From 69a70fc5777cd32fbbbd8df7fd8cb8784c8e506a Mon Sep 17 00:00:00 2001 From: ZacharyZcR Date: Thu, 7 Aug 2025 01:38:51 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=9C=A8=E6=BC=8F=E6=B4=9E=E6=89=AB?= =?UTF-8?q?=E6=8F=8F=E9=98=B6=E6=AE=B5=E6=98=BE=E7=A4=BA=E5=90=AF=E7=94=A8?= =?UTF-8?q?=E7=9A=84=E6=8F=92=E4=BB=B6=E5=88=97=E8=A1=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 增强用户体验,让用户清楚了解漏洞扫描时启用的具体插件: 功能特点: • 在"开始漏洞扫描"后显示实际启用的插件列表 • 智能过滤,只显示针对发现端口的适用插件 • 完整国际化支持,中英文界面均正常显示 • 格式与现有"使用服务插件"保持一致 实现细节: * Core/ServiceScanner.go: 新增LogVulnerabilityPluginInfo函数 - 使用与实际扫描相同的插件过滤逻辑 - 确保显示的插件列表与实际执行的插件一致 - 支持插件去重和格式化显示 * Common/i18n/messages.go: 添加漏洞扫描相关国际化文本 - scan_vulnerability_start: "开始漏洞扫描" / "Starting vulnerability scan" - scan_vulnerability_plugins: "使用漏洞扫描插件: %s" / "Using vulnerability scan plugins: %s" - scan_no_vulnerability_plugins: "未找到可用的漏洞扫描插件" / "No available vulnerability scan plugins found" 显示效果: - 针对SMB端口(445,135): 显示"ms17010, smb, smb2, smbghost, findnet" - 针对Web端口(80,443): 显示"webpoc, webtitle" - 根据实际发现的开放端口智能显示相关插件 提升用户对扫描过程的可见性和控制感,便于调试和性能优化。 --- Common/i18n/messages.go | 12 ++++++++++++ Core/ServiceScanner.go | 43 ++++++++++++++++++++++++++++++++++++++++- 2 files changed, 54 insertions(+), 1 deletion(-) diff --git a/Common/i18n/messages.go b/Common/i18n/messages.go index 8d94769..2d216ca 100644 --- a/Common/i18n/messages.go +++ b/Common/i18n/messages.go @@ -616,10 +616,22 @@ var coreMessages = map[string]map[string]string{ LangZH: "开始主机扫描", LangEN: "Starting host scan", }, + "scan_vulnerability_start": { + LangZH: "开始漏洞扫描", + LangEN: "Starting vulnerability scan", + }, "scan_no_service_plugins": { LangZH: "未找到可用的服务插件", LangEN: "No available service plugins found", }, + "scan_vulnerability_plugins": { + LangZH: "使用漏洞扫描插件: %s", + LangEN: "Using vulnerability scan plugins: %s", + }, + "scan_no_vulnerability_plugins": { + LangZH: "未找到可用的漏洞扫描插件", + LangEN: "No available vulnerability scan plugins found", + }, "scan_complete_ports_found": { LangZH: "扫描完成, 发现 %d 个开放端口", LangEN: "Scan completed, found %d open ports", diff --git a/Core/ServiceScanner.go b/Core/ServiceScanner.go index 77f1b93..c8216fe 100644 --- a/Core/ServiceScanner.go +++ b/Core/ServiceScanner.go @@ -5,6 +5,7 @@ import ( "github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common/i18n" "github.com/shadow1ng/fscan/common/parsers" + "strconv" "strings" "sync" ) @@ -78,7 +79,9 @@ func (s *ServiceScanStrategy) performHostScan(hosts []string, info common.HostIn // 执行漏洞扫描 if len(targetInfos) > 0 { - common.LogBase("开始漏洞扫描") + common.LogBase(i18n.GetText("scan_vulnerability_start")) + // 显示即将使用的漏洞扫描插件 + s.LogVulnerabilityPluginInfo(targetInfos) ExecuteScanTasks(targetInfos, s, ch, wg) } } @@ -198,6 +201,44 @@ func (s *ServiceScanStrategy) LogPluginInfo() { } } +// LogVulnerabilityPluginInfo 输出漏洞扫描插件信息 +func (s *ServiceScanStrategy) LogVulnerabilityPluginInfo(targets []common.HostInfo) { + allPlugins, isCustomMode := s.GetPlugins() + + // 获取实际会被使用的插件列表 + var vulnerabilityPlugins []string + pluginUsed := make(map[string]bool) + + for _, target := range targets { + targetPort := 0 + if target.Ports != "" { + targetPort, _ = strconv.Atoi(target.Ports) + } + + for _, pluginName := range allPlugins { + plugin, exists := common.PluginManager[pluginName] + if !exists { + continue + } + + // 检查插件是否适用于当前目标(使用与ExecuteScanTasks相同的逻辑) + if s.IsPluginApplicable(plugin, targetPort, isCustomMode) { + if !pluginUsed[pluginName] { + vulnerabilityPlugins = append(vulnerabilityPlugins, pluginName) + pluginUsed[pluginName] = true + } + } + } + } + + // 输出插件信息 + if len(vulnerabilityPlugins) > 0 { + common.LogBase(fmt.Sprintf(i18n.GetText("scan_vulnerability_plugins"), strings.Join(vulnerabilityPlugins, ", "))) + } else { + common.LogBase(i18n.GetText("scan_no_vulnerability_plugins")) + } +} + // IsPluginApplicable 判断插件是否适用于服务扫描 func (s *ServiceScanStrategy) IsPluginApplicable(plugin common.ScanPlugin, targetPort int, isCustomMode bool) bool { // 自定义模式下运行所有明确指定的插件