2020-12-29 01:17:10 -08:00
|
|
|
package Plugins
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"errors"
|
|
|
|
|
"fmt"
|
2021-05-28 21:13:10 -07:00
|
|
|
"github.com/shadow1ng/fscan/WebScan/lib"
|
2020-12-29 01:17:10 -08:00
|
|
|
"github.com/shadow1ng/fscan/common"
|
|
|
|
|
"reflect"
|
|
|
|
|
"strconv"
|
|
|
|
|
"strings"
|
|
|
|
|
"sync"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func Scan(info common.HostInfo) {
|
2021-03-30 07:30:16 -07:00
|
|
|
fmt.Println("start infoscan")
|
2021-11-30 23:22:48 -08:00
|
|
|
Hosts, err := common.ParseIP(info.Host, common.HostFile, common.NoHosts)
|
|
|
|
|
if err != nil {
|
|
|
|
|
fmt.Println("len(hosts)==0", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-05-28 21:13:10 -07:00
|
|
|
lib.Inithttp(common.Pocinfo)
|
2021-02-04 22:43:07 -08:00
|
|
|
var ch = make(chan struct{}, common.Threads)
|
2020-12-29 01:17:10 -08:00
|
|
|
var wg = sync.WaitGroup{}
|
2022-07-13 21:04:47 -07:00
|
|
|
if len(Hosts) > 0 || len(common.HostPort) > 0 {
|
|
|
|
|
if common.IsPing == false && len(Hosts) > 0 {
|
2022-01-06 21:38:38 -08:00
|
|
|
Hosts = CheckLive(Hosts, common.Ping)
|
|
|
|
|
fmt.Println("[*] Icmp alive hosts len is:", len(Hosts))
|
2021-03-04 19:44:21 -08:00
|
|
|
}
|
2022-07-03 08:41:39 -07:00
|
|
|
if common.Scantype == "icmp" {
|
2022-01-06 21:38:38 -08:00
|
|
|
common.LogWG.Wait()
|
2021-03-04 19:44:21 -08:00
|
|
|
return
|
|
|
|
|
}
|
2022-02-24 23:29:45 -08:00
|
|
|
var AlivePorts []string
|
2022-07-03 08:41:39 -07:00
|
|
|
if common.Scantype == "webonly" {
|
2022-02-24 23:29:45 -08:00
|
|
|
AlivePorts = NoPortScan(Hosts, info.Ports)
|
2022-07-13 21:04:47 -07:00
|
|
|
} else if len(Hosts) > 0 {
|
2022-07-03 08:41:39 -07:00
|
|
|
AlivePorts = PortScan(Hosts, info.Ports, common.Timeout)
|
2022-02-24 23:29:45 -08:00
|
|
|
fmt.Println("[*] alive ports len is:", len(AlivePorts))
|
2022-07-03 08:41:39 -07:00
|
|
|
if common.Scantype == "portscan" {
|
2022-02-24 23:29:45 -08:00
|
|
|
common.LogWG.Wait()
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-03-04 19:44:21 -08:00
|
|
|
}
|
2022-07-13 21:04:47 -07:00
|
|
|
if len(common.HostPort) > 0 {
|
|
|
|
|
AlivePorts = append(AlivePorts, common.HostPort...)
|
|
|
|
|
AlivePorts = common.RemoveDuplicate(AlivePorts)
|
2022-07-13 21:19:16 -07:00
|
|
|
common.HostPort = nil
|
2022-07-13 21:04:47 -07:00
|
|
|
fmt.Println("[*] AlivePorts len is:", len(AlivePorts))
|
|
|
|
|
}
|
2021-03-04 19:44:21 -08:00
|
|
|
var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
|
|
|
|
|
for _, port := range common.PORTList {
|
|
|
|
|
severports = append(severports, strconv.Itoa(port))
|
|
|
|
|
}
|
2021-03-30 07:30:16 -07:00
|
|
|
fmt.Println("start vulscan")
|
2021-03-04 19:44:21 -08:00
|
|
|
for _, targetIP := range AlivePorts {
|
|
|
|
|
info.Host, info.Ports = strings.Split(targetIP, ":")[0], strings.Split(targetIP, ":")[1]
|
2022-07-03 08:41:39 -07:00
|
|
|
if common.Scantype == "all" || common.Scantype == "main" {
|
2021-05-28 21:13:10 -07:00
|
|
|
switch {
|
2021-11-30 23:22:48 -08:00
|
|
|
case info.Ports == "135":
|
|
|
|
|
AddScan(info.Ports, info, ch, &wg) //findnet
|
2021-05-28 21:13:10 -07:00
|
|
|
case info.Ports == "445":
|
|
|
|
|
//AddScan(info.Ports, info, ch, &wg) //smb
|
|
|
|
|
AddScan("1000001", info, ch, &wg) //ms17010
|
2022-04-20 02:45:27 -07:00
|
|
|
//AddScan("1000002", info, ch, &wg) //smbghost
|
2021-05-28 21:13:10 -07:00
|
|
|
case info.Ports == "9000":
|
|
|
|
|
AddScan(info.Ports, info, ch, &wg) //fcgiscan
|
|
|
|
|
AddScan("1000003", info, ch, &wg) //http
|
|
|
|
|
case IsContain(severports, info.Ports):
|
|
|
|
|
AddScan(info.Ports, info, ch, &wg) //plugins scan
|
|
|
|
|
default:
|
2021-03-04 19:44:21 -08:00
|
|
|
AddScan("1000003", info, ch, &wg) //webtitle
|
|
|
|
|
}
|
2020-12-30 05:30:36 -08:00
|
|
|
} else {
|
2022-07-03 08:41:39 -07:00
|
|
|
port, _ := common.PORTList[common.Scantype]
|
2021-03-04 19:44:21 -08:00
|
|
|
scantype := strconv.Itoa(port)
|
|
|
|
|
AddScan(scantype, info, ch, &wg)
|
2020-12-29 01:17:10 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-07-06 06:42:00 -07:00
|
|
|
for _, url := range common.Urls {
|
|
|
|
|
info.Url = url
|
2021-03-03 22:42:10 -08:00
|
|
|
AddScan("1000003", info, ch, &wg)
|
|
|
|
|
}
|
2020-12-29 01:17:10 -08:00
|
|
|
wg.Wait()
|
2021-05-05 20:37:29 -07:00
|
|
|
common.LogWG.Wait()
|
2021-03-30 07:30:16 -07:00
|
|
|
close(common.Results)
|
|
|
|
|
fmt.Println(fmt.Sprintf("已完成 %v/%v", common.End, common.Num))
|
2020-12-29 01:17:10 -08:00
|
|
|
}
|
|
|
|
|
|
2021-03-30 03:12:54 -07:00
|
|
|
var Mutex = &sync.Mutex{}
|
|
|
|
|
|
2020-12-29 01:17:10 -08:00
|
|
|
func AddScan(scantype string, info common.HostInfo, ch chan struct{}, wg *sync.WaitGroup) {
|
|
|
|
|
wg.Add(1)
|
|
|
|
|
go func() {
|
2021-03-30 03:12:54 -07:00
|
|
|
Mutex.Lock()
|
|
|
|
|
common.Num += 1
|
|
|
|
|
Mutex.Unlock()
|
|
|
|
|
ScanFunc(PluginList, scantype, &info)
|
|
|
|
|
Mutex.Lock()
|
|
|
|
|
common.End += 1
|
|
|
|
|
Mutex.Unlock()
|
2020-12-29 01:17:10 -08:00
|
|
|
<-ch
|
2022-05-12 02:56:32 -07:00
|
|
|
wg.Done()
|
2020-12-29 01:17:10 -08:00
|
|
|
}()
|
|
|
|
|
ch <- struct{}{}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ScanFunc(m map[string]interface{}, name string, infos ...interface{}) (result []reflect.Value, err error) {
|
|
|
|
|
f := reflect.ValueOf(m[name])
|
|
|
|
|
if len(infos) != f.Type().NumIn() {
|
|
|
|
|
err = errors.New("The number of infos is not adapted ")
|
|
|
|
|
fmt.Println(err.Error())
|
|
|
|
|
return result, nil
|
|
|
|
|
}
|
|
|
|
|
in := make([]reflect.Value, len(infos))
|
|
|
|
|
for k, info := range infos {
|
|
|
|
|
in[k] = reflect.ValueOf(info)
|
|
|
|
|
}
|
|
|
|
|
result = f.Call(in)
|
|
|
|
|
return result, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func IsContain(items []string, item string) bool {
|
|
|
|
|
for _, eachItem := range items {
|
|
|
|
|
if eachItem == item {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false
|
|
|
|
|
}
|
