新增-m webonly,跳过端口扫描,直接访问http。致谢@AgeloVito

This commit is contained in:
影舞者 2022-02-25 15:29:45 +08:00
parent 2ebda8baa9
commit c64c64477b
9 changed files with 75 additions and 34 deletions

View File

@ -1,21 +1,22 @@
package Plugins
var PluginList = map[string]interface{}{
"21": FtpScan,
"22": SshScan,
"135": Findnet,
"139": NetBIOS,
"445": SmbScan,
"1433": MssqlScan,
"1521": OracleScan,
"3306": MysqlScan,
"3389": RdpScan,
"5432": PostgresScan,
"6379": RedisScan,
"9000": FcgiScan,
"11211": MemcachedScan,
"27017": MongodbScan,
"1000001": MS17010,
"1000002": SmbGhost,
"1000003": WebTitle,
"21": FtpScan,
"22": SshScan,
"135": Findnet,
"139": NetBIOS,
"445": SmbScan,
"1433": MssqlScan,
"1521": OracleScan,
"3306": MysqlScan,
"3389": RdpScan,
"5432": PostgresScan,
"6379": RedisScan,
"9000": FcgiScan,
"11211": MemcachedScan,
"27017": MongodbScan,
"1000001": MS17010,
"1000002": SmbGhost,
"1000003": WebTitle,
"10000031": WebTitle,
}

View File

@ -25,7 +25,7 @@ func FindnetScan(info *common.HostInfo) error {
realhost := fmt.Sprintf("%s:%v", info.Host, 135)
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() {
if conn != nil{
if conn != nil {
conn.Close()
}
}()
@ -71,7 +71,7 @@ func read(text []byte, host string) error {
encodedStr := hex.EncodeToString(text)
hostnames := strings.Replace(encodedStr, "0700", "", -1)
hostname := strings.Split(hostnames, "000000")
result := "NetInfo:\n[*]" + host
result := "[+] NetInfo:\n[*]" + host
for i := 0; i < len(hostname); i++ {
hostname[i] = strings.Replace(hostname[i], "00", "", -1)
host, err := hex.DecodeString(hostname[i])

View File

@ -88,3 +88,32 @@ func PortConnect(addr Addr, respondingHosts chan<- string, adjustedTimeout int64
respondingHosts <- address
}
}
func NoPortScan(hostslist []string, ports string) (AliveAddress []string) {
probePorts := common.ParsePort(ports)
noPorts := common.ParsePort(common.NoPorts)
if len(noPorts) > 0 {
temp := map[int]struct{}{}
for _, port := range probePorts {
temp[port] = struct{}{}
}
for _, port := range noPorts {
delete(temp, port)
}
var newDatas []int
for port, _ := range temp {
newDatas = append(newDatas, port)
}
probePorts = newDatas
sort.Ints(probePorts)
}
for _, port := range probePorts {
for _, host := range hostslist {
address := host + ":" + strconv.Itoa(port)
AliveAddress = append(AliveAddress, address)
}
}
return
}

View File

@ -30,11 +30,16 @@ func Scan(info common.HostInfo) {
common.LogWG.Wait()
return
}
AlivePorts := PortScan(Hosts, info.Ports, info.Timeout)
fmt.Println("[*] alive ports len is:", len(AlivePorts))
if info.Scantype == "portscan" {
common.LogWG.Wait()
return
var AlivePorts []string
if info.Scantype == "webonly" {
AlivePorts = NoPortScan(Hosts, info.Ports)
} else {
AlivePorts = PortScan(Hosts, info.Ports, info.Timeout)
fmt.Println("[*] alive ports len is:", len(AlivePorts))
if info.Scantype == "portscan" {
common.LogWG.Wait()
return
}
}
var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}

View File

@ -188,6 +188,7 @@ fscan 是 404Team [星链计划2.0](https://github.com/knownsec/404StarLink2.0-G
除非您已充分阅读、完全理解并接受本协议所有条款,否则,请您不要安装并使用本工具。您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。
## 最近更新
[+] 2022/2/25 新增-m webonly,跳过端口扫描,直接访问http。致谢@AgeloVito
[+] 2022/1/11 新增oracle密码爆破
[+] 2022/1/7 扫ip/8时,默认会扫每个C段的网关和数个随机IP,推荐参数:-h ip/8 -m icmp.新增LiveTop功能,检测存活时,默认会输出top10的B、C段ip存活数量.
[+] 2021/12/7 新增rdp扫描,新增添加端口参数-pa 3389(会在原有端口列表基础上,新增该端口)

View File

@ -91,10 +91,10 @@ func parseIP(ip string) []string {
return parseIP1(ip)
//可能是域名,用lookup获取ip
case reg.MatchString(ip):
_, err := net.LookupHost(ip)
if err != nil {
return nil
}
// _, err := net.LookupHost(ip)
// if err != nil {
// return nil
// }
return []string{ip}
//处理单个ip
default:

View File

@ -32,6 +32,7 @@ var PORTList = map[string]int{
"ms17010": 1000001,
"cve20200796": 1000002,
"web": 1000003,
"webonly": 10000031,
"all": 0,
"portscan": 0,
"icmp": 0,

View File

@ -10,7 +10,7 @@ import (
var Num int64
var End int64
var Results = make(chan string)
var Results = make(chan *string)
var Start = true
var LogSucTime int64
var LogErrTime int64
@ -25,16 +25,16 @@ func init() {
func LogSuccess(result string) {
LogWG.Add(1)
LogSucTime = time.Now().Unix()
Results <- result
Results <- &result
}
func SaveLog() {
for result := range Results {
if Silent == false || strings.Contains(result, "[+]") || strings.Contains(result, "[*]") {
fmt.Println(result)
if Silent == false || strings.Contains(*result, "[+]") || strings.Contains(*result, "[*]") {
fmt.Println(*result)
}
if IsSave {
WriteFile(result, Outputfile)
WriteFile(*result, Outputfile)
}
LogWG.Done()
}

View File

@ -1,14 +1,18 @@
package main
import (
"fmt"
"github.com/shadow1ng/fscan/Plugins"
"github.com/shadow1ng/fscan/common"
"time"
)
func main() {
start := time.Now()
var Info common.HostInfo
common.Flag(&Info)
common.Parse(&Info)
Plugins.Scan(Info)
print("scan end\n")
t := time.Now().Sub(start)
fmt.Printf("[*] 扫描结束,耗时: %s", t)
}