mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-09-14 05:56:46 +08:00
cc4f55374a
- 修复URL正则表达式支持IP地址格式 - 修复URL解析后正确设置到HostInfo.Url字段 - 修复Web扫描目标Host和Port字段的提取 - 修复Web插件适用性检查逻辑,允许Web扫描策略直接执行Web插件 - 完善URL到目标信息的转换,包含协议默认端口处理
276 lines
9.4 KiB
Go
276 lines
9.4 KiB
Go
package parsers
|
||
|
||
import (
|
||
"regexp"
|
||
"time"
|
||
|
||
"github.com/shadow1ng/fscan/common/base"
|
||
)
|
||
|
||
/*
|
||
constants.go - 解析器系统常量定义
|
||
|
||
统一管理common/parsers包中的所有常量,便于查看和编辑。
|
||
*/
|
||
|
||
// =============================================================================
|
||
// 默认解析器选项常量 (从Types.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 解析器默认配置
|
||
DefaultEnableConcurrency = true
|
||
DefaultMaxWorkers = 4
|
||
DefaultTimeout = 30 * time.Second
|
||
DefaultEnableValidation = true
|
||
DefaultEnableStatistics = true
|
||
DefaultIgnoreErrors = false
|
||
DefaultFileMaxSize = 100 * 1024 * 1024 // 100MB
|
||
DefaultMaxTargets = 10000 // 10K targets
|
||
)
|
||
|
||
// =============================================================================
|
||
// 文件读取器常量 (从FileReader.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 文件读取器默认配置
|
||
DefaultMaxCacheSize = 10
|
||
DefaultEnableCache = true
|
||
DefaultFileReaderMaxFileSize = 50 * 1024 * 1024 // 50MB
|
||
DefaultFileReaderTimeout = 30 * time.Second
|
||
DefaultFileReaderEnableValidation = true
|
||
DefaultTrimSpace = true
|
||
DefaultSkipEmpty = true
|
||
DefaultSkipComments = true
|
||
|
||
// 文件内容验证
|
||
MaxLineLength = 1000 // 单行最大字符数
|
||
MaxValidRune = 32 // 最小有效字符ASCII值
|
||
TabRune = 9 // Tab字符
|
||
NewlineRune = 10 // 换行符
|
||
CarriageReturnRune = 13 // 回车符
|
||
CommentPrefix = "#" // 注释前缀
|
||
)
|
||
|
||
// =============================================================================
|
||
// 凭据解析器常量 (从CredentialParser.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 凭据验证限制
|
||
DefaultMaxUsernameLength = 64
|
||
DefaultMaxPasswordLength = 128
|
||
DefaultAllowEmptyPasswords = true
|
||
DefaultValidateHashes = true
|
||
DefaultDeduplicateUsers = true
|
||
DefaultDeduplicatePasswords = true
|
||
DefaultCredentialsEnableStatistics = true
|
||
|
||
// 哈希验证
|
||
HashRegexPattern = `^[a-fA-F0-9]{32}$` // MD5哈希正则表达式
|
||
HashValidationLength = 32 // 有效哈希长度
|
||
InvalidUsernameChars = "\r\n\t" // 无效用户名字符
|
||
)
|
||
|
||
// =============================================================================
|
||
// 网络解析器常量 (从NetworkParser.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 网络配置默认值
|
||
DefaultValidateProxies = true
|
||
DefaultAllowInsecure = false
|
||
DefaultNetworkTimeout = 30 * time.Second
|
||
DefaultWebTimeout = 10 * time.Second
|
||
DefaultUserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
|
||
|
||
// 超时限制
|
||
MaxTimeoutSeconds = 300 // 最大超时5分钟
|
||
MaxWebTimeoutSeconds = 120 // 最大Web超时2分钟
|
||
|
||
// 字符串长度限制
|
||
MaxUserAgentLength = 512 // 最大用户代理长度
|
||
MaxCookieLength = 4096 // 最大Cookie长度
|
||
|
||
// 代理快捷配置
|
||
ProxyShortcut1 = "1"
|
||
ProxyShortcut2 = "2"
|
||
ProxyShortcutHTTP = "http://127.0.0.1:8080"
|
||
ProxyShortcutSOCKS5 = "socks5://127.0.0.1:1080"
|
||
|
||
// 协议支持
|
||
ProtocolHTTP = "http"
|
||
ProtocolHTTPS = "https"
|
||
ProtocolSOCKS5 = "socks5"
|
||
ProtocolPrefix = "://"
|
||
SOCKS5Prefix = "socks5://"
|
||
HTTPPrefix = "http://"
|
||
|
||
// 端口范围
|
||
MinPort = 1
|
||
MaxPort = 65535
|
||
|
||
// 无效字符集
|
||
InvalidUserAgentChars = "\r\n\t"
|
||
)
|
||
|
||
// GetCommonBrowsers 获取常见浏览器标识列表
|
||
func GetCommonBrowsers() []string {
|
||
return []string{
|
||
"Mozilla", "Chrome", "Safari", "Firefox", "Edge", "Opera",
|
||
"AppleWebKit", "Gecko", "Trident", "Presto",
|
||
}
|
||
}
|
||
|
||
// =============================================================================
|
||
// 目标解析器常量 (从TargetParser.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 目标解析器默认配置
|
||
DefaultTargetMaxTargets = 10000
|
||
DefaultMaxPortRange = 1000
|
||
DefaultAllowPrivateIPs = true
|
||
DefaultAllowLoopback = true
|
||
DefaultValidateURLs = true
|
||
DefaultResolveDomains = false
|
||
DefaultTargetEnableStatistics = true
|
||
|
||
// 正则表达式模式
|
||
IPv4RegexPattern = `^(\d{1,3}\.){3}\d{1,3}$`
|
||
PortRangeRegexPattern = `^(\d+)(-(\d+))?$`
|
||
URLValidationRegexPattern = `^https?://[^\s]+$`
|
||
DomainRegexPattern = `^[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?)*$`
|
||
CookieRegexPattern = `^[^=;\s]+(=[^;\s]*)?(\s*;\s*[^=;\s]+(=[^;\s]*)?)*$`
|
||
|
||
// IP地址限制
|
||
MaxIPv4OctetValue = 255
|
||
IPv4OctetCount = 4
|
||
MaxDomainLength = 253
|
||
|
||
// CIDR网段简写
|
||
PrivateNetwork192 = "192"
|
||
PrivateNetwork172 = "172"
|
||
PrivateNetwork10 = "10"
|
||
PrivateNetwork192CIDR = "192.168.0.0/16"
|
||
PrivateNetwork172CIDR = "172.16.0.0/12"
|
||
PrivateNetwork10CIDR = "10.0.0.0/8"
|
||
|
||
// 私有网络范围
|
||
Private172StartSecondOctet = 16
|
||
Private172EndSecondOctet = 31
|
||
Private192SecondOctet = 168
|
||
|
||
// /8网段采样配置
|
||
Subnet8SamplingStep = 32
|
||
Subnet8ThirdOctetStep = 10
|
||
|
||
// IP地址计算位移
|
||
IPFirstOctetShift = 24
|
||
IPSecondOctetShift = 16
|
||
IPThirdOctetShift = 8
|
||
IPOctetMask = 0xFF
|
||
)
|
||
|
||
// GetCommonSecondOctets 获取常用第二段IP
|
||
func GetCommonSecondOctets() []int {
|
||
return []int{0, 1, 2, 10, 100, 200, 254}
|
||
}
|
||
|
||
// =============================================================================
|
||
// 简化解析器常量 (从Simple.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 端口和主机限制
|
||
SimpleMaxHosts = 10000
|
||
|
||
// 网段简写展开
|
||
DefaultGatewayLastOctet = 1
|
||
RouterSwitchLastOctet = 254
|
||
SamplingMinHost = 2
|
||
SamplingMaxHost = 253
|
||
)
|
||
|
||
// GetPortGroups 获取预定义端口组映射(统一的端口组定义)
|
||
func GetPortGroups() map[string]string {
|
||
return map[string]string{
|
||
"web": base.WebPorts, // 使用实际的WebPorts常量
|
||
"main": base.MainPorts, // 使用实际的MainPorts常量
|
||
"db": base.DbPorts, // 使用实际的DbPorts常量
|
||
"service": base.ServicePorts, // 使用实际的ServicePorts常量
|
||
"common": base.CommonPorts, // 使用实际的CommonPorts常量
|
||
"all": base.AllPorts, // 使用实际的AllPorts常量
|
||
}
|
||
}
|
||
|
||
// GetTargetPortGroups 获取目标解析器端口组映射(向后兼容,调用统一函数)
|
||
func GetTargetPortGroups() map[string]string {
|
||
return GetPortGroups()
|
||
}
|
||
|
||
// =============================================================================
|
||
// 验证解析器常量 (从ValidationParser.go迁移)
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 验证解析器默认配置
|
||
DefaultMaxErrorCount = 100
|
||
DefaultStrictMode = false
|
||
DefaultAllowEmpty = true
|
||
DefaultCheckConflicts = true
|
||
DefaultValidateTargets = true
|
||
DefaultValidateNetwork = true
|
||
|
||
// 性能警告阈值
|
||
MaxTargetsThreshold = 100000 // 最大目标数量阈值
|
||
MinTimeoutThreshold = 1 * time.Second // 最小超时阈值
|
||
MaxTimeoutThreshold = 60 * time.Second // 最大超时阈值
|
||
)
|
||
|
||
// =============================================================================
|
||
// 错误类型常量
|
||
// =============================================================================
|
||
|
||
const (
|
||
// 解析错误类型
|
||
ErrorTypeInputError = "INPUT_ERROR"
|
||
ErrorTypeFileError = "FILE_ERROR"
|
||
ErrorTypeTimeout = "TIMEOUT"
|
||
ErrorTypeReadError = "READ_ERROR"
|
||
ErrorTypeUsernameError = "USERNAME_ERROR"
|
||
ErrorTypePasswordError = "PASSWORD_ERROR"
|
||
ErrorTypeHashError = "HASH_ERROR"
|
||
ErrorTypeProxyError = "PROXY_ERROR"
|
||
ErrorTypeUserAgentError = "USERAGENT_ERROR"
|
||
ErrorTypeCookieError = "COOKIE_ERROR"
|
||
ErrorTypeHostError = "HOST_ERROR"
|
||
ErrorTypePortError = "PORT_ERROR"
|
||
ErrorTypeExcludePortError = "EXCLUDE_PORT_ERROR"
|
||
|
||
)
|
||
|
||
// =============================================================================
|
||
// 编译时正则表达式
|
||
// =============================================================================
|
||
|
||
var (
|
||
// 预编译的正则表达式,提高性能
|
||
CompiledHashRegex *regexp.Regexp
|
||
CompiledIPv4Regex *regexp.Regexp
|
||
CompiledPortRegex *regexp.Regexp
|
||
CompiledURLRegex *regexp.Regexp
|
||
CompiledDomainRegex *regexp.Regexp
|
||
CompiledCookieRegex *regexp.Regexp
|
||
)
|
||
|
||
// 在包初始化时编译正则表达式
|
||
func init() {
|
||
CompiledHashRegex = regexp.MustCompile(HashRegexPattern)
|
||
CompiledIPv4Regex = regexp.MustCompile(IPv4RegexPattern)
|
||
CompiledPortRegex = regexp.MustCompile(PortRangeRegexPattern)
|
||
CompiledURLRegex = regexp.MustCompile(URLValidationRegexPattern)
|
||
CompiledDomainRegex = regexp.MustCompile(DomainRegexPattern)
|
||
CompiledCookieRegex = regexp.MustCompile(CookieRegexPattern)
|
||
} |