From 375a1e46736878bd63bbea40dbd562ddd1851b96 Mon Sep 17 00:00:00 2001
From: ZacharyZcR <2903735704@qq.com>
Date: Fri, 20 Dec 2024 18:38:13 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20=E7=AB=AF=E5=8F=A3=E6=94=AF?=
 =?UTF-8?q?=E6=8C=81=E6=94=B9=E4=B8=BA=E5=88=97=E8=A1=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Common/Parse.go  | 60 ++++++++++++++++++++++++------------------------
 Common/Types.go  | 18 ++++++++++++++-
 Core/Registry.go | 39 ++++++++++++++++---------------
 Core/Scanner.go  | 13 +++++------
 4 files changed, 73 insertions(+), 57 deletions(-)

diff --git a/Common/Parse.go b/Common/Parse.go
index 2516415..f39a980 100644
--- a/Common/Parse.go
+++ b/Common/Parse.go
@@ -317,33 +317,33 @@ func ParseInput(Info *HostInfo) error {
 	return nil
 }
 
-// showmode 显示所有支持的扫描类型
-func showmode() {
-	fmt.Println("[!] 指定的扫描类型不存在")
-	fmt.Println("[*] 支持的扫描类型:")
-
-	// 显示常规服务扫描类型
-	fmt.Println("\n[+] 常规服务扫描:")
-	for name, plugin := range PluginManager {
-		if plugin.Port > 0 && plugin.Port < 1000000 {
-			fmt.Printf("   - %-10s (端口: %d)\n", name, plugin.Port)
-		}
-	}
-
-	// 显示特殊漏洞扫描类型
-	fmt.Println("\n[+] 特殊漏洞扫描:")
-	for name, plugin := range PluginManager {
-		if plugin.Port >= 1000000 || plugin.Port == 0 {
-			fmt.Printf("   - %-10s\n", name)
-		}
-	}
-
-	// 显示其他扫描类型
-	fmt.Println("\n[+] 其他扫描类型:")
-	specialTypes := []string{"all", "portscan", "icmp", "main", "webonly", "webpoc"}
-	for _, name := range specialTypes {
-		fmt.Printf("   - %s\n", name)
-	}
-
-	os.Exit(0)
-}
+//// showmode 显示所有支持的扫描类型
+//func showmode() {
+//	fmt.Println("[!] 指定的扫描类型不存在")
+//	fmt.Println("[*] 支持的扫描类型:")
+//
+//	// 显示常规服务扫描类型
+//	fmt.Println("\n[+] 常规服务扫描:")
+//	for name, plugin := range PluginManager {
+//		if plugin.Port > 0 && plugin.Port < 1000000 {
+//			fmt.Printf("   - %-10s (端口: %d)\n", name, plugin.Port)
+//		}
+//	}
+//
+//	// 显示特殊漏洞扫描类型
+//	fmt.Println("\n[+] 特殊漏洞扫描:")
+//	for name, plugin := range PluginManager {
+//		if plugin.Port >= 1000000 || plugin.Port == 0 {
+//			fmt.Printf("   - %-10s\n", name)
+//		}
+//	}
+//
+//	// 显示其他扫描类型
+//	fmt.Println("\n[+] 其他扫描类型:")
+//	specialTypes := []string{"all", "portscan", "icmp", "main", "webonly", "webpoc"}
+//	for _, name := range specialTypes {
+//		fmt.Printf("   - %s\n", name)
+//	}
+//
+//	os.Exit(0)
+//}
diff --git a/Common/Types.go b/Common/Types.go
index 948e744..3c36aea 100644
--- a/Common/Types.go
+++ b/Common/Types.go
@@ -11,10 +11,26 @@ type HostInfo struct {
 // ScanPlugin 定义扫描插件的结构
 type ScanPlugin struct {
 	Name     string                // 插件名称
-	Port     int                   // 关联的端口号，0表示特殊扫描类型
+	Ports    []int                 // 关联的端口列表，空切片表示特殊扫描类型
 	ScanFunc func(*HostInfo) error // 扫描函数
 }
 
+// HasPort 检查插件是否支持指定端口
+func (p *ScanPlugin) HasPort(port int) bool {
+	// 如果没有指定端口列表，表示支持所有端口
+	if len(p.Ports) == 0 {
+		return true
+	}
+
+	// 检查端口是否在支持列表中
+	for _, supportedPort := range p.Ports {
+		if port == supportedPort {
+			return true
+		}
+	}
+	return false
+}
+
 // PluginManager 管理插件注册
 var PluginManager = make(map[string]ScanPlugin)
 
diff --git a/Core/Registry.go b/Core/Registry.go
index 4cfc3b9..0d1ed67 100644
--- a/Core/Registry.go
+++ b/Core/Registry.go
@@ -9,104 +9,104 @@ func init() {
 	// 注册标准端口服务扫描
 	Common.RegisterPlugin("ftp", Common.ScanPlugin{
 		Name:     "FTP",
-		Port:     21,
+		Ports:    []int{21},
 		ScanFunc: Plugins.FtpScan,
 	})
 
 	Common.RegisterPlugin("ssh", Common.ScanPlugin{
 		Name:     "SSH",
-		Port:     22,
+		Ports:    []int{22},
 		ScanFunc: Plugins.SshScan,
 	})
 
 	Common.RegisterPlugin("findnet", Common.ScanPlugin{
 		Name:     "FindNet",
-		Port:     135,
+		Ports:    []int{135},
 		ScanFunc: Plugins.Findnet,
 	})
 
 	Common.RegisterPlugin("netbios", Common.ScanPlugin{
 		Name:     "NetBIOS",
-		Port:     139,
+		Ports:    []int{139},
 		ScanFunc: Plugins.NetBIOS,
 	})
 
 	Common.RegisterPlugin("smb", Common.ScanPlugin{
 		Name:     "SMB",
-		Port:     445,
+		Ports:    []int{445},
 		ScanFunc: Plugins.SmbScan,
 	})
 
 	Common.RegisterPlugin("mssql", Common.ScanPlugin{
 		Name:     "MSSQL",
-		Port:     1433,
+		Ports:    []int{1433, 1434}, // 支持多个端口
 		ScanFunc: Plugins.MssqlScan,
 	})
 
 	Common.RegisterPlugin("oracle", Common.ScanPlugin{
 		Name:     "Oracle",
-		Port:     1521,
+		Ports:    []int{1521, 1522, 1526}, // Oracle 可能的多个端口
 		ScanFunc: Plugins.OracleScan,
 	})
 
 	Common.RegisterPlugin("mysql", Common.ScanPlugin{
 		Name:     "MySQL",
-		Port:     3306,
+		Ports:    []int{3306, 3307}, // MySQL 可能的端口
 		ScanFunc: Plugins.MysqlScan,
 	})
 
 	Common.RegisterPlugin("rdp", Common.ScanPlugin{
 		Name:     "RDP",
-		Port:     3389,
+		Ports:    []int{3389},
 		ScanFunc: Plugins.RdpScan,
 	})
 
 	Common.RegisterPlugin("postgres", Common.ScanPlugin{
 		Name:     "PostgreSQL",
-		Port:     5432,
+		Ports:    []int{5432, 5433}, // PostgreSQL 可能的端口
 		ScanFunc: Plugins.PostgresScan,
 	})
 
 	Common.RegisterPlugin("vnc", Common.ScanPlugin{
 		Name:     "VNC",
-		Port:     5900,
+		Ports:    []int{5900, 5901, 5902}, // VNC 可能的端口
 		ScanFunc: Plugins.VncScan,
 	})
 
 	Common.RegisterPlugin("redis", Common.ScanPlugin{
 		Name:     "Redis",
-		Port:     6379,
+		Ports:    []int{6379, 6380}, // Redis 可能的端口
 		ScanFunc: Plugins.RedisScan,
 	})
 
 	Common.RegisterPlugin("fcgi", Common.ScanPlugin{
 		Name:     "FastCGI",
-		Port:     9000,
+		Ports:    []int{9000},
 		ScanFunc: Plugins.FcgiScan,
 	})
 
 	Common.RegisterPlugin("memcached", Common.ScanPlugin{
 		Name:     "Memcached",
-		Port:     11211,
+		Ports:    []int{11211},
 		ScanFunc: Plugins.MemcachedScan,
 	})
 
 	Common.RegisterPlugin("mongodb", Common.ScanPlugin{
 		Name:     "MongoDB",
-		Port:     27017,
+		Ports:    []int{27017, 27018}, // MongoDB 可能的端口
 		ScanFunc: Plugins.MongodbScan,
 	})
 
 	// 注册特殊扫描类型
 	Common.RegisterPlugin("ms17010", Common.ScanPlugin{
 		Name:     "MS17010",
-		Port:     445,
+		Ports:    []int{445},
 		ScanFunc: Plugins.MS17010,
 	})
 
 	Common.RegisterPlugin("smbghost", Common.ScanPlugin{
 		Name:     "SMBGhost",
-		Port:     445,
+		Ports:    []int{445},
 		ScanFunc: Plugins.SmbGhost,
 	})
 
@@ -122,18 +122,19 @@ func init() {
 
 	Common.RegisterPlugin("smb2", Common.ScanPlugin{
 		Name:     "SMBScan2",
-		Port:     445,
+		Ports:    []int{445},
 		ScanFunc: Plugins.SmbScan2,
 	})
 
 	Common.RegisterPlugin("wmiexec", Common.ScanPlugin{
 		Name:     "WMIExec",
-		Port:     135,
+		Ports:    []int{135},
 		ScanFunc: Plugins.WmiExec,
 	})
 
 	Common.RegisterPlugin("localinfo", Common.ScanPlugin{
 		Name:     "LocalInfo",
+		Ports:    []int{}, // 本地信息收集不需要端口
 		ScanFunc: Plugins.LocalInfoScan,
 	})
 }
diff --git a/Core/Scanner.go b/Core/Scanner.go
index 4373d3f..ba3b66d 100644
--- a/Core/Scanner.go
+++ b/Core/Scanner.go
@@ -115,7 +115,7 @@ func executeScans(targets []Common.HostInfo, ch *chan struct{}, wg *sync.WaitGro
 	if plugins := Common.GetPluginsForMode(mode); plugins != nil {
 		// 使用预设模式的插件组
 		for _, target := range targets {
-			targetPort := target.Ports // 目标端口
+			targetPort, _ := strconv.Atoi(target.Ports) // 转换目标端口为整数
 			for _, pluginName := range plugins {
 				// 获取插件信息
 				plugin, exists := Common.PluginManager[pluginName]
@@ -124,20 +124,19 @@ func executeScans(targets []Common.HostInfo, ch *chan struct{}, wg *sync.WaitGro
 				}
 
 				// 检查插件是否有默认端口配置
-				if plugin.Port != 0 {
-					// 只有当目标端口匹配插件默认端口时才执行
-					if targetPort == strconv.Itoa(plugin.Port) {
+				if len(plugin.Ports) > 0 {
+					// 只有当目标端口在插件支持的端口列表中才执行
+					if plugin.HasPort(targetPort) {
 						AddScan(pluginName, target, ch, wg)
 					}
 				} else {
-					// 对于没有默认端口的插件（如web扫描），始终执行
+					// 对于没有指定端口的插件，始终执行
 					AddScan(pluginName, target, ch, wg)
 				}
 			}
 		}
 	} else {
-		// 使用单个插件
-		// 对于单个插件模式，不进行端口匹配检查，直接执行
+		// 使用单个插件模式，直接执行不做端口检查
 		for _, target := range targets {
 			AddScan(mode, target, ch, wg)
 		}