From 7a9b25ca700a55e14e257e8af0ec0cb35f972caa Mon Sep 17 00:00:00 2001
From: zhzyker <zhzyker@gmail.com>
Date: Mon, 6 Jun 2022 18:27:03 +0800
Subject: [PATCH] add giop protocol

---
 internal/protocol/identify.go       |  6 +++++
 internal/protocol/judge/tcp_giop.go | 41 +++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 internal/protocol/judge/tcp_giop.go

diff --git a/internal/protocol/identify.go b/internal/protocol/identify.go
index 74766c3..68a2cc3 100644
--- a/internal/protocol/identify.go
+++ b/internal/protocol/identify.go
@@ -147,6 +147,12 @@ func JudgeTcp(result map[string]interface{}, Args map[string]interface{}) bool {
 			return true
 		}
 	}
+	if protocol == "giop" || runAll {
+		if judge.TcpGIOP(result, Args) {
+			printSuccess("TCP/GIOP", result)
+			return true
+		}
+	}
 
 	status := result["status"].(string)
 	if status == "open" && runAll {
diff --git a/internal/protocol/judge/tcp_giop.go b/internal/protocol/judge/tcp_giop.go
new file mode 100644
index 0000000..45f77f1
--- /dev/null
+++ b/internal/protocol/judge/tcp_giop.go
@@ -0,0 +1,41 @@
+package judge
+
+import (
+	"encoding/hex"
+	"github.com/zhzyker/dismap/internal/parse"
+	"github.com/zhzyker/dismap/internal/proxy"
+	"github.com/zhzyker/dismap/pkg/logger"
+	"strings"
+)
+
+func TcpGIOP(result map[string]interface{}, Args map[string]interface{}) bool {
+	timeout := Args["FlagTimeout"].(int)
+	host := result["host"].(string)
+	port := result["port"].(int)
+
+	conn, err := proxy.ConnProxyTcp(host, port, timeout)
+	if logger.DebugError(err) {
+		return false
+	}
+
+	msg := "\x47\x49\x4f\x50\x01\x02\x00\x03\x00\x00\x00\x17\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0b\x4e\x61\x6d\x65\x53\x65\x72\x76\x69\x63\x65"
+	_, err = conn.Write([]byte(msg))
+	if logger.DebugError(err) {
+		return false
+	}
+
+	reply := make([]byte, 256)
+	_, _ = conn.Read(reply)
+	if conn != nil {
+		_ = conn.Close()
+	}
+
+	if strings.Contains(hex.EncodeToString(reply[0:4]), "47494f50") == false {
+		return false
+	}
+
+	result["protocol"] = "giop"
+	result["banner.string"] = parse.ByteToStringParse2(reply[0:4])
+	result["banner.byte"] = reply
+	return true
+}