diff --git a/Core/Registry.go b/Core/Registry.go index 6a42d5c..4cfc3b9 100644 --- a/Core/Registry.go +++ b/Core/Registry.go @@ -9,87 +9,104 @@ func init() { // 注册标准端口服务扫描 Common.RegisterPlugin("ftp", Common.ScanPlugin{ Name: "FTP", + Port: 21, ScanFunc: Plugins.FtpScan, }) Common.RegisterPlugin("ssh", Common.ScanPlugin{ Name: "SSH", + Port: 22, ScanFunc: Plugins.SshScan, }) Common.RegisterPlugin("findnet", Common.ScanPlugin{ Name: "FindNet", + Port: 135, ScanFunc: Plugins.Findnet, }) Common.RegisterPlugin("netbios", Common.ScanPlugin{ Name: "NetBIOS", + Port: 139, ScanFunc: Plugins.NetBIOS, }) Common.RegisterPlugin("smb", Common.ScanPlugin{ Name: "SMB", + Port: 445, ScanFunc: Plugins.SmbScan, }) Common.RegisterPlugin("mssql", Common.ScanPlugin{ Name: "MSSQL", + Port: 1433, ScanFunc: Plugins.MssqlScan, }) Common.RegisterPlugin("oracle", Common.ScanPlugin{ Name: "Oracle", + Port: 1521, ScanFunc: Plugins.OracleScan, }) Common.RegisterPlugin("mysql", Common.ScanPlugin{ Name: "MySQL", + Port: 3306, ScanFunc: Plugins.MysqlScan, }) Common.RegisterPlugin("rdp", Common.ScanPlugin{ Name: "RDP", + Port: 3389, ScanFunc: Plugins.RdpScan, }) Common.RegisterPlugin("postgres", Common.ScanPlugin{ Name: "PostgreSQL", + Port: 5432, ScanFunc: Plugins.PostgresScan, }) Common.RegisterPlugin("vnc", Common.ScanPlugin{ Name: "VNC", + Port: 5900, ScanFunc: Plugins.VncScan, }) Common.RegisterPlugin("redis", Common.ScanPlugin{ Name: "Redis", + Port: 6379, ScanFunc: Plugins.RedisScan, }) Common.RegisterPlugin("fcgi", Common.ScanPlugin{ Name: "FastCGI", + Port: 9000, ScanFunc: Plugins.FcgiScan, }) Common.RegisterPlugin("memcached", Common.ScanPlugin{ Name: "Memcached", + Port: 11211, ScanFunc: Plugins.MemcachedScan, }) Common.RegisterPlugin("mongodb", Common.ScanPlugin{ Name: "MongoDB", + Port: 27017, ScanFunc: Plugins.MongodbScan, }) // 注册特殊扫描类型 Common.RegisterPlugin("ms17010", Common.ScanPlugin{ Name: "MS17010", + Port: 445, ScanFunc: Plugins.MS17010, }) Common.RegisterPlugin("smbghost", Common.ScanPlugin{ Name: "SMBGhost", + Port: 445, ScanFunc: Plugins.SmbGhost, }) @@ -105,11 +122,13 @@ func init() { Common.RegisterPlugin("smb2", Common.ScanPlugin{ Name: "SMBScan2", + Port: 445, ScanFunc: Plugins.SmbScan2, }) Common.RegisterPlugin("wmiexec", Common.ScanPlugin{ Name: "WMIExec", + Port: 135, ScanFunc: Plugins.WmiExec, }) diff --git a/Core/Scanner.go b/Core/Scanner.go index c326721..4373d3f 100644 --- a/Core/Scanner.go +++ b/Core/Scanner.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/shadow1ng/fscan/Common" "github.com/shadow1ng/fscan/WebScan/lib" + "strconv" "strings" "sync" ) @@ -114,12 +115,29 @@ func executeScans(targets []Common.HostInfo, ch *chan struct{}, wg *sync.WaitGro if plugins := Common.GetPluginsForMode(mode); plugins != nil { // 使用预设模式的插件组 for _, target := range targets { - for _, plugin := range plugins { - AddScan(plugin, target, ch, wg) + targetPort := target.Ports // 目标端口 + for _, pluginName := range plugins { + // 获取插件信息 + plugin, exists := Common.PluginManager[pluginName] + if !exists { + continue + } + + // 检查插件是否有默认端口配置 + if plugin.Port != 0 { + // 只有当目标端口匹配插件默认端口时才执行 + if targetPort == strconv.Itoa(plugin.Port) { + AddScan(pluginName, target, ch, wg) + } + } else { + // 对于没有默认端口的插件(如web扫描),始终执行 + AddScan(pluginName, target, ch, wg) + } } } } else { // 使用单个插件 + // 对于单个插件模式,不进行端口匹配检查,直接执行 for _, target := range targets { AddScan(mode, target, ch, wg) }