diff --git a/Core/Registry.go b/Core/Registry.go index 25c811d..e8018e6 100644 --- a/Core/Registry.go +++ b/Core/Registry.go @@ -42,6 +42,17 @@ import ( // 导入Web插件适配器 _ "github.com/shadow1ng/fscan/plugins/legacy/webtitle" _ "github.com/shadow1ng/fscan/plugins/legacy/webpoc" + + // 导入跨平台本地插件 + _ "github.com/shadow1ng/fscan/plugins/local/fileinfo" // 文件信息收集 + _ "github.com/shadow1ng/fscan/plugins/local/dcinfo" // 域控信息收集 + _ "github.com/shadow1ng/fscan/plugins/local/reverseshell" // 反弹Shell + _ "github.com/shadow1ng/fscan/plugins/local/socks5proxy" // SOCKS5代理 + _ "github.com/shadow1ng/fscan/plugins/local/avdetect" // 杀毒软件检测 + _ "github.com/shadow1ng/fscan/plugins/local/forwardshell" // 正向Shell + _ "github.com/shadow1ng/fscan/plugins/local/keylogger" // 跨平台键盘记录 + _ "github.com/shadow1ng/fscan/plugins/local/downloader" // 跨平台文件下载 + _ "github.com/shadow1ng/fscan/plugins/local/cleaner" // 跨平台系统痕迹清理 ) // ============================================================================= diff --git a/Core/registry_linux.go b/Core/registry_linux.go new file mode 100644 index 0000000..832985a --- /dev/null +++ b/Core/registry_linux.go @@ -0,0 +1,11 @@ +//go:build linux + +package core + +import ( + // Linux持久化插件 + _ "github.com/shadow1ng/fscan/plugins/local/ldpreload" // Linux LD_PRELOAD持久化 + _ "github.com/shadow1ng/fscan/plugins/local/shellenv" // Linux Shell环境变量持久化 + _ "github.com/shadow1ng/fscan/plugins/local/crontask" // Linux Cron计划任务持久化 + _ "github.com/shadow1ng/fscan/plugins/local/systemdservice" // Linux Systemd服务持久化 +) \ No newline at end of file diff --git a/Core/registry_windows.go b/Core/registry_windows.go new file mode 100644 index 0000000..a322d4c --- /dev/null +++ b/Core/registry_windows.go @@ -0,0 +1,13 @@ +//go:build windows + +package core + +import ( + // Windows持久化插件 + _ "github.com/shadow1ng/fscan/plugins/local/winregistry" // Windows 注册表持久化 + _ "github.com/shadow1ng/fscan/plugins/local/winstartup" // Windows 启动文件夹持久化 + _ "github.com/shadow1ng/fscan/plugins/local/winschtask" // Windows 计划任务持久化 + _ "github.com/shadow1ng/fscan/plugins/local/winservice" // Windows 服务持久化 + _ "github.com/shadow1ng/fscan/plugins/local/winwmi" // Windows WMI事件订阅持久化 + _ "github.com/shadow1ng/fscan/plugins/local/minidump" // Windows 内存转储 +) \ No newline at end of file diff --git a/PARAMETERS.md b/PARAMETERS.md index 125b781..4ab3a27 100644 --- a/PARAMETERS.md +++ b/PARAMETERS.md @@ -108,7 +108,7 @@ | `avdetect` | 杀毒软件检测 | Windows/Linux/macOS | | `fileinfo` | 文件信息收集 | Windows/Linux/macOS | | `dcinfo` | 域控信息收集 | Windows/Linux/macOS | -| `minidump` | 内存转储 | Windows/Linux | +| `minidump` | 内存转储 | Windows | | `reverseshell` | 反弹Shell | Windows/Linux/macOS | | `socks5proxy` | SOCKS5代理 | Windows/Linux/macOS | | `forwardshell` | 正向Shell | Windows/Linux/macOS | diff --git a/Plugins/local/crontask/plugin.go b/Plugins/local/crontask/plugin.go index 9637e81..2a2935e 100644 --- a/Plugins/local/crontask/plugin.go +++ b/Plugins/local/crontask/plugin.go @@ -1,3 +1,5 @@ +//go:build linux + package crontask import ( diff --git a/Plugins/local/ldpreload/plugin.go b/Plugins/local/ldpreload/plugin.go index 9ee2d4e..df090ef 100644 --- a/Plugins/local/ldpreload/plugin.go +++ b/Plugins/local/ldpreload/plugin.go @@ -1,3 +1,5 @@ +//go:build linux + package ldpreload import ( diff --git a/Plugins/local/shellenv/plugin.go b/Plugins/local/shellenv/plugin.go index b3a19ea..02c791b 100644 --- a/Plugins/local/shellenv/plugin.go +++ b/Plugins/local/shellenv/plugin.go @@ -1,3 +1,5 @@ +//go:build linux + package shellenv import ( diff --git a/Plugins/local/systemdservice/plugin.go b/Plugins/local/systemdservice/plugin.go index b33235d..5cca78f 100644 --- a/Plugins/local/systemdservice/plugin.go +++ b/Plugins/local/systemdservice/plugin.go @@ -1,3 +1,5 @@ +//go:build linux + package systemdservice import ( diff --git a/Plugins/local/winregistry/plugin.go b/Plugins/local/winregistry/plugin.go index fe8677d..0e93515 100644 --- a/Plugins/local/winregistry/plugin.go +++ b/Plugins/local/winregistry/plugin.go @@ -1,3 +1,5 @@ +//go:build windows + package winregistry import ( diff --git a/Plugins/local/winschtask/plugin.go b/Plugins/local/winschtask/plugin.go index 60e3744..af1436c 100644 --- a/Plugins/local/winschtask/plugin.go +++ b/Plugins/local/winschtask/plugin.go @@ -1,3 +1,5 @@ +//go:build windows + package winschtask import ( diff --git a/Plugins/local/winservice/plugin.go b/Plugins/local/winservice/plugin.go index 771aae1..226eae9 100644 --- a/Plugins/local/winservice/plugin.go +++ b/Plugins/local/winservice/plugin.go @@ -1,3 +1,5 @@ +//go:build windows + package winservice import ( diff --git a/Plugins/local/winstartup/plugin.go b/Plugins/local/winstartup/plugin.go index f63737b..5e9adcd 100644 --- a/Plugins/local/winstartup/plugin.go +++ b/Plugins/local/winstartup/plugin.go @@ -1,3 +1,5 @@ +//go:build windows + package winstartup import ( diff --git a/Plugins/local/winwmi/plugin.go b/Plugins/local/winwmi/plugin.go index 3816f16..c20285e 100644 --- a/Plugins/local/winwmi/plugin.go +++ b/Plugins/local/winwmi/plugin.go @@ -1,3 +1,5 @@ +//go:build windows + package winwmi import ( diff --git a/main.go b/main.go index 14adc6f..86330a9 100644 --- a/main.go +++ b/main.go @@ -8,35 +8,6 @@ import ( "github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/core" "github.com/shadow1ng/fscan/plugins/base" - - // 引入本地插件以触发注册 - _ "github.com/shadow1ng/fscan/plugins/local/fileinfo" // 已重构,可用 - _ "github.com/shadow1ng/fscan/plugins/local/dcinfo" // 已重构,可用 - _ "github.com/shadow1ng/fscan/plugins/local/minidump" // 已重构,可用 - _ "github.com/shadow1ng/fscan/plugins/local/reverseshell" // 已重构,可用 - _ "github.com/shadow1ng/fscan/plugins/local/socks5proxy" // 已重构,可用 - _ "github.com/shadow1ng/fscan/plugins/local/avdetect" // 已重构,可用 - _ "github.com/shadow1ng/fscan/plugins/local/forwardshell" // 新增,可用 - - // Linux持久化插件 - _ "github.com/shadow1ng/fscan/plugins/local/ldpreload" // Linux LD_PRELOAD持久化 - _ "github.com/shadow1ng/fscan/plugins/local/shellenv" // Linux Shell环境变量持久化 - _ "github.com/shadow1ng/fscan/plugins/local/crontask" // Linux Cron计划任务持久化 - _ "github.com/shadow1ng/fscan/plugins/local/systemdservice" // Linux Systemd服务持久化 - - // Windows持久化插件 - _ "github.com/shadow1ng/fscan/plugins/local/winregistry" // Windows 注册表持久化 - _ "github.com/shadow1ng/fscan/plugins/local/winstartup" // Windows 启动文件夹持久化 - _ "github.com/shadow1ng/fscan/plugins/local/winschtask" // Windows 计划任务持久化 - _ "github.com/shadow1ng/fscan/plugins/local/winservice" // Windows 服务持久化 - _ "github.com/shadow1ng/fscan/plugins/local/winwmi" // Windows WMI事件订阅持久化 - - // 监控插件 - _ "github.com/shadow1ng/fscan/plugins/local/keylogger" // 跨平台键盘记录 - - // 实用工具插件 - _ "github.com/shadow1ng/fscan/plugins/local/downloader" // 跨平台文件下载 - _ "github.com/shadow1ng/fscan/plugins/local/cleaner" // 跨平台系统痕迹清理 ) // initLocalPlugins 初始化本地插件列表