mirror of https://github.com/qwqdanchun/fscan.git
删除elasticsearchScan,用yml poc代替
This commit is contained in:
shadow1ng
parent
400f4373c9
commit
9aba1c88a3
|
|
@ -1,16 +1,15 @@
|
|||
package Plugins
|
||||
|
||||
var PluginList = map[string]interface{}{
|
||||
"21": FtpScan,
|
||||
"22": SshScan,
|
||||
"135": Findnet,
|
||||
"139": NetBIOS,
|
||||
"445": SmbScan,
|
||||
"1433": MssqlScan,
|
||||
"3306": MysqlScan,
|
||||
"5432": PostgresScan,
|
||||
"6379": RedisScan,
|
||||
//"9200": elasticsearchScan,
|
||||
"21": FtpScan,
|
||||
"22": SshScan,
|
||||
"135": Findnet,
|
||||
"139": NetBIOS,
|
||||
"445": SmbScan,
|
||||
"1433": MssqlScan,
|
||||
"3306": MysqlScan,
|
||||
"5432": PostgresScan,
|
||||
"6379": RedisScan,
|
||||
"11211": MemcachedScan,
|
||||
"27017": MongodbScan,
|
||||
"1000001": MS17010,
|
||||
|
|
|
|||
|
|
@ -1,45 +0,0 @@
|
|||
package Plugins
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/shadow1ng/fscan/WebScan/lib"
|
||||
"github.com/shadow1ng/fscan/common"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func elasticsearchScan(info *common.HostInfo) error {
|
||||
_, err := geturl2(info)
|
||||
return err
|
||||
}
|
||||
|
||||
func geturl2(info *common.HostInfo) (flag bool, err error) {
|
||||
flag = false
|
||||
url := fmt.Sprintf("%s:%v/_cat", info.Url, info.Ports)
|
||||
res, err := http.NewRequest("GET", url, nil)
|
||||
if err == nil {
|
||||
res.Header.Add("User-agent", "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36")
|
||||
res.Header.Add("Accept", "*/*")
|
||||
res.Header.Add("Accept-Language", "zh-CN,zh;q=0.9")
|
||||
res.Header.Add("Accept-Encoding", "gzip, deflate")
|
||||
res.Header.Add("Connection", "close")
|
||||
if common.Pocinfo.Cookie != "" {
|
||||
res.Header.Set("Cookie", common.Pocinfo.Cookie)
|
||||
}
|
||||
resp, err := lib.Client.Do(res)
|
||||
if err == nil {
|
||||
defer resp.Body.Close()
|
||||
body, _ := ioutil.ReadAll(resp.Body)
|
||||
if strings.Contains(string(body), "/_cat/master") {
|
||||
result := fmt.Sprintf("[+] Elastic:%s unauthorized", url)
|
||||
common.LogSuccess(result)
|
||||
flag = true
|
||||
}
|
||||
} else {
|
||||
errlog := fmt.Sprintf("[-] Elastic:%s %v", url, err)
|
||||
common.LogError(errlog)
|
||||
}
|
||||
}
|
||||
return flag, err
|
||||
}
|
||||
|
|
@ -25,13 +25,12 @@ var PORTList = map[string]int{
|
|||
"ms17010": 1000001,
|
||||
"cve20200796": 1000002,
|
||||
"web": 1000003,
|
||||
//"elastic": 9200,
|
||||
"findnet": 135,
|
||||
"netbios": 139,
|
||||
"all": 0,
|
||||
"portscan": 0,
|
||||
"icmp": 0,
|
||||
"main": 0,
|
||||
"findnet": 135,
|
||||
"netbios": 139,
|
||||
"all": 0,
|
||||
"portscan": 0,
|
||||
"icmp": 0,
|
||||
"main": 0,
|
||||
}
|
||||
|
||||
var Outputfile = getpath() + "result.txt"
|
||||
|
|
|
|||
Loading…
Reference in New Issue