mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-09-14 14:06:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
4cd8ed5668
fscan/cleanup_exploits.py
ZacharyZcR 6cf5719e8a refactor: 彻底清理插件系统,消除虚假利用功能 
- 删除整个legacy插件系统(7794行代码)
- 完成所有插件向单文件架构迁移
- 移除19个插件的虚假Exploit功能,只保留真实利用:
  * Redis: 文件写入、SSH密钥注入、计划任务
  * SSH: 命令执行
  * MS17010: EternalBlue漏洞利用
- 统一插件接口,简化架构复杂度
- 清理临时文件和备份文件

重构效果:
- 代码行数: -7794行
- 插件文件数: 从3文件架构→单文件架构
- 真实利用插件: 从22个→3个
- 架构复杂度: 大幅简化
2025-08-26 11:43:48 +08:00

79 lines
2.5 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env python3
import os
import re
# 保留exploit的插件真正有利用价值的
KEEP_EXPLOITS = ['ssh.go', 'redis.go', 'ms17010.go']
# 需要清理exploit的插件目录
PLUGINS_DIR = 'plugins/services'
def remove_exploit_function(content, filename):
"""移除Exploit函数及其相关方法"""
print(f"Processing {filename}")
# 匹配并删除Exploit函数
exploit_pattern = r'// Exploit.*?\nfunc \([^)]+\) Exploit\([^{]*\{(?:[^{}]++|\{(?:[^{}]++|\{[^{}]*\})*\})*\}\n'
content = re.sub(exploit_pattern, '', content, flags=re.MULTILINE | re.DOTALL)
# 简化一点,匹配函数定义到下一个函数定义
lines = content.split('\n')
output_lines = []
skip_lines = False
brace_count = 0
for line in lines:
# 检查是否是Exploit函数的开始
if 'func ' in line and 'Exploit(' in line:
skip_lines = True
brace_count = 0
continue
if skip_lines:
# 计算花括号
brace_count += line.count('{')
brace_count -= line.count('}')
# 如果花括号平衡且不在函数内,停止跳过
if brace_count <= 0 and '}' in line:
skip_lines = False
continue
if not skip_lines:
output_lines.append(line)
return '\n'.join(output_lines)
def main():
if not os.path.exists(PLUGINS_DIR):
print(f"Directory {PLUGINS_DIR} not found")
return
for filename in os.listdir(PLUGINS_DIR):
if not filename.endswith('.go') or filename in KEEP_EXPLOITS or filename == 'init.go':
continue
filepath = os.path.join(PLUGINS_DIR, filename)
try:
with open(filepath, 'r', encoding='utf-8') as f:
content = f.read()
# 检查是否有Exploit函数
if 'func ' in content and 'Exploit(' in content:
# 移除Exploit函数
new_content = remove_exploit_function(content, filename)
# 写回文件
with open(filepath, 'w', encoding='utf-8') as f:
f.write(new_content)
print(f"✅ Cleaned {filename}")
else:
print(f"⏭️ Skipped {filename} (no Exploit function)")
except Exception as e:
print(f"❌ Error processing {filename}: {e}")
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink