mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-09-14 14:06:44 +08:00
143801ff58
当服务扫描模式检测到常见Web端口时,自动包含WebPoc和WebTitle插件, 提升Web服务扫描覆盖率的同时保持完全向后兼容性。 主要改进: - 新增WebPortDetector智能检测Web服务 - 服务扫描模式自动包含Web插件当检测到Web端口时 - 创建WebPoc和WebTitle插件适配器 - 保持所有现有功能和参数行为不变
54 lines
1.6 KiB
Go
54 lines
1.6 KiB
Go
package webpoc
|
||
|
||
import (
|
||
"github.com/shadow1ng/fscan/plugins/adapters"
|
||
"github.com/shadow1ng/fscan/plugins/base"
|
||
LegacyPlugins "github.com/shadow1ng/fscan/plugins/legacy"
|
||
)
|
||
|
||
// NewWebPocPlugin 创建WebPoc漏洞扫描插件
|
||
func NewWebPocPlugin() base.Plugin {
|
||
// 插件元数据
|
||
metadata := &base.PluginMetadata{
|
||
Name: "webpoc",
|
||
Version: "1.0.0",
|
||
Author: "fscan-team",
|
||
Description: "Web应用漏洞POC扫描检测",
|
||
Category: "web",
|
||
Ports: []int{}, // Web插件不限制端口,支持任意端口的URL
|
||
Protocols: []string{"http", "https"},
|
||
Tags: []string{"web", "poc", "vulnerability", "exploit"},
|
||
}
|
||
|
||
// 适配器选项
|
||
options := &adapters.LegacyPluginOptions{
|
||
CheckBruteFlag: false, // WebPoc不依赖暴力破解标志
|
||
IsVulnPlugin: true, // 这是漏洞检测插件
|
||
IsInfoPlugin: false,
|
||
CustomPorts: []int{}, // Web插件不限制端口,支持任意端口的URL
|
||
}
|
||
|
||
// 创建适配器,使用老版本的WebPoc函数
|
||
return adapters.NewLegacyPlugin(metadata, LegacyPlugins.WebPoc, options)
|
||
}
|
||
|
||
// init 自动注册WebPoc插件
|
||
func init() {
|
||
// 创建插件工厂
|
||
metadata := &base.PluginMetadata{
|
||
Name: "webpoc",
|
||
Version: "1.0.0",
|
||
Author: "fscan-team",
|
||
Description: "Web应用漏洞POC扫描检测",
|
||
Category: "web",
|
||
Ports: []int{}, // Web插件不限制端口,支持任意端口的URL
|
||
Protocols: []string{"http", "https"},
|
||
Tags: []string{"web", "poc", "vulnerability", "exploit"},
|
||
}
|
||
|
||
factory := base.NewSimplePluginFactory(metadata, func() base.Plugin {
|
||
return NewWebPocPlugin()
|
||
})
|
||
|
||
base.GlobalPluginRegistry.Register("webpoc", factory)
|
||
} |