mirror of
https://github.com/shadow1ng/fscan.git
synced 2026-02-09 18:29:17 +08:00
71b92d4408
## 架构重构
- 全局变量消除,迁移至 Config/State 对象
- SMB 插件融合(smb/smb2/smbghost/smbinfo)
- 服务探测重构,实现 Nmap 风格 fallback 机制
- 输出系统重构,TXT 实时刷盘 + 双写机制
- i18n 框架升级至 go-i18n
## 性能优化
- 正则表达式预编译
- 内存优化 map[string]struct{}
- 并发指纹匹配
- SOCKS5 连接复用
- 滑动窗口调度 + 自适应线程池
## 新功能
- Web 管理界面
- 多格式 POC 适配(xray/afrog)
- 增强指纹库(3139条)
- Favicon hash 指纹识别
- 插件选择性编译(Build Tags)
- fscan-lab 靶场环境
- 默认端口扩展(62→133)
## 构建系统
- 添加 no_local tag 支持排除本地插件
- 多版本构建:fscan/fscan-nolocal/fscan-web
- CI 添加 snapshot 模式支持仅测试构建
## Bug 修复
- 修复 120+ 个问题,包括 RDP panic、批量扫描漏报、
JSON 输出格式、Redis 检测、Context 超时等
## 测试增强
- 单元测试覆盖率 74-100%
- 并发安全测试
- 集成测试(Web/端口/服务/SSH/ICMP)
151 lines
4.6 KiB
Go
151 lines
4.6 KiB
Go
package lib
|
|
|
|
import (
|
|
"bytes"
|
|
"regexp"
|
|
"strings"
|
|
|
|
"github.com/google/cel-go/checker/decls"
|
|
"github.com/google/cel-go/common/types"
|
|
"github.com/google/cel-go/common/types/ref"
|
|
"github.com/google/cel-go/interpreter/functions"
|
|
exprpb "google.golang.org/genproto/googleapis/api/expr/v1alpha1"
|
|
)
|
|
|
|
// registerStringDeclarations 注册字符串相关的CEL函数声明
|
|
func registerStringDeclarations() []*exprpb.Decl {
|
|
return []*exprpb.Decl{
|
|
decls.NewFunction("bcontains",
|
|
decls.NewInstanceOverload("bytes_bcontains_bytes",
|
|
[]*exprpb.Type{decls.Bytes, decls.Bytes},
|
|
decls.Bool)),
|
|
decls.NewFunction("bmatches",
|
|
decls.NewInstanceOverload("string_bmatches_bytes",
|
|
[]*exprpb.Type{decls.String, decls.Bytes},
|
|
decls.Bool)),
|
|
decls.NewFunction("icontains",
|
|
decls.NewInstanceOverload("icontains_string",
|
|
[]*exprpb.Type{decls.String, decls.String},
|
|
decls.Bool)),
|
|
decls.NewFunction("substr",
|
|
decls.NewOverload("substr_string_int_int",
|
|
[]*exprpb.Type{decls.String, decls.Int, decls.Int},
|
|
decls.String)),
|
|
decls.NewFunction("startsWith",
|
|
decls.NewInstanceOverload("startsWith_bytes",
|
|
[]*exprpb.Type{decls.Bytes, decls.Bytes},
|
|
decls.Bool)),
|
|
decls.NewFunction("istartsWith",
|
|
decls.NewInstanceOverload("startsWith_string",
|
|
[]*exprpb.Type{decls.String, decls.String},
|
|
decls.Bool)),
|
|
}
|
|
}
|
|
|
|
// registerStringImplementations 注册字符串相关的CEL函数实现
|
|
func registerStringImplementations() []*functions.Overload {
|
|
return []*functions.Overload{
|
|
{
|
|
Operator: "bytes_bcontains_bytes",
|
|
Binary: func(lhs ref.Val, rhs ref.Val) ref.Val {
|
|
v1, ok := lhs.(types.Bytes)
|
|
if !ok {
|
|
return types.ValOrErr(lhs, "unexpected type '%v' passed to bcontains", lhs.Type())
|
|
}
|
|
v2, ok := rhs.(types.Bytes)
|
|
if !ok {
|
|
return types.ValOrErr(rhs, "unexpected type '%v' passed to bcontains", rhs.Type())
|
|
}
|
|
return types.Bool(bytes.Contains(v1, v2))
|
|
},
|
|
},
|
|
{
|
|
Operator: "string_bmatches_bytes",
|
|
Binary: func(lhs ref.Val, rhs ref.Val) ref.Val {
|
|
v1, ok := lhs.(types.String)
|
|
if !ok {
|
|
return types.ValOrErr(lhs, "unexpected type '%v' passed to bmatch", lhs.Type())
|
|
}
|
|
v2, ok := rhs.(types.Bytes)
|
|
if !ok {
|
|
return types.ValOrErr(rhs, "unexpected type '%v' passed to bmatch", rhs.Type())
|
|
}
|
|
ok, err := regexp.Match(string(v1), v2)
|
|
if err != nil {
|
|
return types.NewErr("%v", err)
|
|
}
|
|
return types.Bool(ok)
|
|
},
|
|
},
|
|
{
|
|
Operator: "icontains_string",
|
|
Binary: func(lhs ref.Val, rhs ref.Val) ref.Val {
|
|
v1, ok := lhs.(types.String)
|
|
if !ok {
|
|
return types.ValOrErr(lhs, "unexpected type '%v' passed to icontains", lhs.Type())
|
|
}
|
|
v2, ok := rhs.(types.String)
|
|
if !ok {
|
|
return types.ValOrErr(rhs, "unexpected type '%v' passed to icontains", rhs.Type())
|
|
}
|
|
// 不区分大小写包含
|
|
return types.Bool(strings.Contains(strings.ToLower(string(v1)), strings.ToLower(string(v2))))
|
|
},
|
|
},
|
|
{
|
|
Operator: "substr_string_int_int",
|
|
Function: func(values ...ref.Val) ref.Val {
|
|
if len(values) == 3 {
|
|
str, ok := values[0].(types.String)
|
|
if !ok {
|
|
return types.NewErr("invalid string to 'substr'")
|
|
}
|
|
start, ok := values[1].(types.Int)
|
|
if !ok {
|
|
return types.NewErr("invalid start to 'substr'")
|
|
}
|
|
length, ok := values[2].(types.Int)
|
|
if !ok {
|
|
return types.NewErr("invalid length to 'substr'")
|
|
}
|
|
runes := []rune(str)
|
|
if start < 0 || length < 0 || int(start+length) > len(runes) {
|
|
return types.NewErr("invalid start or length to 'substr'")
|
|
}
|
|
return types.String(runes[start : start+length])
|
|
}
|
|
return types.NewErr("too many arguments to 'substr'")
|
|
},
|
|
},
|
|
{
|
|
Operator: "startsWith_bytes",
|
|
Binary: func(lhs ref.Val, rhs ref.Val) ref.Val {
|
|
v1, ok := lhs.(types.Bytes)
|
|
if !ok {
|
|
return types.ValOrErr(lhs, "unexpected type '%v' passed to startsWith_bytes", lhs.Type())
|
|
}
|
|
v2, ok := rhs.(types.Bytes)
|
|
if !ok {
|
|
return types.ValOrErr(rhs, "unexpected type '%v' passed to startsWith_bytes", rhs.Type())
|
|
}
|
|
return types.Bool(bytes.HasPrefix(v1, v2))
|
|
},
|
|
},
|
|
{
|
|
Operator: "startsWith_string",
|
|
Binary: func(lhs ref.Val, rhs ref.Val) ref.Val {
|
|
v1, ok := lhs.(types.String)
|
|
if !ok {
|
|
return types.ValOrErr(lhs, "unexpected type '%v' passed to startsWith_string", lhs.Type())
|
|
}
|
|
v2, ok := rhs.(types.String)
|
|
if !ok {
|
|
return types.ValOrErr(rhs, "unexpected type '%v' passed to startsWith_string", rhs.Type())
|
|
}
|
|
// 不区分大小写
|
|
return types.Bool(strings.HasPrefix(strings.ToLower(string(v1)), strings.ToLower(string(v2))))
|
|
},
|
|
},
|
|
}
|
|
}
|