mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-09-14 14:06:44 +08:00
6cf5719e8a
- 删除整个legacy插件系统(7794行代码) - 完成所有插件向单文件架构迁移 - 移除19个插件的虚假Exploit功能,只保留真实利用: * Redis: 文件写入、SSH密钥注入、计划任务 * SSH: 命令执行 * MS17010: EternalBlue漏洞利用 - 统一插件接口,简化架构复杂度 - 清理临时文件和备份文件 重构效果: - 代码行数: -7794行 - 插件文件数: 从3文件架构→单文件架构 - 真实利用插件: 从22个→3个 - 架构复杂度: 大幅简化
114 lines
2.4 KiB
Go
114 lines
2.4 KiB
Go
package services
|
|
|
|
import (
|
|
"context"
|
|
"strings"
|
|
"sync"
|
|
|
|
"github.com/shadow1ng/fscan/common"
|
|
)
|
|
|
|
// Plugin 插件接口 - 简化的统一接口
|
|
type Plugin interface {
|
|
GetName() string
|
|
GetPorts() []int
|
|
Scan(ctx context.Context, info *common.HostInfo) *ScanResult
|
|
}
|
|
|
|
// Exploiter 利用接口 - 用于支持利用功能的插件
|
|
type Exploiter interface {
|
|
Exploit(ctx context.Context, info *common.HostInfo, creds Credential) *ExploitResult
|
|
}
|
|
|
|
// ScanResult 扫描结果
|
|
type ScanResult struct {
|
|
Success bool
|
|
Service string
|
|
Username string
|
|
Password string
|
|
Banner string
|
|
Error error
|
|
}
|
|
|
|
// ExploitResult 利用结果
|
|
type ExploitResult struct {
|
|
Success bool
|
|
Output string
|
|
Error error
|
|
}
|
|
|
|
// Credential 认证凭据
|
|
type Credential struct {
|
|
Username string
|
|
Password string
|
|
KeyData []byte // SSH密钥数据
|
|
}
|
|
|
|
// 插件注册表
|
|
var (
|
|
pluginRegistry = make(map[string]func() Plugin)
|
|
pluginMutex sync.RWMutex
|
|
)
|
|
|
|
// RegisterPlugin 注册插件
|
|
func RegisterPlugin(name string, factory func() Plugin) {
|
|
pluginMutex.Lock()
|
|
defer pluginMutex.Unlock()
|
|
pluginRegistry[name] = factory
|
|
}
|
|
|
|
// GetPlugin 获取插件实例
|
|
func GetPlugin(name string) Plugin {
|
|
pluginMutex.RLock()
|
|
defer pluginMutex.RUnlock()
|
|
|
|
factory, exists := pluginRegistry[name]
|
|
if !exists {
|
|
return nil
|
|
}
|
|
return factory()
|
|
}
|
|
|
|
// GetAllPlugins 获取所有已注册插件的名称
|
|
func GetAllPlugins() []string {
|
|
pluginMutex.RLock()
|
|
defer pluginMutex.RUnlock()
|
|
|
|
var plugins []string
|
|
for name := range pluginRegistry {
|
|
plugins = append(plugins, name)
|
|
}
|
|
return plugins
|
|
}
|
|
|
|
// GenerateCredentials 生成默认测试凭据
|
|
func GenerateCredentials(service string) []Credential {
|
|
var credentials []Credential
|
|
|
|
// 从common包中获取用户字典和密码列表
|
|
users := common.Userdict[service]
|
|
if len(users) == 0 {
|
|
// 使用通用用户名
|
|
users = []string{"admin", "root", "administrator", "user", "guest", ""}
|
|
}
|
|
|
|
passwords := common.Passwords
|
|
if len(passwords) == 0 {
|
|
// 使用通用密码
|
|
passwords = []string{"", "admin", "root", "password", "123456", "12345", "1234"}
|
|
}
|
|
|
|
// 生成用户名和密码的组合
|
|
for _, user := range users {
|
|
for _, pass := range passwords {
|
|
// 替换密码中的占位符
|
|
actualPass := strings.Replace(pass, "{user}", user, -1)
|
|
credentials = append(credentials, Credential{
|
|
Username: user,
|
|
Password: actualPass,
|
|
})
|
|
}
|
|
}
|
|
|
|
return credentials
|
|
} |