refactor: 精简利用功能，只保留真正有攻击价值的利用方法

- 完全移除FTP、MySQL、SSH、ActiveMQ的利用功能，只保留弱密码扫描
- 重构Redis插件利用方法，严格按参数控制启用:
  * arbitrary_file_write: 需要-rwp和(-rwc或-rwf)参数
  * ssh_key_write: 需要-rf参数
  * crontab_injection: 需要-rs参数
- 修复Redis未授权访问时的利用条件检查问题
- 去除所有信息收集类利用，只保留GetShell和文件写入等实际攻击能力

现在利用功能完全参数驱动，只有提供对应参数时才启动相应利用方法

Plugins/services/activemq/exploiter.go

@@ -14,52 +14,65 @@ import (
 // ActiveMQExploiter ActiveMQ利用模块
 // 实现ActiveMQ相关的安全测试和利用功能
 type ActiveMQExploiter struct {
+	*base.BaseExploiter
 	connector *ActiveMQConnector
 	timeout   time.Duration
 }
 
 // NewActiveMQExploiter 创建新的ActiveMQ利用器
 func NewActiveMQExploiter() *ActiveMQExploiter {
-	return &ActiveMQExploiter{
+	exploiter := &ActiveMQExploiter{
+		BaseExploiter: base.NewBaseExploiter("activemq"),
 		connector:     NewActiveMQConnector(),
 		timeout:       time.Duration(common.Timeout) * time.Second,
 	}
+	
+	// 设置利用方法
+	exploiter.setupExploitMethods()
+	
+	return exploiter
 }
 
-// Exploit 执行ActiveMQ利用攻击
+// setupExploitMethods 设置利用方法
-func (e *ActiveMQExploiter) Exploit(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
+func (e *ActiveMQExploiter) setupExploitMethods() {
-	target := fmt.Sprintf("%s:%s", info.Host, info.Ports)
+	// ActiveMQ插件暂时不提供利用功能，因为当前实现的都是信息收集类功能
+	// 没有实际的GetShell或文件写入等攻击价值
+}
 
-	common.LogDebug(fmt.Sprintf("开始ActiveMQ利用攻击: %s", target))
+// exploitInformationGatheringNew 信息收集利用 (新架构)
-	
+func (e *ActiveMQExploiter) exploitInformationGatheringNew(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
-	// 按优先级尝试各种利用方法
+	result, err := e.exploitInformationGathering(ctx, info, creds)
-	exploitMethods := []func(context.Context, *common.HostInfo, *base.Credential) (*base.ExploitResult, error){
-		e.exploitInformationGathering,  // 信息收集
-		e.exploitMessageEnumeration,    // 消息枚举
-		e.exploitQueueManagement,       // 队列管理
-		e.exploitConfigurationDump,     // 配置转储
-	}
-	
-	var lastErr error
-	for _, method := range exploitMethods {
-		select {
-		case <-ctx.Done():
-			return nil, ctx.Err()
-		default:
-			result, err := method(ctx, info, creds)
 	if err != nil {
-				lastErr = err
+		return nil, err
-				common.LogDebug(fmt.Sprintf("利用方法失败: %v", err))
-				continue
 	}
-			
-			if result != nil && result.Success {
 	return result, nil
-			}
+}
-		}
-	}
 
-	return nil, fmt.Errorf("所有利用方法都失败了: %v", lastErr)
+// exploitMessageEnumerationNew 消息枚举利用 (新架构)
+func (e *ActiveMQExploiter) exploitMessageEnumerationNew(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
+	result, err := e.exploitMessageEnumeration(ctx, info, creds)
+	if err != nil {
+		return nil, err
+	}
+	return result, nil
+}
+
+// exploitQueueManagementNew 队列管理利用 (新架构)
+func (e *ActiveMQExploiter) exploitQueueManagementNew(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
+	result, err := e.exploitQueueManagement(ctx, info, creds)
+	if err != nil {
+		return nil, err
+	}
+	return result, nil
+}
+
+// exploitConfigurationDumpNew 配置转储利用 (新架构)
+func (e *ActiveMQExploiter) exploitConfigurationDumpNew(ctx context.Context, info *common.HostInfo, creds *base.Credential) (*base.ExploitResult, error) {
+	result, err := e.exploitConfigurationDump(ctx, info, creds)
+	if err != nil {
+		return nil, err
+	}
+	return result, nil
 }
 
 // exploitInformationGathering 信息收集利用

Plugins/services/ftp/exploiter.go

@@ -9,7 +9,6 @@ import (
 
 	ftplib "github.com/jlaffaye/ftp"
 	"github.com/shadow1ng/fscan/common"
-	"github.com/shadow1ng/fscan/common/i18n"
 	"github.com/shadow1ng/fscan/plugins/base"
 )
 
@@ -34,32 +33,7 @@ func NewFTPExploiter() *FTPExploiter {
 
 // setupExploitMethods 设置利用方法
 func (e *FTPExploiter) setupExploitMethods() {
-	// 1. 目录枚举
+	// FTP插件不提供利用功能，仅进行弱密码扫描
-	dirMethod := base.NewExploitMethod(base.ExploitDataExtraction, "directory_enumeration").
-		WithDescription(i18n.GetText("exploit_method_name_directory_enumeration")).
-		WithPriority(9).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitDirectoryEnumeration).
-		Build()
-	e.AddExploitMethod(dirMethod)
-	
-	// 2. 文件下载测试
-	downloadMethod := base.NewExploitMethod(base.ExploitDataExtraction, "file_download_test").
-		WithDescription(i18n.GetText("exploit_method_name_file_read")).
-		WithPriority(8).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitFileDownloadTest).
-		Build()
-	e.AddExploitMethod(downloadMethod)
-	
-	// 3. 文件上传测试
-	uploadMethod := base.NewExploitMethod(base.ExploitFileWrite, "file_upload_test").
-		WithDescription(i18n.GetText("exploit_method_name_file_write")).
-		WithPriority(7).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitFileUploadTest).
-		Build()
-	e.AddExploitMethod(uploadMethod)
 }
 
 // exploitDirectoryEnumeration 目录枚举

Plugins/services/mysql/exploiter.go

@@ -32,50 +32,7 @@ func NewMySQLExploiter() *MySQLExploiter {
 
 // setupExploitMethods 设置利用方法
 func (e *MySQLExploiter) setupExploitMethods() {
-	// 1. 信息收集
+	// MySQL插件不提供利用功能，仅进行弱密码扫描
-	infoMethod := base.NewExploitMethod(base.ExploitDataExtraction, "information_gathering").
-		WithDescription("收集MySQL服务器信息").
-		WithPriority(8).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitInformationGathering).
-		Build()
-	e.AddExploitMethod(infoMethod)
-	
-	// 2. 数据库枚举
-	enumMethod := base.NewExploitMethod(base.ExploitDataExtraction, "database_enumeration").
-		WithDescription("枚举数据库和表").
-		WithPriority(7).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitDatabaseEnumeration).
-		Build()
-	e.AddExploitMethod(enumMethod)
-	
-	// 3. 用户权限检查
-	privMethod := base.NewExploitMethod(base.ExploitDataExtraction, "privilege_check").
-		WithDescription("检查用户权限").
-		WithPriority(6).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitPrivilegeCheck).
-		Build()
-	e.AddExploitMethod(privMethod)
-	
-	// 4. 文件读取（如果有FILE权限）
-	fileReadMethod := base.NewExploitMethod(base.ExploitDataExtraction, "file_read").
-		WithDescription("读取服务器文件").
-		WithPriority(9).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitFileRead).
-		Build()
-	e.AddExploitMethod(fileReadMethod)
-	
-	// 5. 文件写入（如果有FILE权限）
-	fileWriteMethod := base.NewExploitMethod(base.ExploitFileWrite, "file_write").
-		WithDescription("写入文件到服务器").
-		WithPriority(10).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitFileWrite).
-		Build()
-	e.AddExploitMethod(fileWriteMethod)
 }
 
 // exploitInformationGathering 信息收集利用

Plugins/services/redis/exploiter.go

@@ -33,50 +33,38 @@ func NewRedisExploiter() *RedisExploiter {
 
 // setupExploitMethods 设置利用方法
 func (e *RedisExploiter) setupExploitMethods() {
-	// 1. 任意文件写入
+	// 1. 任意文件写入 - 只有提供了-rwp和(-rwc或-rwf)参数时才启用
+	if common.RedisWritePath != "" && (common.RedisWriteContent != "" || common.RedisWriteFile != "") {
 		fileWriteMethod := base.NewExploitMethod(base.ExploitFileWrite, "arbitrary_file_write").
 			WithDescription("利用Redis写入任意文件").
 			WithPriority(10).
-		WithConditions("has_write_config").
+			WithConditions(). // Redis支持未授权访问，不需要凭据条件
 			WithHandler(e.exploitArbitraryFileWrite).
 			Build()
 		e.AddExploitMethod(fileWriteMethod)
+	}
 	
-	// 2. SSH密钥写入
+	// 2. SSH密钥写入 - 只有提供了-rf参数时才启用
+	if common.RedisFile != "" {
 		sshKeyMethod := base.NewExploitMethod(base.ExploitFileWrite, "ssh_key_write").
 			WithDescription("写入SSH公钥到authorized_keys").
 			WithPriority(9).
-		WithConditions("has_ssh_key").
+			WithConditions(). // Redis支持未授权访问，不需要凭据条件
 			WithHandler(e.exploitSSHKeyWrite).
 			Build()
 		e.AddExploitMethod(sshKeyMethod)
+	}
 	
-	// 3. Crontab定时任务
+	// 3. Crontab定时任务 - 只有提供了-rs参数时才启用
+	if common.RedisShell != "" {
 		cronMethod := base.NewExploitMethod(base.ExploitCommandExec, "crontab_injection").
 			WithDescription("注入Crontab定时任务").
 			WithPriority(9).
-		WithConditions().
+			WithConditions(). // Redis支持未授权访问，不需要凭据条件
 			WithHandler(e.exploitCrontabInjection).
 			Build()
 		e.AddExploitMethod(cronMethod)
-	
+	}
-	// 4. 数据提取
-	dataExtractionMethod := base.NewExploitMethod(base.ExploitDataExtraction, "data_extraction").
-		WithDescription("提取Redis中的数据").
-		WithPriority(7).
-		WithConditions().
-		WithHandler(e.exploitDataExtraction).
-		Build()
-	e.AddExploitMethod(dataExtractionMethod)
-	
-	// 5. 信息收集
-	infoGatheringMethod := base.NewExploitMethod(base.ExploitDataExtraction, "info_gathering").
-		WithDescription("收集Redis服务器信息").
-		WithPriority(6).
-		WithConditions().
-		WithHandler(e.exploitInfoGathering).
-		Build()
-	e.AddExploitMethod(infoGatheringMethod)
 }
 
 // exploitArbitraryFileWrite 任意文件写入利用

Plugins/services/ssh/exploiter.go

@@ -31,32 +31,8 @@ func NewSSHExploiter() *SSHExploiter {
 
 // setupExploitMethods 设置利用方法
 func (e *SSHExploiter) setupExploitMethods() {
-	// 1. 系统信息收集
+	// SSH插件不提供利用功能，-sshkey参数用于私钥文件认证而非命令执行
-	infoMethod := base.NewExploitMethod(base.ExploitDataExtraction, "system_info").
+	// SSH的价值在于弱密码发现，获取SSH访问权限本身就是目标
-		WithDescription("收集系统信息").
-		WithPriority(8).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitSystemInfo).
-		Build()
-	e.AddExploitMethod(infoMethod)
-	
-	// 2. 命令执行测试
-	cmdMethod := base.NewExploitMethod(base.ExploitCommandExec, "command_test").
-		WithDescription("测试命令执行能力").
-		WithPriority(9).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitCommandTest).
-		Build()
-	e.AddExploitMethod(cmdMethod)
-	
-	// 3. 用户权限检查
-	privMethod := base.NewExploitMethod(base.ExploitDataExtraction, "privilege_check").
-		WithDescription("检查用户权限").
-		WithPriority(7).
-		WithConditions("has_credentials").
-		WithHandler(e.exploitPrivilegeCheck).
-		Build()
-	e.AddExploitMethod(privMethod)
 }
 
 // exploitSystemInfo 系统信息收集利用