perf: 优化WebScan.go的代码，添加注释，规范输出

2025-07-13 12:52:44 +08:00 · 2024-12-19 14:49:52 +08:00 · 2024-12-19 14:49:52 +08:00 · 9296ad0846
commit 9296ad0846
parent 6d499dae10
1 changed files with 47 additions and 29 deletions
--- a/WebScan/WebScan.go
+++ b/WebScan/WebScan.go
@ -18,15 +18,22 @@ var Pocs embed.FS
 var once sync.Once
 var AllPocs []*lib.Poc

+// WebScan 执行Web漏洞扫描
 func WebScan(info *Config.HostInfo) {
+	// 确保POC只初始化一次
 	once.Do(initpoc)
-	var pocinfo = Common.Pocinfo
-	buf := strings.Split(info.Url, "/")
-	pocinfo.Target = strings.Join(buf[:3], "/")

+	// 构建扫描信息
+	var pocinfo = Common.Pocinfo
+	urlParts := strings.Split(info.Url, "/")
+	pocinfo.Target = strings.Join(urlParts[:3], "/")
+
+	// 执行扫描
 	if pocinfo.PocName != "" {
+		// 指定POC扫描
 		Execute(pocinfo)
 	} else {
+		// 根据指纹信息选择POC扫描
 		for _, infostr := range info.Infostr {
 			pocinfo.PocName = lib.CheckInfoPoc(infostr)
 			Execute(pocinfo)
@ -34,69 +41,80 @@ func WebScan(info *Config.HostInfo) {
 	}
 }

+// Execute 执行具体的POC检测
 func Execute(PocInfo Common.PocInfo) {
+	// 创建基础HTTP请求
 	req, err := http.NewRequest("GET", PocInfo.Target, nil)
 	if err != nil {
-		errlog := fmt.Sprintf("[-] webpocinit %v %v", PocInfo.Target, err)
-		Common.LogError(errlog)
+		Common.LogError(fmt.Sprintf("初始化请求失败 %v: %v", PocInfo.Target, err))
 		return
 	}
+
+	// 设置请求头
 	req.Header.Set("User-agent", Common.UserAgent)
 	req.Header.Set("Accept", Common.Accept)
 	req.Header.Set("Accept-Language", "zh-CN,zh;q=0.9")
 	if Common.Cookie != "" {
 		req.Header.Set("Cookie", Common.Cookie)
 	}
+
+	// 根据名称筛选POC并执行
 	pocs := filterPoc(PocInfo.PocName)
 	lib.CheckMultiPoc(req, pocs, Common.PocNum)
 }

+// initpoc 初始化POC加载
 func initpoc() {
 	if Common.PocPath == "" {
+		// 从嵌入的POC目录加载
 		entries, err := Pocs.ReadDir("pocs")
 		if err != nil {
-			fmt.Printf("[-] init poc error: %v", err)
+			Common.LogError(fmt.Sprintf("加载内置POC失败: %v", err))
 			return
 		}
-		for _, one := range entries {
-			path := one.Name()
-			if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") {
-				if poc, _ := lib.LoadPoc(path, Pocs); poc != nil {
+
+		// 加载YAML格式的POC文件
+		for _, entry := range entries {
+			filename := entry.Name()
+			if strings.HasSuffix(filename, ".yaml") || strings.HasSuffix(filename, ".yml") {
+				if poc, err := lib.LoadPoc(filename, Pocs); err == nil && poc != nil {
 					AllPocs = append(AllPocs, poc)
 				}
 			}
 		}
 	} else {
-		fmt.Println("[+] load poc from " + Common.PocPath)
-		err := filepath.Walk(Common.PocPath,
-			func(path string, info os.FileInfo, err error) error {
-				if err != nil || info == nil {
-					return err
+		// 从指定目录加载POC
+		Common.LogSuccess(fmt.Sprintf("[*] 从目录加载POC: %s", Common.PocPath))
+		err := filepath.Walk(Common.PocPath, func(path string, info os.FileInfo, err error) error {
+			if err != nil || info == nil {
+				return err
+			}
+
+			if !info.IsDir() && (strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml")) {
+				if poc, err := lib.LoadPocbyPath(path); err == nil && poc != nil {
+					AllPocs = append(AllPocs, poc)
 				}
-				if !info.IsDir() {
-					if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") {
-						poc, _ := lib.LoadPocbyPath(path)
-						if poc != nil {
-							AllPocs = append(AllPocs, poc)
-						}
-					}
-				}
-				return nil
-			})
+			}
+			return nil
+		})
+
 		if err != nil {
-			fmt.Printf("[-] init poc error: %v", err)
+			Common.LogError(fmt.Sprintf("[-] 加载外部POC失败: %v", err))
 		}
 	}
 }

-func filterPoc(pocname string) (pocs []*lib.Poc) {
+// filterPoc 根据POC名称筛选
+func filterPoc(pocname string) []*lib.Poc {
 	if pocname == "" {
 		return AllPocs
 	}
+
+	var matchedPocs []*lib.Poc
 	for _, poc := range AllPocs {
 		if strings.Contains(poc.Name, pocname) {
-			pocs = append(pocs, poc)
+			matchedPocs = append(matchedPocs, poc)
 		}
 	}
-	return
+	return matchedPocs
 }