mirror of
https://gitee.com/wujiawei1207537021/wu-lazy-cloud-network.git
synced 2025-06-06 13:27:55 +08:00
【fix】服务端内网渗透 test
This commit is contained in:
wujiawei
parent
234613a76a
commit
4a7bdb366f
@ -1,7 +1,6 @@
|
|||||||
package org.framework.lazy.cloud.network.heartbeat.client.netty.handler;
|
package org.framework.lazy.cloud.network.heartbeat.client.netty.handler;
|
||||||
|
|
||||||
|
|
||||||
import io.netty.buffer.ByteBuf;
|
|
||||||
import io.netty.channel.Channel;
|
import io.netty.channel.Channel;
|
||||||
import io.netty.channel.ChannelHandlerContext;
|
import io.netty.channel.ChannelHandlerContext;
|
||||||
import io.netty.channel.ChannelOption;
|
import io.netty.channel.ChannelOption;
|
||||||
|
|||||||
@ -6,12 +6,8 @@ import io.netty.channel.ChannelHandlerContext;
|
|||||||
import io.netty.channel.ChannelOption;
|
import io.netty.channel.ChannelOption;
|
||||||
import io.netty.channel.SimpleChannelInboundHandler;
|
import io.netty.channel.SimpleChannelInboundHandler;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.framework.lazy.cloud.network.heartbeat.common.MessageType;
|
|
||||||
import org.framework.lazy.cloud.network.heartbeat.common.NettyByteBuf;
|
import org.framework.lazy.cloud.network.heartbeat.common.NettyByteBuf;
|
||||||
import org.framework.lazy.cloud.network.heartbeat.common.NettyCommunicationIdContext;
|
|
||||||
import org.framework.lazy.cloud.network.heartbeat.common.NettyProxyMsg;
|
|
||||||
import org.framework.lazy.cloud.network.heartbeat.common.utils.ChannelAttributeKeyUtils;
|
import org.framework.lazy.cloud.network.heartbeat.common.utils.ChannelAttributeKeyUtils;
|
||||||
import org.wu.framework.core.utils.ObjectUtils;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 来自客户端 真实服务器返回的数据请求
|
* 来自客户端 真实服务器返回的数据请求
|
||||||
@ -24,7 +20,8 @@ public class PermeateClientRealHandler extends SimpleChannelInboundHandler<Netty
|
|||||||
// 根据访客ID 确认真实通道 读写打开
|
// 根据访客ID 确认真实通道 读写打开
|
||||||
Channel channel = ctx.channel();
|
Channel channel = ctx.channel();
|
||||||
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(channel);
|
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(channel);
|
||||||
nextChannel.config().setOption(ChannelOption.AUTO_READ, true);
|
|
||||||
|
channel.config().setOption(ChannelOption.AUTO_READ, true);
|
||||||
super.channelActive(ctx);
|
super.channelActive(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -33,10 +30,11 @@ public class PermeateClientRealHandler extends SimpleChannelInboundHandler<Netty
|
|||||||
@Override
|
@Override
|
||||||
public void channelRead0(ChannelHandlerContext ctx,NettyByteBuf nettyByteBuf) {
|
public void channelRead0(ChannelHandlerContext ctx,NettyByteBuf nettyByteBuf) {
|
||||||
|
|
||||||
|
Channel channel = ctx.channel();
|
||||||
byte[] bytes = nettyByteBuf.getData();
|
byte[] bytes = nettyByteBuf.getData();
|
||||||
log.debug("bytes.length:{}",bytes.length);
|
log.debug("bytes.length:{}",bytes.length);
|
||||||
log.debug("接收客户端真实服务数据:{}", new String(bytes));
|
log.debug("接收客户端真实服务数据:{}", new String(bytes));
|
||||||
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(ctx.channel());
|
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(channel);
|
||||||
nextChannel.writeAndFlush(bytes);
|
nextChannel.writeAndFlush(bytes);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -42,20 +42,12 @@ public class PermeateVisitorHandler extends SimpleChannelInboundHandler<ByteBuf>
|
|||||||
|
|
||||||
// 判断是否有可用的通道 如果没有创建新的通道
|
// 判断是否有可用的通道 如果没有创建新的通道
|
||||||
|
|
||||||
|
log.info("开始准备绑定渗透真实通道: {}", internalNetworkPermeateRealServer.getVisitorPort());
|
||||||
// 创建这是客户端通道池
|
// 创建这是客户端通道池
|
||||||
NettyPermeateClientRealSocket.buildRealServer(internalNetworkPermeateRealServer, visitorChannel, visitorId);
|
NettyPermeateClientRealSocket.buildRealServer(internalNetworkPermeateRealServer, visitorChannel, visitorId);
|
||||||
|
|
||||||
|
|
||||||
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(visitorChannel);
|
|
||||||
if (nextChannel != null) {
|
|
||||||
// 绑定 访客
|
|
||||||
ChannelAttributeKeyUtils.buildVisitorId(nextChannel, visitorId);
|
|
||||||
nextChannel.config().setOption(ChannelOption.AUTO_READ, true);
|
|
||||||
} else {
|
|
||||||
log.error("服务端内网渗透失败,无法连接到服务端访客");
|
|
||||||
}
|
|
||||||
|
|
||||||
log.info("内网渗透 服务端访客端口连接成功了");
|
log.info("内网渗透 服务端访客端口连接成功了");
|
||||||
|
|
||||||
super.channelActive(ctx);
|
super.channelActive(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -73,6 +65,8 @@ public class PermeateVisitorHandler extends SimpleChannelInboundHandler<ByteBuf>
|
|||||||
// 使用访客的通信通道
|
// 使用访客的通信通道
|
||||||
|
|
||||||
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(visitorChannel);
|
Channel nextChannel = ChannelAttributeKeyUtils.getNextChannel(visitorChannel);
|
||||||
|
// 下一个通道开启自动读写
|
||||||
|
nextChannel.config().setOption(ChannelOption.AUTO_READ, true);
|
||||||
// 绑定数据流量
|
// 绑定数据流量
|
||||||
ChannelAttributeKeyUtils.buildInFlow(nextChannel, bytes.length);
|
ChannelAttributeKeyUtils.buildInFlow(nextChannel, bytes.length);
|
||||||
nextChannel.writeAndFlush(bytes);
|
nextChannel.writeAndFlush(bytes);
|
||||||
@ -80,6 +74,7 @@ public class PermeateVisitorHandler extends SimpleChannelInboundHandler<ByteBuf>
|
|||||||
// 处理访客流量
|
// 处理访客流量
|
||||||
ServerChannelFlow serverChannelFlow = ServerChannelFlow
|
ServerChannelFlow serverChannelFlow = ServerChannelFlow
|
||||||
.builder()
|
.builder()
|
||||||
|
.clientId("server_id")
|
||||||
.channelFlowEnum(ChannelFlowEnum.IN_FLOW)
|
.channelFlowEnum(ChannelFlowEnum.IN_FLOW)
|
||||||
.port(visitorPort)
|
.port(visitorPort)
|
||||||
.flow(bytes.length)
|
.flow(bytes.length)
|
||||||
|
|||||||
@ -23,9 +23,7 @@ public class NettyPermeateClientRealSocket {
|
|||||||
* @param internalNetworkPermeateRealServer 访客信息
|
* @param internalNetworkPermeateRealServer 访客信息
|
||||||
*/
|
*/
|
||||||
public static void buildRealServer(InternalNetworkPermeateRealServer internalNetworkPermeateRealServer,Channel visitorChannel ,String visitorId) {
|
public static void buildRealServer(InternalNetworkPermeateRealServer internalNetworkPermeateRealServer,Channel visitorChannel ,String visitorId) {
|
||||||
|
|
||||||
buildNewRealServer(internalNetworkPermeateRealServer,visitorChannel,visitorId);
|
buildNewRealServer(internalNetworkPermeateRealServer,visitorChannel,visitorId);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -33,7 +31,8 @@ public class NettyPermeateClientRealSocket {
|
|||||||
* @param visitorChannel
|
* @param visitorChannel
|
||||||
* @param visitorId
|
* @param visitorId
|
||||||
*/
|
*/
|
||||||
private static void buildNewRealServer(InternalNetworkPermeateRealServer internalNetworkPermeateRealServer, Channel visitorChannel, String visitorId) {
|
private static void buildNewRealServer(InternalNetworkPermeateRealServer internalNetworkPermeateRealServer,
|
||||||
|
Channel visitorChannel, String visitorId) {
|
||||||
try {
|
try {
|
||||||
String clientTargetIp = internalNetworkPermeateRealServer.getClientTargetIp();
|
String clientTargetIp = internalNetworkPermeateRealServer.getClientTargetIp();
|
||||||
Integer clientTargetPort = internalNetworkPermeateRealServer.getClientTargetPort();
|
Integer clientTargetPort = internalNetworkPermeateRealServer.getClientTargetPort();
|
||||||
@ -54,27 +53,34 @@ public class NettyPermeateClientRealSocket {
|
|||||||
;
|
;
|
||||||
|
|
||||||
|
|
||||||
bootstrap.connect(clientTargetIp, clientTargetPort).addListener((ChannelFutureListener) future -> {
|
bootstrap
|
||||||
if (future.isSuccess()) {
|
.connect(clientTargetIp, clientTargetPort)
|
||||||
// 客户端链接真实服务成功 设置自动读写false 等待访客连接成功后设置成true
|
.sync()
|
||||||
Channel realChannel = future.channel();
|
.addListener((ChannelFutureListener) channelFuture -> {
|
||||||
realChannel.config().setOption(ChannelOption.AUTO_READ, false);
|
if (channelFuture.isSuccess()) {
|
||||||
|
// 客户端链接真实服务成功 设置自动读写false 等待访客连接成功后设置成true
|
||||||
|
Channel realChannel = channelFuture.channel();
|
||||||
|
realChannel.config().setOption(ChannelOption.AUTO_READ, true);
|
||||||
|
|
||||||
log.info("服务端内网渗透通过,绑定本地服务,IP:{},端口:{} 新建通道成功", clientTargetIp, clientTargetPort);
|
log.info("服务端内网渗透通过,绑定本地服务,IP:{},端口:{} 新建通道成功", clientTargetIp, clientTargetPort);
|
||||||
ChannelAttributeKeyUtils.buildVisitorPort(realChannel, visitorPort);
|
ChannelAttributeKeyUtils.buildVisitorPort(realChannel, visitorPort);
|
||||||
// 缓存当前端口对应的通道、通道池
|
// 缓存当前端口对应的通道、通道池
|
||||||
ChannelAttributeKeyUtils.buildNextChannel(realChannel, visitorChannel);
|
ChannelAttributeKeyUtils.buildNextChannel(realChannel, visitorChannel);
|
||||||
ChannelAttributeKeyUtils.buildNextChannel(visitorChannel, realChannel);
|
ChannelAttributeKeyUtils.buildNextChannel(visitorChannel, realChannel);
|
||||||
|
|
||||||
ChannelAttributeKeyUtils.buildVisitorId(realChannel, visitorId);
|
ChannelAttributeKeyUtils.buildVisitorId(realChannel, visitorId);
|
||||||
|
|
||||||
} else {
|
visitorChannel.config().setOption(ChannelOption.AUTO_READ, true);
|
||||||
log.error("服务端内网渗透 无法连接当前网络内的目标IP:【{}】,目标端口:【{}】", clientTargetIp, clientTargetPort);
|
|
||||||
|
} else {
|
||||||
|
log.error("服务端内网渗透 无法连接当前网络内的目标IP:【{}】,目标端口:【{}】", clientTargetIp, clientTargetPort);
|
||||||
// future.channel().eventLoop().schedule(() -> {
|
// future.channel().eventLoop().schedule(() -> {
|
||||||
// buildNewRealServer(internalNetworkPermeateRealServer);
|
// buildNewRealServer(internalNetworkPermeateRealServer);
|
||||||
// }, 2, TimeUnit.SECONDS);
|
// }, 2, TimeUnit.SECONDS);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -180,16 +180,6 @@ public class NettyPermeateVisitorSocket {
|
|||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* 绑定访客ID
|
|
||||||
*
|
|
||||||
* @param visitorId 访客ID
|
|
||||||
* @return 当前对象
|
|
||||||
*/
|
|
||||||
public NettyPermeateVisitorSocketBuilder builderVisitorId(String visitorId) {
|
|
||||||
this.visitorId = visitorId;
|
|
||||||
return this;
|
|
||||||
}
|
|
||||||
|
|
||||||
public NettyPermeateVisitorSocket build() {
|
public NettyPermeateVisitorSocket build() {
|
||||||
|
|
||||||
|
|||||||
@ -21,4 +21,9 @@ spring:
|
|||||||
url: jdbc:mysql://127.0.0.1:3306/wu_lazy_cloud_netty_server?allowMultiQueries=true&useUnicode=true&autoReconnect=true&useAffectedRows=true&useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&databaseTerm=SCHEMA
|
url: jdbc:mysql://127.0.0.1:3306/wu_lazy_cloud_netty_server?allowMultiQueries=true&useUnicode=true&autoReconnect=true&useAffectedRows=true&useSSL=false&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&databaseTerm=SCHEMA
|
||||||
username: root
|
username: root
|
||||||
password: wujiawei
|
password: wujiawei
|
||||||
driver-class-name: com.mysql.cj.jdbc.Driver
|
driver-class-name: com.mysql.cj.jdbc.Driver
|
||||||
|
|
||||||
|
---
|
||||||
|
logging:
|
||||||
|
level:
|
||||||
|
root: DEBUG
|
||||||
Loading…
x
Reference in New Issue
Block a user