fix：漏洞扫描问题

2026-01-31 11:46:16 +08:00 · 2025-12-23 18:59:40 +08:00
parent 265525c61e
commit 9ac23d50b6
4 changed files with 10 additions and 16 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -132,3 +132,4 @@ temp/

 HGETALL
 KEYS
+vuln_scan/input_endpoints.txt
--- a/backend/apps/scan/configs/command_templates.py
+++ b/backend/apps/scan/configs/command_templates.py
@@ -205,7 +205,7 @@ VULN_SCAN_COMMANDS = {
    },
    'nuclei': {
        # nuclei 漏洞扫描
-        # -j: JSON 输出
+        # -j: JSON 输出（每行一条完整 JSON）
        # -silent: 静默模式
        # -l: 输入 URL 列表文件
        # -t: 模板目录路径（支持多个仓库，多次 -t 由 template_args 直接拼接）
--- a/backend/apps/scan/configs/engine_config_example.yaml
+++ b/backend/apps/scan/configs/engine_config_example.yaml
@@ -15,25 +15,25 @@ subdomain_discovery:
  passive_tools:
    subfinder:
      enabled: true
-      timeout: 7200      # 2小时
+      timeout: 3600      # 1小时
      # threads: 10      # 并发 goroutine 数
      
    amass_passive:
      enabled: true
-      timeout: 7200
+      timeout: 3600
      
    amass_active:
      enabled: true      # 主动枚举 + 爆破
-      timeout: 7200
+      timeout: 3600
      
    sublist3r:
      enabled: true
-      timeout: 7200
+      timeout: 3600
      # threads: 50      # 线程数
    
    assetfinder:
      enabled: true
-      timeout: 7200
+      timeout: 3600

  # === Stage 2: 主动字典爆破（可选）===
  bruteforce:
@@ -142,8 +142,8 @@ vuln_scan:
      request-timeout: 10    # 单个请求超时秒数
      only-poc: r            # 只输出 POC 结果（r: 反射型）
      ignore-return: "302,404,403"  # 忽略的返回码
-      delay: 100             # 扫描内部延迟
-      worker: 10             # worker 数量
+      delay: 50             # 请求间隔（毫秒）
+      worker: 20             # worker 数量
      user-agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
      # blind-xss-server: xxx  # 盲打 XSS 回连服务地址

--- a/backend/apps/scan/flows/vuln_scan/endpoints_vuln_scan_flow.py
+++ b/backend/apps/scan/flows/vuln_scan/endpoints_vuln_scan_flow.py
@@ -120,8 +120,6 @@ def endpoints_vuln_scan_flow(
            )

            raw_timeout = tool_config.get("timeout", 600)
-            timeout = 600
-            min_timeout = 600  # 最小超时时间：10 分钟

            if isinstance(raw_timeout, str) and raw_timeout == "auto":
                # timeout=auto 时，根据 endpoints_file 行数自动计算超时时间
@@ -132,15 +130,10 @@ def endpoints_vuln_scan_flow(
                    file_path=str(endpoints_file),
                    base_per_time=base_per_time,
                )
-                # 确保不低于最小超时时间
-                timeout = max(timeout, min_timeout)
            else:
                try:
                    timeout = int(raw_timeout)
-                    # 确保不低于最小超时时间
-                    timeout = max(timeout, min_timeout)
                except (TypeError, ValueError) as e:
-                    # 配置错误应当直接暴露，避免默默使用默认值导致排查困难
                    raise ValueError(
                        f"工具 {tool_name} 的 timeout 配置无效: {raw_timeout!r}"
                    ) from e
@@ -180,7 +173,7 @@ def endpoints_vuln_scan_flow(
                    target_id=target_id,
                    cwd=str(vuln_scan_dir),
                    shell=True,
-                    batch_size=10,
+                    batch_size=1,
                    timeout=timeout,
                    log_file=str(log_file),
                )