-hf 支持host:port和host/xx:port格式

Plugins/scanner.go

@@ -21,8 +21,8 @@ func Scan(info common.HostInfo) {
 	lib.Inithttp(common.Pocinfo)
 	var ch = make(chan struct{}, common.Threads)
 	var wg = sync.WaitGroup{}
-	if len(Hosts) > 0 {
-		if common.IsPing == false {
+	if len(Hosts) > 0 || len(common.HostPort) > 0 {
+		if common.IsPing == false && len(Hosts) > 0 {
 			Hosts = CheckLive(Hosts, common.Ping)
 			fmt.Println("[*] Icmp alive hosts len is:", len(Hosts))
 		}
@@ -33,7 +33,7 @@ func Scan(info common.HostInfo) {
 		var AlivePorts []string
 		if common.Scantype == "webonly" {
 			AlivePorts = NoPortScan(Hosts, info.Ports)
-		} else {
+		} else if len(Hosts) > 0 {
 			AlivePorts = PortScan(Hosts, info.Ports, common.Timeout)
 			fmt.Println("[*] alive ports len is:", len(AlivePorts))
 			if common.Scantype == "portscan" {
@@ -41,7 +41,11 @@ func Scan(info common.HostInfo) {
 				return
 			}
 		}
-
+		if len(common.HostPort) > 0 {
+			AlivePorts = append(AlivePorts, common.HostPort...)
+			AlivePorts = common.RemoveDuplicate(AlivePorts)
+			fmt.Println("[*] AlivePorts len is:", len(AlivePorts))
+		}
 		var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
 		for _, port := range common.PORTList {
 			severports = append(severports, strconv.Itoa(port))

README.md

@@ -207,6 +207,7 @@ https://github.com/jjf012/gopoc
 
 
 # 10. 最近更新
+[+] 2022/7/14 -hf 支持host:port和host/xx:port格式,rule.Search 正则匹配范围从body改成header+body,-nobr不再包含-nopoc.优化webtitle 输出格式  
 [+] 2022/7/6 加入手工gc回收,尝试节省无用内存。 -url 支持逗号隔开。 修复一个poc模块bug。-nobr不再包含-nopoc。  
 [+] 2022/7/2 加强poc fuzz模块,支持跑备份文件、目录、shiro-key(默认跑10key,可用-full参数跑100key)等。新增ms17017利用(使用参数: -sc add),可在ms17010-exp.go自定义shellcode,内置添加用户等功能。  
 新增poc、指纹。支持socks5代理。因body指纹更全,默认不再跑ico图标。    

WebScan/lib/eval.go

@@ -668,6 +668,9 @@ func getRespBody(oResp *http.Response) ([]byte, error) {
 	if oResp.Header.Get("Content-Encoding") == "gzip" {
 		gr, err := gzip.NewReader(oResp.Body)
 		if err != nil {
+			if err == io.EOF {
+				err = nil
+			}
 			return nil, err
 		}
 		defer gr.Close()
@@ -675,7 +678,6 @@ func getRespBody(oResp *http.Response) ([]byte, error) {
 			buf := make([]byte, 1024)
 			n, err := gr.Read(buf)
 			if err != nil && err != io.EOF {
-				//utils.Logger.Error(err)
 				return nil, err
 			}
 			if n == 0 {

common/ParseIP.go

@@ -13,8 +13,6 @@ import (
 	"strings"
 )
 
-var IsIPRange bool
-
 var ParseIPErr = errors.New(" host parsing error\n" +
 	"format: \n" +
 	"192.168.1.1\n" +
@@ -57,7 +55,7 @@ func ParseIP(host string, filename string, nohosts ...string) (hosts []string, e
 		}
 	}
 	hosts = RemoveDuplicate(hosts)
-	if len(hosts) == 0 && host != "" && filename != "" {
+	if len(hosts) == 0 && len(HostPort) == 0 && host != "" && filename != "" {
 		err = ParseIPErr
 	}
 	return
@@ -188,10 +186,23 @@ func Readipfile(filename string) ([]string, error) {
 	scanner := bufio.NewScanner(file)
 	scanner.Split(bufio.ScanLines)
 	for scanner.Scan() {
-		text := strings.TrimSpace(scanner.Text())
-		if text != "" {
-			host := ParseIPs(text)
-			content = append(content, host...)
+		line := strings.TrimSpace(scanner.Text())
+		if line != "" {
+			text := strings.Split(line, ":")
+			if len(text) == 2 {
+				port := strings.Split(text[1], " ")[0]
+				num, err := strconv.Atoi(port)
+				if err != nil || (num < 1 || num > 65535) {
+					continue
+				}
+				hosts := ParseIPs(text[0])
+				for _, host := range hosts {
+					HostPort = append(HostPort, fmt.Sprintf("%s:%s", host, port))
+				}
+			} else {
+				host := ParseIPs(line)
+				content = append(content, host...)
+			}
 		}
 	}
 	return content, nil

common/config.go

@@ -94,6 +94,8 @@ var (
 	BruteThread   int
 	LiveTop       int
 	Socks5Proxy   string
+	Hash          string
+	HostPort      []string
 )
 
 var (

common/log.go

@@ -19,6 +19,7 @@ var Silent bool
 var LogWG sync.WaitGroup
 
 func init() {
+	LogSucTime = time.Now().Unix()
 	go SaveLog()
 }