From c64c64477b614cb85e74c87cb8859ebd785f7db3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BD=B1=E8=88=9E=E8=80=85?= <shadow1ng@qq.com>
Date: Fri, 25 Feb 2022 15:29:45 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E-m=20webonly,=E8=B7=B3?=
 =?UTF-8?q?=E8=BF=87=E7=AB=AF=E5=8F=A3=E6=89=AB=E6=8F=8F,=E7=9B=B4?=
 =?UTF-8?q?=E6=8E=A5=E8=AE=BF=E9=97=AEhttp=E3=80=82=E8=87=B4=E8=B0=A2@Agel?=
 =?UTF-8?q?oVito?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Plugins/base.go     | 35 ++++++++++++++++++-----------------
 Plugins/findnet.go  |  4 ++--
 Plugins/portscan.go | 29 +++++++++++++++++++++++++++++
 Plugins/scanner.go  | 15 ++++++++++-----
 README.md           |  1 +
 common/ParseIP.go   |  8 ++++----
 common/config.go    |  1 +
 common/log.go       | 10 +++++-----
 main.go             |  6 +++++-
 9 files changed, 75 insertions(+), 34 deletions(-)

diff --git a/Plugins/base.go b/Plugins/base.go
index 3b77289..49ab591 100644
--- a/Plugins/base.go
+++ b/Plugins/base.go
@@ -1,21 +1,22 @@
 package Plugins
 
 var PluginList = map[string]interface{}{
-	"21":      FtpScan,
-	"22":      SshScan,
-	"135":     Findnet,
-	"139":     NetBIOS,
-	"445":     SmbScan,
-	"1433":    MssqlScan,
-	"1521":    OracleScan,
-	"3306":    MysqlScan,
-	"3389":    RdpScan,
-	"5432":    PostgresScan,
-	"6379":    RedisScan,
-	"9000":    FcgiScan,
-	"11211":   MemcachedScan,
-	"27017":   MongodbScan,
-	"1000001": MS17010,
-	"1000002": SmbGhost,
-	"1000003": WebTitle,
+	"21":       FtpScan,
+	"22":       SshScan,
+	"135":      Findnet,
+	"139":      NetBIOS,
+	"445":      SmbScan,
+	"1433":     MssqlScan,
+	"1521":     OracleScan,
+	"3306":     MysqlScan,
+	"3389":     RdpScan,
+	"5432":     PostgresScan,
+	"6379":     RedisScan,
+	"9000":     FcgiScan,
+	"11211":    MemcachedScan,
+	"27017":    MongodbScan,
+	"1000001":  MS17010,
+	"1000002":  SmbGhost,
+	"1000003":  WebTitle,
+	"10000031": WebTitle,
 }
diff --git a/Plugins/findnet.go b/Plugins/findnet.go
index d9a1e80..acf2274 100644
--- a/Plugins/findnet.go
+++ b/Plugins/findnet.go
@@ -25,7 +25,7 @@ func FindnetScan(info *common.HostInfo) error {
 	realhost := fmt.Sprintf("%s:%v", info.Host, 135)
 	conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
 	defer func() {
-		if conn != nil{
+		if conn != nil {
 			conn.Close()
 		}
 	}()
@@ -71,7 +71,7 @@ func read(text []byte, host string) error {
 	encodedStr := hex.EncodeToString(text)
 	hostnames := strings.Replace(encodedStr, "0700", "", -1)
 	hostname := strings.Split(hostnames, "000000")
-	result := "NetInfo:\n[*]" + host
+	result := "[+] NetInfo:\n[*]" + host
 	for i := 0; i < len(hostname); i++ {
 		hostname[i] = strings.Replace(hostname[i], "00", "", -1)
 		host, err := hex.DecodeString(hostname[i])
diff --git a/Plugins/portscan.go b/Plugins/portscan.go
index efa54c1..3c8c48a 100644
--- a/Plugins/portscan.go
+++ b/Plugins/portscan.go
@@ -88,3 +88,32 @@ func PortConnect(addr Addr, respondingHosts chan<- string, adjustedTimeout int64
 		respondingHosts <- address
 	}
 }
+
+func NoPortScan(hostslist []string, ports string) (AliveAddress []string) {
+	probePorts := common.ParsePort(ports)
+	noPorts := common.ParsePort(common.NoPorts)
+	if len(noPorts) > 0 {
+		temp := map[int]struct{}{}
+		for _, port := range probePorts {
+			temp[port] = struct{}{}
+		}
+
+		for _, port := range noPorts {
+			delete(temp, port)
+		}
+
+		var newDatas []int
+		for port, _ := range temp {
+			newDatas = append(newDatas, port)
+		}
+		probePorts = newDatas
+		sort.Ints(probePorts)
+	}
+	for _, port := range probePorts {
+		for _, host := range hostslist {
+			address := host + ":" + strconv.Itoa(port)
+			AliveAddress = append(AliveAddress, address)
+		}
+	}
+	return
+}
diff --git a/Plugins/scanner.go b/Plugins/scanner.go
index 3553ca0..eeea193 100644
--- a/Plugins/scanner.go
+++ b/Plugins/scanner.go
@@ -30,11 +30,16 @@ func Scan(info common.HostInfo) {
 			common.LogWG.Wait()
 			return
 		}
-		AlivePorts := PortScan(Hosts, info.Ports, info.Timeout)
-		fmt.Println("[*] alive ports len is:", len(AlivePorts))
-		if info.Scantype == "portscan" {
-			common.LogWG.Wait()
-			return
+		var AlivePorts []string
+		if info.Scantype == "webonly" {
+			AlivePorts = NoPortScan(Hosts, info.Ports)
+		} else {
+			AlivePorts = PortScan(Hosts, info.Ports, info.Timeout)
+			fmt.Println("[*] alive ports len is:", len(AlivePorts))
+			if info.Scantype == "portscan" {
+				common.LogWG.Wait()
+				return
+			}
 		}
 
 		var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
diff --git a/README.md b/README.md
index f573aee..2f62972 100644
--- a/README.md
+++ b/README.md
@@ -188,6 +188,7 @@ fscan 是 404Team [星链计划2.0](https://github.com/knownsec/404StarLink2.0-G
 除非您已充分阅读、完全理解并接受本协议所有条款，否则，请您不要安装并使用本工具。您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的，即视为您已阅读并同意本协议的约束。
 
 ## 最近更新
+[+] 2022/2/25 新增-m webonly,跳过端口扫描,直接访问http。致谢@AgeloVito  
 [+] 2022/1/11 新增oracle密码爆破  
 [+] 2022/1/7  扫ip/8时,默认会扫每个C段的网关和数个随机IP,推荐参数:-h ip/8 -m icmp.新增LiveTop功能,检测存活时,默认会输出top10的B、C段ip存活数量.  
 [+] 2021/12/7 新增rdp扫描,新增添加端口参数-pa 3389(会在原有端口列表基础上,新增该端口)  
diff --git a/common/ParseIP.go b/common/ParseIP.go
index 85c1445..6c51211 100644
--- a/common/ParseIP.go
+++ b/common/ParseIP.go
@@ -91,10 +91,10 @@ func parseIP(ip string) []string {
 		return parseIP1(ip)
 	//可能是域名,用lookup获取ip
 	case reg.MatchString(ip):
-		_, err := net.LookupHost(ip)
-		if err != nil {
-			return nil
-		}
+		//	_, err := net.LookupHost(ip)
+		//	if err != nil {
+		//		return nil
+		//	}
 		return []string{ip}
 	//处理单个ip
 	default:
diff --git a/common/config.go b/common/config.go
index e964e0c..6c29f15 100644
--- a/common/config.go
+++ b/common/config.go
@@ -32,6 +32,7 @@ var PORTList = map[string]int{
 	"ms17010":     1000001,
 	"cve20200796": 1000002,
 	"web":         1000003,
+	"webonly":     10000031,
 	"all":         0,
 	"portscan":    0,
 	"icmp":        0,
diff --git a/common/log.go b/common/log.go
index 38591f0..cdaaa84 100644
--- a/common/log.go
+++ b/common/log.go
@@ -10,7 +10,7 @@ import (
 
 var Num int64
 var End int64
-var Results = make(chan string)
+var Results = make(chan *string)
 var Start = true
 var LogSucTime int64
 var LogErrTime int64
@@ -25,16 +25,16 @@ func init() {
 func LogSuccess(result string) {
 	LogWG.Add(1)
 	LogSucTime = time.Now().Unix()
-	Results <- result
+	Results <- &result
 }
 
 func SaveLog() {
 	for result := range Results {
-		if Silent == false || strings.Contains(result, "[+]") || strings.Contains(result, "[*]") {
-			fmt.Println(result)
+		if Silent == false || strings.Contains(*result, "[+]") || strings.Contains(*result, "[*]") {
+			fmt.Println(*result)
 		}
 		if IsSave {
-			WriteFile(result, Outputfile)
+			WriteFile(*result, Outputfile)
 		}
 		LogWG.Done()
 	}
diff --git a/main.go b/main.go
index ce6d1e5..94a2c3c 100644
--- a/main.go
+++ b/main.go
@@ -1,14 +1,18 @@
 package main
 
 import (
+	"fmt"
 	"github.com/shadow1ng/fscan/Plugins"
 	"github.com/shadow1ng/fscan/common"
+	"time"
 )
 
 func main() {
+	start := time.Now()
 	var Info common.HostInfo
 	common.Flag(&Info)
 	common.Parse(&Info)
 	Plugins.Scan(Info)
-	print("scan end\n")
+	t := time.Now().Sub(start)
+	fmt.Printf("[*] 扫描结束,耗时: %s", t)
 }