diff --git a/batch_clean.py b/batch_clean.py deleted file mode 100644 index 1427df1..0000000 --- a/batch_clean.py +++ /dev/null @@ -1,75 +0,0 @@ -#!/usr/bin/env python3 -import re -import os - -# 需要清理的文件(保留ssh.go redis.go ms17010.go) -FILES_TO_CLEAN = [ - 'elasticsearch.go', 'findnet.go', 'ftp.go', 'kafka.go', - 'ldap.go', 'netbios.go', 'rabbitmq.go', 'rdp.go', - 'rsync.go', 'smb.go', 'smb2.go', 'smbghost.go', - 'smbinfo.go', 'smtp.go', 'snmp.go', 'telnet.go', - 'vnc.go', 'webpoc.go', 'webtitle.go' -] - -def clean_exploit_function(file_path): - """清理单个文件的Exploit函数""" - with open(file_path, 'r', encoding='utf-8') as f: - content = f.read() - - # 使用正则表达式匹配并删除Exploit函数 - # 匹配从 "// Exploit" 注释开始到函数结束的整个块 - pattern = r'\/\/\s*Exploit.*?利用操作.*?\nfunc\s+\([^)]*\)\s+Exploit\([^{]*\{[^}]*(?:\{[^}]*\}[^}]*)*\}\n' - - # 简化方法:按行处理 - lines = content.split('\n') - output_lines = [] - skip_mode = False - brace_count = 0 - - i = 0 - while i < len(lines): - line = lines[i] - - # 检测Exploit函数开始 - if ('// Exploit' in line and '利用操作' in line) or ('func ' in line and 'Exploit(' in line): - skip_mode = True - brace_count = 0 - if 'func ' in line and '{' in line: - brace_count = line.count('{') - line.count('}') - i += 1 - continue - - if skip_mode: - # 计算花括号 - brace_count += line.count('{') - brace_count -= line.count('}') - - # 如果花括号归零,函数结束 - if brace_count <= 0: - skip_mode = False - i += 1 - continue - - output_lines.append(line) - i += 1 - - # 写回文件 - with open(file_path, 'w', encoding='utf-8') as f: - f.write('\n'.join(output_lines)) - -def main(): - os.chdir('plugins/services') - - for filename in FILES_TO_CLEAN: - if os.path.exists(filename): - print(f"Cleaning {filename}...") - try: - clean_exploit_function(filename) - print(f"✅ {filename}") - except Exception as e: - print(f"❌ {filename}: {e}") - else: - print(f"⚠️ {filename} not found") - -if __name__ == "__main__": - main() \ No newline at end of file diff --git a/clean_exploits.sh b/clean_exploits.sh deleted file mode 100644 index 4e5e114..0000000 --- a/clean_exploits.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash - -# 进入services目录 -cd plugins/services - -# 需要清理exploit的文件列表(保留ssh, redis, ms17010的exploit) -FILES_TO_CLEAN="elasticsearch.go findnet.go ftp.go kafka.go ldap.go mongodb.go mssql.go neo4j.go netbios.go oracle.go postgresql.go rabbitmq.go rdp.go rsync.go smb.go smb2.go smbghost.go smbinfo.go smtp.go snmp.go telnet.go vnc.go webpoc.go webtitle.go" - -for file in $FILES_TO_CLEAN; do - if [ -f "$file" ]; then - echo "Cleaning $file..." - # 备份文件 - cp "$file" "${file}.backup" - - # 使用awk删除Exploit函数 - awk ' - BEGIN { skip = 0; brace_count = 0; } - /^\/\/ Exploit.*利用操作/ { - skip = 1; - brace_count = 0; - next; - } - /^func.*Exploit\(/ { - if (!skip) { - skip = 1; - brace_count = 0; - } - next; - } - skip && /\{/ { - brace_count += gsub(/\{/, ""); - brace_count -= gsub(/\}/, ""); - if (brace_count <= 0 && /\}/) { - skip = 0; - next; - } - } - skip && /\}/ { - brace_count -= gsub(/\}/, ""); - brace_count += gsub(/\{/, ""); - if (brace_count <= 0) { - skip = 0; - next; - } - } - !skip { print; } - ' "${file}.backup" > "$file" - - echo "✅ Cleaned $file" - fi -done - -echo "✅ All exploit functions cleaned!" \ No newline at end of file diff --git a/cleanup_exploits.py b/cleanup_exploits.py deleted file mode 100644 index b06446f..0000000 --- a/cleanup_exploits.py +++ /dev/null @@ -1,79 +0,0 @@ -#!/usr/bin/env python3 -import os -import re - -# 保留exploit的插件(真正有利用价值的) -KEEP_EXPLOITS = ['ssh.go', 'redis.go', 'ms17010.go'] - -# 需要清理exploit的插件目录 -PLUGINS_DIR = 'plugins/services' - -def remove_exploit_function(content, filename): - """移除Exploit函数及其相关方法""" - print(f"Processing {filename}") - - # 匹配并删除Exploit函数 - exploit_pattern = r'// Exploit.*?\nfunc \([^)]+\) Exploit\([^{]*\{(?:[^{}]++|\{(?:[^{}]++|\{[^{}]*\})*\})*\}\n' - content = re.sub(exploit_pattern, '', content, flags=re.MULTILINE | re.DOTALL) - - # 简化一点,匹配函数定义到下一个函数定义 - lines = content.split('\n') - output_lines = [] - skip_lines = False - brace_count = 0 - - for line in lines: - # 检查是否是Exploit函数的开始 - if 'func ' in line and 'Exploit(' in line: - skip_lines = True - brace_count = 0 - continue - - if skip_lines: - # 计算花括号 - brace_count += line.count('{') - brace_count -= line.count('}') - - # 如果花括号平衡且不在函数内,停止跳过 - if brace_count <= 0 and '}' in line: - skip_lines = False - continue - - if not skip_lines: - output_lines.append(line) - - return '\n'.join(output_lines) - -def main(): - if not os.path.exists(PLUGINS_DIR): - print(f"Directory {PLUGINS_DIR} not found") - return - - for filename in os.listdir(PLUGINS_DIR): - if not filename.endswith('.go') or filename in KEEP_EXPLOITS or filename == 'init.go': - continue - - filepath = os.path.join(PLUGINS_DIR, filename) - - try: - with open(filepath, 'r', encoding='utf-8') as f: - content = f.read() - - # 检查是否有Exploit函数 - if 'func ' in content and 'Exploit(' in content: - # 移除Exploit函数 - new_content = remove_exploit_function(content, filename) - - # 写回文件 - with open(filepath, 'w', encoding='utf-8') as f: - f.write(new_content) - - print(f"✅ Cleaned {filename}") - else: - print(f"⏭️ Skipped {filename} (no Exploit function)") - - except Exception as e: - print(f"❌ Error processing {filename}: {e}") - -if __name__ == "__main__": - main() \ No newline at end of file diff --git a/plugins/init.go b/plugins/init.go index 6f852a2..7183dc1 100644 --- a/plugins/init.go +++ b/plugins/init.go @@ -10,7 +10,7 @@ import ( // Plugin 统一插件接口 - 消除过度设计 // -// Linus哲学:"好代码没有特殊情况" +// 统一插件系统设计原则: // 之前:3个不同的接口做同样的事情 // 现在:1个接口统治所有插件 type Plugin interface { @@ -18,6 +18,23 @@ type Plugin interface { Scan(ctx context.Context, info *common.HostInfo) *Result } +// BasePlugin 基础插件结构 - 消除插件name字段重复 +// +// 所有插件都需要name字段,通过基础结构体统一提供 +type BasePlugin struct { + name string +} + +// NewBasePlugin 创建基础插件 +func NewBasePlugin(name string) BasePlugin { + return BasePlugin{name: name} +} + +// Name 实现Plugin接口 +func (b BasePlugin) Name() string { + return b.name +} + // Result 统一结果结构 - 合并所有类型 type Result struct { Success bool diff --git a/plugins/local/avdetect.go b/plugins/local/avdetect.go index a7af5fc..ad282d5 100644 --- a/plugins/local/avdetect.go +++ b/plugins/local/avdetect.go @@ -10,6 +10,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) //go:embed auto.json @@ -28,14 +29,14 @@ type AVProduct struct { // - 删除复杂的结果结构体 // - 跨平台支持,运行时适配 type AVDetectPlugin struct { - name string + plugins.BasePlugin avProducts map[string]AVProduct } // NewAVDetectPlugin 创建AV检测插件 func NewAVDetectPlugin() *AVDetectPlugin { plugin := &AVDetectPlugin{ - name: "avdetect", + BasePlugin: plugins.NewBasePlugin("avdetect"), avProducts: make(map[string]AVProduct), } @@ -49,10 +50,6 @@ func NewAVDetectPlugin() *AVDetectPlugin { return plugin } -// GetName 实现Plugin接口 -func (p *AVDetectPlugin) Name() string { - return p.name -} // Scan 执行AV/EDR检测 - 直接、有效 diff --git a/plugins/local/cleaner.go b/plugins/local/cleaner.go index badde1c..a778acb 100644 --- a/plugins/local/cleaner.go +++ b/plugins/local/cleaner.go @@ -9,6 +9,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // CleanerPlugin 系统痕迹清理插件 - Linus式简化版本 @@ -18,20 +19,16 @@ import ( // - 直接实现清理功能 // - 消除不必要的统计和报告结构 type CleanerPlugin struct { - name string + plugins.BasePlugin } // NewCleanerPlugin 创建系统痕迹清理插件 func NewCleanerPlugin() *CleanerPlugin { return &CleanerPlugin{ - name: "cleaner", + BasePlugin: plugins.NewBasePlugin("cleaner"), } } -// GetName 实现Plugin接口 -func (p *CleanerPlugin) Name() string { - return p.name -} // Scan 执行系统痕迹清理 - 直接、简单 diff --git a/plugins/local/crontask.go b/plugins/local/crontask.go index e73a457..131c974 100644 --- a/plugins/local/crontask.go +++ b/plugins/local/crontask.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // CronTaskPlugin 计划任务持久化插件 - Linus式简化版本 @@ -22,7 +23,7 @@ import ( // - 直接实现持久化功能 // - 保持原有功能逻辑 type CronTaskPlugin struct { - name string + plugins.BasePlugin targetFile string } @@ -34,15 +35,11 @@ func NewCronTaskPlugin() *CronTaskPlugin { } return &CronTaskPlugin{ - name: "crontask", + BasePlugin: plugins.NewBasePlugin("crontask"), targetFile: targetFile, } } -// GetName 实现Plugin接口 -func (p *CronTaskPlugin) Name() string { - return p.name -} // Scan 执行计划任务持久化 - 直接实现 diff --git a/plugins/local/dcinfo.go b/plugins/local/dcinfo.go index 4396f1a..07157b6 100644 --- a/plugins/local/dcinfo.go +++ b/plugins/local/dcinfo.go @@ -12,6 +12,7 @@ import ( "github.com/go-ldap/ldap/v3" "github.com/go-ldap/ldap/v3/gssapi" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // DCInfoPlugin 域控信息收集插件 - Linus式简化版本 @@ -21,7 +22,7 @@ import ( // - 直接实现域信息收集功能 // - 保持原有功能逻辑 type DCInfoPlugin struct { - name string + plugins.BasePlugin } // DomainInfo 域信息结构 @@ -34,14 +35,10 @@ type DomainInfo struct { // NewDCInfoPlugin 创建域控信息收集插件 func NewDCInfoPlugin() *DCInfoPlugin { return &DCInfoPlugin{ - name: "dcinfo", + BasePlugin: plugins.NewBasePlugin("dcinfo"), } } -// GetName 实现Plugin接口 -func (p *DCInfoPlugin) Name() string { - return p.name -} // Scan 执行域控信息收集 - 直接实现 diff --git a/plugins/local/downloader.go b/plugins/local/downloader.go index 379c09a..63586ab 100644 --- a/plugins/local/downloader.go +++ b/plugins/local/downloader.go @@ -12,6 +12,7 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // DownloaderPlugin 文件下载插件 - Linus式简化版本 @@ -21,7 +22,7 @@ import ( // - 直接实现文件下载功能 // - 保持原有功能逻辑 type DownloaderPlugin struct { - name string + plugins.BasePlugin downloadURL string savePath string downloadTimeout time.Duration @@ -31,7 +32,7 @@ type DownloaderPlugin struct { // NewDownloaderPlugin 创建文件下载插件 func NewDownloaderPlugin() *DownloaderPlugin { return &DownloaderPlugin{ - name: "downloader", + BasePlugin: plugins.NewBasePlugin("downloader"), downloadURL: common.DownloadURL, savePath: common.DownloadSavePath, downloadTimeout: 30 * time.Second, @@ -39,10 +40,6 @@ func NewDownloaderPlugin() *DownloaderPlugin { } } -// GetName 实现Plugin接口 -func (p *DownloaderPlugin) Name() string { - return p.name -} // Scan 执行文件下载任务 - 直接实现 diff --git a/plugins/local/envinfo.go b/plugins/local/envinfo.go index 142e6be..6353d33 100644 --- a/plugins/local/envinfo.go +++ b/plugins/local/envinfo.go @@ -8,6 +8,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // EnvInfoPlugin 环境变量信息收集插件 - Linus式简化版本 @@ -17,20 +18,16 @@ import ( // - 过滤敏感信息关键词 // - 简单有效的实现 type EnvInfoPlugin struct { - name string + plugins.BasePlugin } // NewEnvInfoPlugin 创建环境变量信息插件 func NewEnvInfoPlugin() *EnvInfoPlugin { return &EnvInfoPlugin{ - name: "envinfo", + BasePlugin: plugins.NewBasePlugin("envinfo"), } } -// GetName 实现Plugin接口 -func (p *EnvInfoPlugin) Name() string { - return p.name -} // Scan 执行环境变量收集 - 直接、有效 diff --git a/plugins/local/fileinfo.go b/plugins/local/fileinfo.go index 4ce05e4..36e90b8 100644 --- a/plugins/local/fileinfo.go +++ b/plugins/local/fileinfo.go @@ -9,6 +9,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // FileInfoPlugin 文件信息收集插件 - Linus式简化版本 @@ -19,20 +20,16 @@ import ( // - 没有平台检查(运行时错误更清晰) // - 没有复杂配置(直接硬编码关键路径) type FileInfoPlugin struct { - name string + plugins.BasePlugin } // NewFileInfoPlugin 创建文件信息插件 func NewFileInfoPlugin() *FileInfoPlugin { return &FileInfoPlugin{ - name: "fileinfo", + BasePlugin: plugins.NewBasePlugin("fileinfo"), } } -// GetName 实现Plugin接口 -func (p *FileInfoPlugin) Name() string { - return p.name -} // Scan 执行本地文件扫描 - 直接、简单、有效 diff --git a/plugins/local/forwardshell.go b/plugins/local/forwardshell.go index f655e20..914efb1 100644 --- a/plugins/local/forwardshell.go +++ b/plugins/local/forwardshell.go @@ -12,6 +12,7 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // ForwardShellPlugin 正向Shell插件 - Linus式简化版本 @@ -21,7 +22,7 @@ import ( // - 直接实现Shell服务功能 // - 保持原有功能逻辑 type ForwardShellPlugin struct { - name string + plugins.BasePlugin port int listener net.Listener } @@ -34,15 +35,11 @@ func NewForwardShellPlugin() *ForwardShellPlugin { } return &ForwardShellPlugin{ - name: "forwardshell", + BasePlugin: plugins.NewBasePlugin("forwardshell"), port: port, } } -// GetName 实现Plugin接口 -func (p *ForwardShellPlugin) Name() string { - return p.name -} // Scan 执行正向Shell服务 - 直接实现 diff --git a/plugins/local/keylogger.go b/plugins/local/keylogger.go index 27ac7c3..fdd9f14 100644 --- a/plugins/local/keylogger.go +++ b/plugins/local/keylogger.go @@ -10,6 +10,7 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // KeyloggerPlugin 键盘记录插件 - Linus式简化版本 @@ -19,7 +20,7 @@ import ( // - 直接实现键盘记录功能 // - 保持原有功能逻辑 type KeyloggerPlugin struct { - name string + plugins.BasePlugin outputFile string isRunning bool stopChan chan struct{} @@ -35,17 +36,13 @@ func NewKeyloggerPlugin() *KeyloggerPlugin { } return &KeyloggerPlugin{ - name: "keylogger", + BasePlugin: plugins.NewBasePlugin("keylogger"), outputFile: outputFile, stopChan: make(chan struct{}), keyBuffer: make([]string, 0), } } -// GetName 实现Plugin接口 -func (p *KeyloggerPlugin) Name() string { - return p.name -} // Scan 执行键盘记录 - 直接实现 diff --git a/plugins/local/ldpreload.go b/plugins/local/ldpreload.go index 126d7e2..63669f9 100644 --- a/plugins/local/ldpreload.go +++ b/plugins/local/ldpreload.go @@ -12,6 +12,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // LDPreloadPlugin LD_PRELOAD持久化插件 - Linus式简化版本 @@ -21,7 +22,7 @@ import ( // - 直接实现持久化功能 // - 保持原有功能逻辑 type LDPreloadPlugin struct { - name string + plugins.BasePlugin targetFile string } @@ -33,15 +34,11 @@ func NewLDPreloadPlugin() *LDPreloadPlugin { } return &LDPreloadPlugin{ - name: "ldpreload", + BasePlugin: plugins.NewBasePlugin("ldpreload"), targetFile: targetFile, } } -// GetName 实现Plugin接口 -func (p *LDPreloadPlugin) Name() string { - return p.name -} // Scan 执行LD_PRELOAD持久化 - 直接实现 diff --git a/plugins/local/minidump.go b/plugins/local/minidump.go index 6df78dc..c753d1b 100644 --- a/plugins/local/minidump.go +++ b/plugins/local/minidump.go @@ -16,6 +16,7 @@ import ( "golang.org/x/sys/windows" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) const ( @@ -61,7 +62,7 @@ type TOKEN_PRIVILEGES struct { // - 直接实现内存转储功能 // - 保持原有功能逻辑 type MiniDumpPlugin struct { - name string + plugins.BasePlugin kernel32 *syscall.DLL dbghelp *syscall.DLL advapi32 *syscall.DLL @@ -77,14 +78,10 @@ type ProcessManager struct { // NewMiniDumpPlugin 创建内存转储插件 func NewMiniDumpPlugin() *MiniDumpPlugin { return &MiniDumpPlugin{ - name: "minidump", + BasePlugin: plugins.NewBasePlugin("minidump"), } } -// GetName 实现Plugin接口 -func (p *MiniDumpPlugin) Name() string { - return p.name -} // Scan 执行内存转储 - 直接实现 diff --git a/plugins/local/reverseshell.go b/plugins/local/reverseshell.go index 6ebd8d9..222c61b 100644 --- a/plugins/local/reverseshell.go +++ b/plugins/local/reverseshell.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // ReverseShellPlugin 反弹Shell插件 - Linus式简化版本 @@ -22,7 +23,7 @@ import ( // - 直接实现反弹Shell功能 // - 保持原有功能逻辑 type ReverseShellPlugin struct { - name string + plugins.BasePlugin target string // 目标地址:端口 host string port int @@ -48,7 +49,7 @@ func NewReverseShellPlugin() *ReverseShellPlugin { } return &ReverseShellPlugin{ - name: "reverseshell", + BasePlugin: plugins.NewBasePlugin("reverseshell"), target: target, host: host, port: port, @@ -56,9 +57,6 @@ func NewReverseShellPlugin() *ReverseShellPlugin { } // GetName 实现Plugin接口 -func (p *ReverseShellPlugin) Name() string { - return p.name -} // Scan 执行反弹Shell - 直接实现 diff --git a/plugins/local/shellenv.go b/plugins/local/shellenv.go index 2dc6340..80986f7 100644 --- a/plugins/local/shellenv.go +++ b/plugins/local/shellenv.go @@ -12,6 +12,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // ShellEnvPlugin Shell环境变量持久化插件 - Linus式简化版本 @@ -21,7 +22,7 @@ import ( // - 直接实现持久化功能 // - 保持原有功能逻辑 type ShellEnvPlugin struct { - name string + plugins.BasePlugin targetFile string } @@ -33,15 +34,11 @@ func NewShellEnvPlugin() *ShellEnvPlugin { } return &ShellEnvPlugin{ - name: "shellenv", + BasePlugin: plugins.NewBasePlugin("shellenv"), targetFile: targetFile, } } -// GetName 实现Plugin接口 -func (p *ShellEnvPlugin) Name() string { - return p.name -} // Scan 执行Shell环境变量持久化 - 直接实现 diff --git a/plugins/local/socks5proxy.go b/plugins/local/socks5proxy.go index dfa409b..b28975f 100644 --- a/plugins/local/socks5proxy.go +++ b/plugins/local/socks5proxy.go @@ -10,6 +10,7 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // Socks5ProxyPlugin SOCKS5代理插件 - Linus式简化版本 @@ -19,7 +20,7 @@ import ( // - 直接实现SOCKS5代理功能 // - 保持原有功能逻辑 type Socks5ProxyPlugin struct { - name string + plugins.BasePlugin port int listener net.Listener } @@ -33,15 +34,11 @@ func NewSocks5ProxyPlugin() *Socks5ProxyPlugin { } return &Socks5ProxyPlugin{ - name: "socks5proxy", + BasePlugin: plugins.NewBasePlugin("socks5proxy"), port: port, } } -// GetName 实现Plugin接口 -func (p *Socks5ProxyPlugin) Name() string { - return p.name -} // Scan 执行SOCKS5代理扫描 - 直接实现 diff --git a/plugins/local/systemdservice.go b/plugins/local/systemdservice.go index 8e7d195..6aea288 100644 --- a/plugins/local/systemdservice.go +++ b/plugins/local/systemdservice.go @@ -12,6 +12,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // SystemdServicePlugin 系统服务持久化插件 - Linus式简化版本 @@ -21,7 +22,7 @@ import ( // - 直接实现系统服务持久化功能 // - 保持原有功能逻辑 type SystemdServicePlugin struct { - name string + plugins.BasePlugin targetFile string } @@ -33,15 +34,11 @@ func NewSystemdServicePlugin() *SystemdServicePlugin { } return &SystemdServicePlugin{ - name: "systemdservice", + BasePlugin: plugins.NewBasePlugin("systemdservice"), targetFile: targetFile, } } -// GetName 实现Plugin接口 -func (p *SystemdServicePlugin) Name() string { - return p.name -} // Scan 执行系统服务持久化 - 直接实现 diff --git a/plugins/local/systeminfo.go b/plugins/local/systeminfo.go index 1fc3ce6..e775b29 100644 --- a/plugins/local/systeminfo.go +++ b/plugins/local/systeminfo.go @@ -10,6 +10,7 @@ import ( "os/user" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // SystemInfoPlugin 系统信息收集插件 - Linus式简化版本 @@ -19,20 +20,16 @@ import ( // - 收集基本系统信息 // - 跨平台支持,运行时适配 type SystemInfoPlugin struct { - name string + plugins.BasePlugin } // NewSystemInfoPlugin 创建系统信息插件 func NewSystemInfoPlugin() *SystemInfoPlugin { return &SystemInfoPlugin{ - name: "systeminfo", + BasePlugin: plugins.NewBasePlugin("systeminfo"), } } -// GetName 实现Plugin接口 -func (p *SystemInfoPlugin) Name() string { - return p.name -} // Scan 执行系统信息收集 - 直接、简单、有效 diff --git a/plugins/local/winregistry.go b/plugins/local/winregistry.go index e909ce0..7788356 100644 --- a/plugins/local/winregistry.go +++ b/plugins/local/winregistry.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // WinRegistryPlugin Windows注册表持久化插件 - Linus式简化版本 @@ -20,7 +21,7 @@ import ( // - 直接实现注册表持久化功能 // - 保持原有功能逻辑 type WinRegistryPlugin struct { - name string + plugins.BasePlugin pePath string } @@ -32,15 +33,11 @@ func NewWinRegistryPlugin() *WinRegistryPlugin { } return &WinRegistryPlugin{ - name: "winregistry", + BasePlugin: plugins.NewBasePlugin("winregistry"), pePath: pePath, } } -// GetName 实现Plugin接口 -func (p *WinRegistryPlugin) Name() string { - return p.name -} // Scan 执行Windows注册表持久化 - 直接实现 diff --git a/plugins/local/winschtask.go b/plugins/local/winschtask.go index 49bd5af..3900e68 100644 --- a/plugins/local/winschtask.go +++ b/plugins/local/winschtask.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // WinSchTaskPlugin Windows计划任务持久化插件 - Linus式简化版本 @@ -20,7 +21,7 @@ import ( // - 直接实现计划任务持久化功能 // - 保持原有功能逻辑 type WinSchTaskPlugin struct { - name string + plugins.BasePlugin pePath string } @@ -32,15 +33,11 @@ func NewWinSchTaskPlugin() *WinSchTaskPlugin { } return &WinSchTaskPlugin{ - name: "winschtask", + BasePlugin: plugins.NewBasePlugin("winschtask"), pePath: pePath, } } -// GetName 实现Plugin接口 -func (p *WinSchTaskPlugin) Name() string { - return p.name -} // Scan 执行Windows计划任务持久化 - 直接实现 diff --git a/plugins/local/winservice.go b/plugins/local/winservice.go index c70066c..bc4b3f1 100644 --- a/plugins/local/winservice.go +++ b/plugins/local/winservice.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // WinServicePlugin Windows服务持久化插件 - Linus式简化版本 @@ -20,7 +21,7 @@ import ( // - 直接实现服务持久化功能 // - 保持原有功能逻辑 type WinServicePlugin struct { - name string + plugins.BasePlugin pePath string } @@ -32,15 +33,11 @@ func NewWinServicePlugin() *WinServicePlugin { } return &WinServicePlugin{ - name: "winservice", + BasePlugin: plugins.NewBasePlugin("winservice"), pePath: pePath, } } -// GetName 实现Plugin接口 -func (p *WinServicePlugin) Name() string { - return p.name -} // Scan 执行Windows服务持久化 - 直接实现 diff --git a/plugins/local/winstartup.go b/plugins/local/winstartup.go index 7ae6da8..c2b0e0d 100644 --- a/plugins/local/winstartup.go +++ b/plugins/local/winstartup.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // WinStartupPlugin Windows启动文件夹持久化插件 - Linus式简化版本 @@ -20,7 +21,7 @@ import ( // - 直接实现启动文件夹持久化功能 // - 保持原有功能逻辑 type WinStartupPlugin struct { - name string + plugins.BasePlugin pePath string } @@ -32,15 +33,11 @@ func NewWinStartupPlugin() *WinStartupPlugin { } return &WinStartupPlugin{ - name: "winstartup", + BasePlugin: plugins.NewBasePlugin("winstartup"), pePath: pePath, } } -// GetName 实现Plugin接口 -func (p *WinStartupPlugin) Name() string { - return p.name -} // Scan 执行Windows启动文件夹持久化 - 直接实现 diff --git a/plugins/local/winwmi.go b/plugins/local/winwmi.go index 6e24b84..fd3fdda 100644 --- a/plugins/local/winwmi.go +++ b/plugins/local/winwmi.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // WinWMIPlugin Windows WMI事件订阅持久化插件 - Linus式简化版本 @@ -20,7 +21,7 @@ import ( // - 直接实现WMI事件订阅持久化功能 // - 保持原有功能逻辑 type WinWMIPlugin struct { - name string + plugins.BasePlugin pePath string } @@ -32,15 +33,11 @@ func NewWinWMIPlugin() *WinWMIPlugin { } return &WinWMIPlugin{ - name: "winwmi", + BasePlugin: plugins.NewBasePlugin("winwmi"), pePath: pePath, } } -// GetName 实现Plugin接口 -func (p *WinWMIPlugin) Name() string { - return p.name -} // Scan 执行Windows WMI事件订阅持久化 - 直接实现 diff --git a/plugins/services/activemq.go b/plugins/services/activemq.go index 849c51e..5607ae1 100644 --- a/plugins/services/activemq.go +++ b/plugins/services/activemq.go @@ -8,27 +8,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type ActiveMQPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewActiveMQPlugin() *ActiveMQPlugin { return &ActiveMQPlugin{ - name: "activemq", - ports: []int{61616, 61617, 61618, 8161}, + BasePlugin: plugins.NewBasePlugin("activemq"), } } -func (p *ActiveMQPlugin) Name() string { - return p.name -} -func (p *ActiveMQPlugin) GetPorts() []int { - return p.ports -} func (p *ActiveMQPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/cassandra.go b/plugins/services/cassandra.go index f289c0c..6587963 100644 --- a/plugins/services/cassandra.go +++ b/plugins/services/cassandra.go @@ -9,27 +9,20 @@ import ( "github.com/gocql/gocql" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type CassandraPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewCassandraPlugin() *CassandraPlugin { return &CassandraPlugin{ - name: "cassandra", - ports: []int{9042, 9160, 7000, 7001}, + BasePlugin: plugins.NewBasePlugin("cassandra"), } } -func (p *CassandraPlugin) Name() string { - return p.name -} -func (p *CassandraPlugin) GetPorts() []int { - return p.ports -} func (p *CassandraPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/elasticsearch.go b/plugins/services/elasticsearch.go index 5c7aaf1..6cacb61 100644 --- a/plugins/services/elasticsearch.go +++ b/plugins/services/elasticsearch.go @@ -11,27 +11,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type ElasticsearchPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewElasticsearchPlugin() *ElasticsearchPlugin { return &ElasticsearchPlugin{ - name: "elasticsearch", - ports: []int{9200, 9300}, + BasePlugin: plugins.NewBasePlugin("elasticsearch"), } } -func (p *ElasticsearchPlugin) Name() string { - return p.name -} -func (p *ElasticsearchPlugin) GetPorts() []int { - return p.ports -} func (p *ElasticsearchPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/findnet.go b/plugins/services/findnet.go index d0c017d..b34f751 100644 --- a/plugins/services/findnet.go +++ b/plugins/services/findnet.go @@ -13,31 +13,23 @@ import ( "unicode" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // FindNetPlugin Windows网络发现插件 - 通过RPC端点映射服务收集网络信息 type FindNetPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewFindNetPlugin 创建FindNet插件 func NewFindNetPlugin() *FindNetPlugin { return &FindNetPlugin{ - name: "findnet", - ports: []int{135}, // RPC端点映射器端口 + BasePlugin: plugins.NewBasePlugin("findnet"), } } -// GetName 实现Plugin接口 -func (p *FindNetPlugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *FindNetPlugin) GetPorts() []int { - return p.ports -} // Scan 执行FindNet扫描 - Windows网络信息收集 func (p *FindNetPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/ftp.go b/plugins/services/ftp.go index 243a97c..058f525 100644 --- a/plugins/services/ftp.go +++ b/plugins/services/ftp.go @@ -7,27 +7,20 @@ import ( ftplib "github.com/jlaffaye/ftp" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type FTPPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewFTPPlugin() *FTPPlugin { return &FTPPlugin{ - name: "ftp", - ports: []int{21, 2121, 990}, + BasePlugin: plugins.NewBasePlugin("ftp"), } } -func (p *FTPPlugin) Name() string { - return p.name -} -func (p *FTPPlugin) GetPorts() []int { - return p.ports -} func (p *FTPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/kafka.go b/plugins/services/kafka.go index e7b4107..e74db88 100644 --- a/plugins/services/kafka.go +++ b/plugins/services/kafka.go @@ -7,27 +7,20 @@ import ( "github.com/IBM/sarama" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type KafkaPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewKafkaPlugin() *KafkaPlugin { return &KafkaPlugin{ - name: "kafka", - ports: []int{9092, 9093, 9094}, + BasePlugin: plugins.NewBasePlugin("kafka"), } } -func (p *KafkaPlugin) Name() string { - return p.name -} -func (p *KafkaPlugin) GetPorts() []int { - return p.ports -} func (p *KafkaPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/ldap.go b/plugins/services/ldap.go index 7d0d203..79deb1b 100644 --- a/plugins/services/ldap.go +++ b/plugins/services/ldap.go @@ -6,27 +6,20 @@ import ( ldaplib "github.com/go-ldap/ldap/v3" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type LDAPPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewLDAPPlugin() *LDAPPlugin { return &LDAPPlugin{ - name: "ldap", - ports: []int{389, 636, 3268, 3269}, + BasePlugin: plugins.NewBasePlugin("ldap"), } } -func (p *LDAPPlugin) Name() string { - return p.name -} -func (p *LDAPPlugin) GetPorts() []int { - return p.ports -} func (p *LDAPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/memcached.go b/plugins/services/memcached.go index 6bdc215..44d3840 100644 --- a/plugins/services/memcached.go +++ b/plugins/services/memcached.go @@ -8,27 +8,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type MemcachedPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewMemcachedPlugin() *MemcachedPlugin { return &MemcachedPlugin{ - name: "memcached", - ports: []int{11211, 11212, 11213}, + BasePlugin: plugins.NewBasePlugin("memcached"), } } -func (p *MemcachedPlugin) Name() string { - return p.name -} -func (p *MemcachedPlugin) GetPorts() []int { - return p.ports -} func (p *MemcachedPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/mongodb.go b/plugins/services/mongodb.go index 3d91d2a..63d133e 100644 --- a/plugins/services/mongodb.go +++ b/plugins/services/mongodb.go @@ -8,27 +8,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type MongoDBPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewMongoDBPlugin() *MongoDBPlugin { return &MongoDBPlugin{ - name: "mongodb", - ports: []int{27017, 27018, 27019}, + BasePlugin: plugins.NewBasePlugin("mongodb"), } } -func (p *MongoDBPlugin) Name() string { - return p.name -} -func (p *MongoDBPlugin) GetPorts() []int { - return p.ports -} func (p *MongoDBPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/ms17010.go b/plugins/services/ms17010.go index 7eab284..9b55e28 100644 --- a/plugins/services/ms17010.go +++ b/plugins/services/ms17010.go @@ -14,31 +14,23 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // MS17010Plugin MS17-010漏洞检测和利用插件 - 保持完整的原始利用功能 type MS17010Plugin struct { - name string - ports []int + plugins.BasePlugin } // NewMS17010Plugin 创建MS17010插件 func NewMS17010Plugin() *MS17010Plugin { return &MS17010Plugin{ - name: "ms17010", - ports: []int{445}, // SMB端口 + BasePlugin: plugins.NewBasePlugin("ms17010"), } } -// GetName 实现Plugin接口 -func (p *MS17010Plugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *MS17010Plugin) GetPorts() []int { - return p.ports -} // Scan 执行MS17-010扫描 func (p *MS17010Plugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/mssql.go b/plugins/services/mssql.go index 8561dc3..8c5ebf6 100644 --- a/plugins/services/mssql.go +++ b/plugins/services/mssql.go @@ -9,27 +9,20 @@ import ( _ "github.com/denisenkom/go-mssqldb" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type MSSQLPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewMSSQLPlugin() *MSSQLPlugin { return &MSSQLPlugin{ - name: "mssql", - ports: []int{1433, 1434}, + BasePlugin: plugins.NewBasePlugin("mssql"), } } -func (p *MSSQLPlugin) Name() string { - return p.name -} -func (p *MSSQLPlugin) GetPorts() []int { - return p.ports -} func (p *MSSQLPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/mysql.go b/plugins/services/mysql.go index 48d4e84..ef0ff1a 100644 --- a/plugins/services/mysql.go +++ b/plugins/services/mysql.go @@ -9,27 +9,20 @@ import ( _ "github.com/go-sql-driver/mysql" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type MySQLPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewMySQLPlugin() *MySQLPlugin { return &MySQLPlugin{ - name: "mysql", - ports: []int{3306, 3307, 33060}, + BasePlugin: plugins.NewBasePlugin("mysql"), } } -func (p *MySQLPlugin) Name() string { - return p.name -} -func (p *MySQLPlugin) GetPorts() []int { - return p.ports -} func (p *MySQLPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/neo4j.go b/plugins/services/neo4j.go index 49462c7..685f975 100644 --- a/plugins/services/neo4j.go +++ b/plugins/services/neo4j.go @@ -9,27 +9,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type Neo4jPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewNeo4jPlugin() *Neo4jPlugin { return &Neo4jPlugin{ - name: "neo4j", - ports: []int{7474, 7687, 7473}, + BasePlugin: plugins.NewBasePlugin("neo4j"), } } -func (p *Neo4jPlugin) Name() string { - return p.name -} -func (p *Neo4jPlugin) GetPorts() []int { - return p.ports -} func (p *Neo4jPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/netbios.go b/plugins/services/netbios.go index 3d59ddf..521ace1 100644 --- a/plugins/services/netbios.go +++ b/plugins/services/netbios.go @@ -9,31 +9,23 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // NetBIOSPlugin NetBIOS名称服务扫描插件 - 收集Windows主机名和域信息 type NetBIOSPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewNetBIOSPlugin 创建NetBIOS插件 func NewNetBIOSPlugin() *NetBIOSPlugin { return &NetBIOSPlugin{ - name: "netbios", - ports: []int{137, 139}, // NetBIOS名称服务和会话服务端口 + BasePlugin: plugins.NewBasePlugin("netbios"), } } -// GetName 实现Plugin接口 -func (p *NetBIOSPlugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *NetBIOSPlugin) GetPorts() []int { - return p.ports -} // Scan 执行NetBIOS扫描 - 收集Windows主机和域信息 func (p *NetBIOSPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/oracle.go b/plugins/services/oracle.go index 5b41dbc..c5f02d3 100644 --- a/plugins/services/oracle.go +++ b/plugins/services/oracle.go @@ -5,27 +5,20 @@ import ( "fmt" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type OraclePlugin struct { - name string - ports []int + plugins.BasePlugin } func NewOraclePlugin() *OraclePlugin { return &OraclePlugin{ - name: "oracle", - ports: []int{1521, 1522, 1525}, + BasePlugin: plugins.NewBasePlugin("oracle"), } } -func (p *OraclePlugin) Name() string { - return p.name -} -func (p *OraclePlugin) GetPorts() []int { - return p.ports -} func (p *OraclePlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { if common.DisableBrute { diff --git a/plugins/services/postgresql.go b/plugins/services/postgresql.go index 71d6cc8..a904188 100644 --- a/plugins/services/postgresql.go +++ b/plugins/services/postgresql.go @@ -9,27 +9,20 @@ import ( _ "github.com/lib/pq" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type PostgreSQLPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewPostgreSQLPlugin() *PostgreSQLPlugin { return &PostgreSQLPlugin{ - name: "postgresql", - ports: []int{5432, 5433, 5434}, + BasePlugin: plugins.NewBasePlugin("postgresql"), } } -func (p *PostgreSQLPlugin) Name() string { - return p.name -} -func (p *PostgreSQLPlugin) GetPorts() []int { - return p.ports -} func (p *PostgreSQLPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/rabbitmq.go b/plugins/services/rabbitmq.go index 39253ae..e35e558 100644 --- a/plugins/services/rabbitmq.go +++ b/plugins/services/rabbitmq.go @@ -9,27 +9,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type RabbitMQPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewRabbitMQPlugin() *RabbitMQPlugin { return &RabbitMQPlugin{ - name: "rabbitmq", - ports: []int{5672, 15672, 5671}, + BasePlugin: plugins.NewBasePlugin("rabbitmq"), } } -func (p *RabbitMQPlugin) Name() string { - return p.name -} -func (p *RabbitMQPlugin) GetPorts() []int { - return p.ports -} func (p *RabbitMQPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/rdp.go b/plugins/services/rdp.go index 06c9c1b..78c36a2 100644 --- a/plugins/services/rdp.go +++ b/plugins/services/rdp.go @@ -8,31 +8,23 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // RDPPlugin RDP远程桌面服务扫描插件 - 弱密码检测和服务识别 type RDPPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewRDPPlugin 创建RDP插件 func NewRDPPlugin() *RDPPlugin { return &RDPPlugin{ - name: "rdp", - ports: []int{3389}, // RDP端口 + BasePlugin: plugins.NewBasePlugin("rdp"), } } -// GetName 实现Plugin接口 -func (p *RDPPlugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *RDPPlugin) GetPorts() []int { - return p.ports -} // Scan 执行RDP扫描 - 基础服务识别 func (p *RDPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/redis.go b/plugins/services/redis.go index b84422f..5c6e4e9 100644 --- a/plugins/services/redis.go +++ b/plugins/services/redis.go @@ -10,31 +10,22 @@ import ( "github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common/i18n" + "github.com/shadow1ng/fscan/plugins" ) // RedisPlugin Redis数据库扫描和利用插件 - 包含文件写入利用功能 type RedisPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewRedisPlugin 创建Redis插件 func NewRedisPlugin() *RedisPlugin { return &RedisPlugin{ - name: "redis", - ports: []int{6379, 6380, 6381, 16379, 26379}, + BasePlugin: plugins.NewBasePlugin("redis"), } } -// GetName 实现Plugin接口 -func (p *RedisPlugin) Name() string { - return p.name -} -// GetPorts 实现Plugin接口 -func (p *RedisPlugin) GetPorts() []int { - return p.ports -} // Scan 执行Redis扫描 - 未授权访问检测和弱密码检测 func (p *RedisPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/rsync.go b/plugins/services/rsync.go index 908bb04..8988bae 100644 --- a/plugins/services/rsync.go +++ b/plugins/services/rsync.go @@ -9,27 +9,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type RsyncPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewRsyncPlugin() *RsyncPlugin { return &RsyncPlugin{ - name: "rsync", - ports: []int{873}, + BasePlugin: plugins.NewBasePlugin("rsync"), } } -func (p *RsyncPlugin) Name() string { - return p.name -} -func (p *RsyncPlugin) GetPorts() []int { - return p.ports -} func (p *RsyncPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/smb.go b/plugins/services/smb.go index 8a4ffba..22702f0 100644 --- a/plugins/services/smb.go +++ b/plugins/services/smb.go @@ -6,32 +6,25 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" "github.com/stacktitan/smb/smb" ) // SmbPlugin SMB弱密码检测插件 type SmbPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewSmbPlugin 创建SMB插件 func NewSmbPlugin() *SmbPlugin { return &SmbPlugin{ - name: "smb", - ports: []int{445}, + BasePlugin: plugins.NewBasePlugin("smb"), } } // GetName 实现Plugin接口 -func (p *SmbPlugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *SmbPlugin) GetPorts() []int { - return p.ports -} // Scan 执行SMB扫描 func (p *SmbPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/smb2.go b/plugins/services/smb2.go index 2d722cb..9a05eaa 100644 --- a/plugins/services/smb2.go +++ b/plugins/services/smb2.go @@ -7,31 +7,24 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // Smb2Plugin SMB2弱密码检测插件 type Smb2Plugin struct { - name string - ports []int + plugins.BasePlugin } // NewSmb2Plugin 创建SMB2插件 func NewSmb2Plugin() *Smb2Plugin { return &Smb2Plugin{ - name: "smb2", - ports: []int{445}, + BasePlugin: plugins.NewBasePlugin("smb2"), } } // GetName 实现Plugin接口 -func (p *Smb2Plugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *Smb2Plugin) GetPorts() []int { - return p.ports -} // Scan 执行SMB2扫描 func (p *Smb2Plugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/smbghost.go b/plugins/services/smbghost.go index 163c448..c0b7f69 100644 --- a/plugins/services/smbghost.go +++ b/plugins/services/smbghost.go @@ -8,12 +8,12 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // SmbGhostPlugin CVE-2020-0796 SMB Ghost漏洞检测插件 type SmbGhostPlugin struct { - name string - ports []int + plugins.BasePlugin } // SMB Ghost 检测数据包 @@ -104,20 +104,12 @@ const smbGhostPacket = "\x00" + // session // NewSmbGhostPlugin 创建SMB Ghost插件 func NewSmbGhostPlugin() *SmbGhostPlugin { return &SmbGhostPlugin{ - name: "smbghost", - ports: []int{445}, + BasePlugin: plugins.NewBasePlugin("smbghost"), } } -// GetName 实现Plugin接口 -func (p *SmbGhostPlugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *SmbGhostPlugin) GetPorts() []int { - return p.ports -} // Scan 执行SMB Ghost漏洞检测 func (p *SmbGhostPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/smbinfo.go b/plugins/services/smbinfo.go index 1fcde04..1b9456c 100644 --- a/plugins/services/smbinfo.go +++ b/plugins/services/smbinfo.go @@ -10,31 +10,23 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // SMBInfoPlugin SMB协议信息收集插件 - 收集操作系统和NTLM信息 type SMBInfoPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewSMBInfoPlugin 创建SMBInfo插件 func NewSMBInfoPlugin() *SMBInfoPlugin { return &SMBInfoPlugin{ - name: "smbinfo", - ports: []int{139, 445}, // SMB端口 + BasePlugin: plugins.NewBasePlugin("smbinfo"), } } -// GetName 实现Plugin接口 -func (p *SMBInfoPlugin) Name() string { - return p.name -} // GetPorts 实现Plugin接口 -func (p *SMBInfoPlugin) GetPorts() []int { - return p.ports -} // Scan 执行SMBInfo扫描 - SMB信息收集 func (p *SMBInfoPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/smtp.go b/plugins/services/smtp.go index dc2a21d..f794f77 100644 --- a/plugins/services/smtp.go +++ b/plugins/services/smtp.go @@ -10,27 +10,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type SMTPPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewSMTPPlugin() *SMTPPlugin { return &SMTPPlugin{ - name: "smtp", - ports: []int{25, 465, 587, 2525}, + BasePlugin: plugins.NewBasePlugin("smtp"), } } -func (p *SMTPPlugin) Name() string { - return p.name -} -func (p *SMTPPlugin) GetPorts() []int { - return p.ports -} func (p *SMTPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/snmp.go b/plugins/services/snmp.go index b17b1a7..9499bc9 100644 --- a/plugins/services/snmp.go +++ b/plugins/services/snmp.go @@ -8,27 +8,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type SNMPPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewSNMPPlugin() *SNMPPlugin { return &SNMPPlugin{ - name: "snmp", - ports: []int{161, 162}, + BasePlugin: plugins.NewBasePlugin("snmp"), } } -func (p *SNMPPlugin) Name() string { - return p.name -} -func (p *SNMPPlugin) GetPorts() []int { - return p.ports -} func (p *SNMPPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/ssh.go b/plugins/services/ssh.go index 74d4db1..a422d0e 100644 --- a/plugins/services/ssh.go +++ b/plugins/services/ssh.go @@ -12,31 +12,22 @@ import ( "golang.org/x/crypto/ssh" "github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common/i18n" + "github.com/shadow1ng/fscan/plugins" ) // SSHPlugin SSH扫描和利用插件 - 单文件实现,包含真正的利用功能 type SSHPlugin struct { - name string - ports []int + plugins.BasePlugin } // NewSSHPlugin 创建SSH插件 func NewSSHPlugin() *SSHPlugin { return &SSHPlugin{ - name: "ssh", - ports: []int{22, 2222, 2200, 22222}, + BasePlugin: plugins.NewBasePlugin("ssh"), } } -// GetName 实现Plugin接口 -func (p *SSHPlugin) Name() string { - return p.name -} -// GetPorts 实现Plugin接口 -func (p *SSHPlugin) GetPorts() []int { - return p.ports -} // Scan 执行SSH扫描 - 支持密码和密钥认证 func (p *SSHPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { diff --git a/plugins/services/telnet.go b/plugins/services/telnet.go index edc6c45..600cb27 100644 --- a/plugins/services/telnet.go +++ b/plugins/services/telnet.go @@ -8,27 +8,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type TelnetPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewTelnetPlugin() *TelnetPlugin { return &TelnetPlugin{ - name: "telnet", - ports: []int{23, 2323}, + BasePlugin: plugins.NewBasePlugin("telnet"), } } -func (p *TelnetPlugin) Name() string { - return p.name -} -func (p *TelnetPlugin) GetPorts() []int { - return p.ports -} func (p *TelnetPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/services/types.go b/plugins/services/types.go index aff029b..a4309bf 100644 --- a/plugins/services/types.go +++ b/plugins/services/types.go @@ -10,7 +10,6 @@ import ( // 插件接口定义 - 统一命名风格 type Plugin interface { Name() string - GetPorts() []int Scan(ctx context.Context, info *common.HostInfo) *ScanResult } diff --git a/plugins/services/vnc.go b/plugins/services/vnc.go index 9b5a2f2..aea239f 100644 --- a/plugins/services/vnc.go +++ b/plugins/services/vnc.go @@ -10,27 +10,20 @@ import ( "time" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) type VNCPlugin struct { - name string - ports []int + plugins.BasePlugin } func NewVNCPlugin() *VNCPlugin { return &VNCPlugin{ - name: "vnc", - ports: []int{5900, 5901, 5902, 5903, 5904, 5905, 5906, 5907, 5908, 5909}, + BasePlugin: plugins.NewBasePlugin("vnc"), } } -func (p *VNCPlugin) Name() string { - return p.name -} -func (p *VNCPlugin) GetPorts() []int { - return p.ports -} func (p *VNCPlugin) Scan(ctx context.Context, info *common.HostInfo) *ScanResult { target := fmt.Sprintf("%s:%s", info.Host, info.Ports) diff --git a/plugins/web/webpoc.go b/plugins/web/webpoc.go index 115806b..677f95c 100644 --- a/plugins/web/webpoc.go +++ b/plugins/web/webpoc.go @@ -5,26 +5,22 @@ import ( "fmt" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" "github.com/shadow1ng/fscan/webscan" ) // WebPocPlugin Web漏洞扫描插件 type WebPocPlugin struct { - name string + plugins.BasePlugin } // NewWebPocPlugin 创建Web POC插件 func NewWebPocPlugin() *WebPocPlugin { return &WebPocPlugin{ - name: "webpoc", + BasePlugin: plugins.NewBasePlugin("webpoc"), } } -// GetName 实现Plugin接口 -func (p *WebPocPlugin) Name() string { - return p.name -} - // Scan 执行Web POC扫描 func (p *WebPocPlugin) Scan(ctx context.Context, info *common.HostInfo) *WebScanResult { diff --git a/plugins/web/webtitle.go b/plugins/web/webtitle.go index 1fa00c0..613c54d 100644 --- a/plugins/web/webtitle.go +++ b/plugins/web/webtitle.go @@ -12,25 +12,21 @@ import ( "unicode/utf8" "github.com/shadow1ng/fscan/common" + "github.com/shadow1ng/fscan/plugins" ) // WebTitlePlugin Web标题获取插件 type WebTitlePlugin struct { - name string + plugins.BasePlugin } // NewWebTitlePlugin 创建WebTitle插件 func NewWebTitlePlugin() *WebTitlePlugin { return &WebTitlePlugin{ - name: "webtitle", + BasePlugin: plugins.NewBasePlugin("webtitle"), } } -// GetName 实现Plugin接口 -func (p *WebTitlePlugin) Name() string { - return p.name -} - // Scan 执行WebTitle扫描 func (p *WebTitlePlugin) Scan(ctx context.Context, info *common.HostInfo) *WebScanResult { diff --git a/quick_clean.sh b/quick_clean.sh deleted file mode 100644 index bdaaf30..0000000 --- a/quick_clean.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash -cd plugins/services - -# 使用awk清理Exploit函数的通用方法 -clean_exploit() { - local file=$1 - echo "Cleaning $file..." - - awk ' - BEGIN { - skip = 0 - brace_count = 0 - } - - # 检测Exploit函数开始 - /^func.*Exploit\(/ { - skip = 1 - brace_count = 0 - next - } - - # 在跳过模式下计算花括号 - skip { - brace_count += gsub(/\{/, "&") - brace_count -= gsub(/\}/, "&") - - if (brace_count <= 0 && /\}/) { - skip = 0 - next - } - } - - # 输出非跳过的行 - !skip { print } - ' "$file" > "${file}.tmp" && mv "${file}.tmp" "$file" - - echo "✓ $file cleaned" -} - -# 清理简单的服务插件 -for file in ftp.go kafka.go ldap.go rabbitmq.go netbios.go rdp.go smtp.go snmp.go telnet.go vnc.go; do - if [ -f "$file" ]; then - clean_exploit "$file" - fi -done - -echo "Batch cleaning completed!" \ No newline at end of file