        }
+            });
+
+
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+
+
+}
--- a/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/socket/NettyServerPermeateServerConnectRealSocket.java
+++ b/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/socket/NettyServerPermeateServerConnectRealSocket.java
@ -11,10 +11,10 @@ import org.framework.lazy.cloud.network.heartbeat.common.utils.ChannelAttributeK
 import org.framework.lazy.cloud.network.heartbeat.server.netty.filter.PermeateClientRealFilter;

 /**
- * 客户端连接真实服务
+ * 服务端渗透服务端 连接真实通道
 */
@Slf4j
-public class NettyPermeateClientRealSocket {
+public class NettyServerPermeateServerConnectRealSocket {
    private static final EventLoopGroup eventLoopGroup = new NioEventLoopGroup();

    /**
--- a/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/socket/NettyServerPermeateServerConnectVisitorSocket.java
+++ b/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/netty/socket/NettyServerPermeateServerConnectVisitorSocket.java
@ -16,10 +16,10 @@ import org.framework.lazy.cloud.network.heartbeat.server.netty.filter.PermeateVi
 import java.io.IOException;

 /**
- * 服务端渗透访客端口
+ * 服务端渗透服务端 访客端口
 */
@Slf4j
-public class NettyPermeateVisitorSocket {
+public class NettyServerPermeateServerConnectVisitorSocket {
    private final EventLoopGroup bossGroup = new NioEventLoopGroup();
    private final EventLoopGroup workerGroup = new NioEventLoopGroup();
    private final PermeateVisitorFilter permeateVisitorFilter;
@ -29,9 +29,9 @@ public class NettyPermeateVisitorSocket {

    private final InternalNetworkPermeateRealServer internalNetworkPermeateRealServer;

-    public NettyPermeateVisitorSocket(PermeateVisitorFilter permeateVisitorFilter,
-                                      InternalNetworkPermeateRealServer internalNetworkPermeateRealServer ,
-                                      int visitorPort) {
+    public NettyServerPermeateServerConnectVisitorSocket(PermeateVisitorFilter permeateVisitorFilter,
+                                                         InternalNetworkPermeateRealServer internalNetworkPermeateRealServer,
+                                                         int visitorPort) {
        this.permeateVisitorFilter = permeateVisitorFilter;
        this.visitorPort = visitorPort;
        this.internalNetworkPermeateRealServer = internalNetworkPermeateRealServer;
@ -45,8 +45,8 @@ public class NettyPermeateVisitorSocket {
     */
    public void start() throws Exception {

-        NettyPermeateVisitorSocket nettyPermeateVisitorSocket = NettyPermeateVisitorContext.getPermeateVisitorSocket(visitorPort);
-        if (nettyPermeateVisitorSocket == null) {
+        NettyServerPermeateServerConnectVisitorSocket nettyServerPermeateServerConnectVisitorSocket = NettyPermeateVisitorContext.getPermeateVisitorSocket(visitorPort);
+        if (nettyServerPermeateServerConnectVisitorSocket == null) {
            ServerBootstrap bootstrap = new ServerBootstrap();
            bootstrap
                    .group(bossGroup, workerGroup)
@ -181,7 +181,7 @@ public class NettyPermeateVisitorSocket {
        }


-        public NettyPermeateVisitorSocket build() {
+        public NettyServerPermeateServerConnectVisitorSocket build() {

            if (clientTargetIp == null) {
                throw new IllegalArgumentException("clientTargetIp must not null");
@ -200,7 +200,7 @@ public class NettyPermeateVisitorSocket {
                    .build();

            PermeateVisitorFilter permeateVisitorFilter = new PermeateVisitorFilter(internalNetworkPermeateRealServer, channelFlowAdapter);
-            return new NettyPermeateVisitorSocket(permeateVisitorFilter,internalNetworkPermeateRealServer, permeateVisitorPort);
+            return new NettyServerPermeateServerConnectVisitorSocket(permeateVisitorFilter, internalNetworkPermeateRealServer, permeateVisitorPort);
        }


--- a/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/standalone/application/impl/LazyInternalNetworkServerPermeateMappingApplicationImpl.java
+++ b/wu-lazy-cloud-heartbeat-server/src/main/java/org/framework/lazy/cloud/network/heartbeat/server/standalone/application/impl/LazyInternalNetworkServerPermeateMappingApplicationImpl.java
@ -4,7 +4,7 @@ import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
 import org.framework.lazy.cloud.network.heartbeat.common.NettyPermeateVisitorContext;
 import org.framework.lazy.cloud.network.heartbeat.common.adapter.ChannelFlowAdapter;
-import org.framework.lazy.cloud.network.heartbeat.server.netty.socket.NettyPermeateVisitorSocket;
+import org.framework.lazy.cloud.network.heartbeat.server.netty.socket.NettyServerPermeateServerConnectVisitorSocket;
 import org.framework.lazy.cloud.network.heartbeat.server.properties.ServerNodeProperties;
 import org.framework.lazy.cloud.network.heartbeat.server.standalone.application.LazyInternalNetworkServerPermeateMappingApplication;
 import org.framework.lazy.cloud.network.heartbeat.server.standalone.application.assembler.LazyInternalNetworkServerPermeateMappingDTOAssembler;
@ -218,11 +218,11 @@ public class LazyInternalNetworkServerPermeateMappingApplicationImpl implements
     */
    private void closePermeateSocket(Integer visitorPort) {
        // 删除 客户端映射
-        NettyPermeateVisitorSocket nettyPermeateVisitorSocket = NettyPermeateVisitorContext.getPermeateVisitorSocket(visitorPort);
-        if (!ObjectUtils.isEmpty(nettyPermeateVisitorSocket)) {
+        NettyServerPermeateServerConnectVisitorSocket nettyServerPermeateServerConnectVisitorSocket = NettyPermeateVisitorContext.getPermeateVisitorSocket(visitorPort);
+        if (!ObjectUtils.isEmpty(nettyServerPermeateServerConnectVisitorSocket)) {
            // 关闭端口
            try {
-                nettyPermeateVisitorSocket.close();
+                nettyServerPermeateServerConnectVisitorSocket.close();
            } catch (IOException | InterruptedException e) {
                throw new RuntimeException(e);
            }
@ -238,7 +238,7 @@ public class LazyInternalNetworkServerPermeateMappingApplicationImpl implements
     */
    private void createPermeateVisitor(String permeateTargetIp, Integer permeateTargetPort, Integer visitorPort) {
        // 更新 客户端映射
-        NettyPermeateVisitorSocket nettyPermeateVisitorSocket = NettyPermeateVisitorSocket.NettyPermeateVisitorSocketBuilder
+        NettyServerPermeateServerConnectVisitorSocket nettyServerPermeateServerConnectVisitorSocket = NettyServerPermeateServerConnectVisitorSocket.NettyPermeateVisitorSocketBuilder
                .builder()
                .builderClientTargetIp(permeateTargetIp)
                .builderClientTargetPort(permeateTargetPort)
@ -246,7 +246,7 @@ public class LazyInternalNetworkServerPermeateMappingApplicationImpl implements
                .builderChannelFlowAdapter(channelFlowAdapter)
                .build();
        try {
-            nettyPermeateVisitorSocket.start();
+            nettyServerPermeateServerConnectVisitorSocket.start();
        } catch (Exception e) {
            log.error("内网渗透,网络端口:{},开放失败", visitorPort);
            throw new RuntimeException(e);