mirror of https://github.com/qwqdanchun/fscan.git
新增-m webonly,跳过端口扫描,直接访问http。致谢@AgeloVito
This commit is contained in:
parent
2ebda8baa9
commit
c64c64477b
|
@ -1,21 +1,22 @@
|
||||||
package Plugins
|
package Plugins
|
||||||
|
|
||||||
var PluginList = map[string]interface{}{
|
var PluginList = map[string]interface{}{
|
||||||
"21": FtpScan,
|
"21": FtpScan,
|
||||||
"22": SshScan,
|
"22": SshScan,
|
||||||
"135": Findnet,
|
"135": Findnet,
|
||||||
"139": NetBIOS,
|
"139": NetBIOS,
|
||||||
"445": SmbScan,
|
"445": SmbScan,
|
||||||
"1433": MssqlScan,
|
"1433": MssqlScan,
|
||||||
"1521": OracleScan,
|
"1521": OracleScan,
|
||||||
"3306": MysqlScan,
|
"3306": MysqlScan,
|
||||||
"3389": RdpScan,
|
"3389": RdpScan,
|
||||||
"5432": PostgresScan,
|
"5432": PostgresScan,
|
||||||
"6379": RedisScan,
|
"6379": RedisScan,
|
||||||
"9000": FcgiScan,
|
"9000": FcgiScan,
|
||||||
"11211": MemcachedScan,
|
"11211": MemcachedScan,
|
||||||
"27017": MongodbScan,
|
"27017": MongodbScan,
|
||||||
"1000001": MS17010,
|
"1000001": MS17010,
|
||||||
"1000002": SmbGhost,
|
"1000002": SmbGhost,
|
||||||
"1000003": WebTitle,
|
"1000003": WebTitle,
|
||||||
|
"10000031": WebTitle,
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,7 +25,7 @@ func FindnetScan(info *common.HostInfo) error {
|
||||||
realhost := fmt.Sprintf("%s:%v", info.Host, 135)
|
realhost := fmt.Sprintf("%s:%v", info.Host, 135)
|
||||||
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
|
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
|
||||||
defer func() {
|
defer func() {
|
||||||
if conn != nil{
|
if conn != nil {
|
||||||
conn.Close()
|
conn.Close()
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
@ -71,7 +71,7 @@ func read(text []byte, host string) error {
|
||||||
encodedStr := hex.EncodeToString(text)
|
encodedStr := hex.EncodeToString(text)
|
||||||
hostnames := strings.Replace(encodedStr, "0700", "", -1)
|
hostnames := strings.Replace(encodedStr, "0700", "", -1)
|
||||||
hostname := strings.Split(hostnames, "000000")
|
hostname := strings.Split(hostnames, "000000")
|
||||||
result := "NetInfo:\n[*]" + host
|
result := "[+] NetInfo:\n[*]" + host
|
||||||
for i := 0; i < len(hostname); i++ {
|
for i := 0; i < len(hostname); i++ {
|
||||||
hostname[i] = strings.Replace(hostname[i], "00", "", -1)
|
hostname[i] = strings.Replace(hostname[i], "00", "", -1)
|
||||||
host, err := hex.DecodeString(hostname[i])
|
host, err := hex.DecodeString(hostname[i])
|
||||||
|
|
|
@ -88,3 +88,32 @@ func PortConnect(addr Addr, respondingHosts chan<- string, adjustedTimeout int64
|
||||||
respondingHosts <- address
|
respondingHosts <- address
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func NoPortScan(hostslist []string, ports string) (AliveAddress []string) {
|
||||||
|
probePorts := common.ParsePort(ports)
|
||||||
|
noPorts := common.ParsePort(common.NoPorts)
|
||||||
|
if len(noPorts) > 0 {
|
||||||
|
temp := map[int]struct{}{}
|
||||||
|
for _, port := range probePorts {
|
||||||
|
temp[port] = struct{}{}
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, port := range noPorts {
|
||||||
|
delete(temp, port)
|
||||||
|
}
|
||||||
|
|
||||||
|
var newDatas []int
|
||||||
|
for port, _ := range temp {
|
||||||
|
newDatas = append(newDatas, port)
|
||||||
|
}
|
||||||
|
probePorts = newDatas
|
||||||
|
sort.Ints(probePorts)
|
||||||
|
}
|
||||||
|
for _, port := range probePorts {
|
||||||
|
for _, host := range hostslist {
|
||||||
|
address := host + ":" + strconv.Itoa(port)
|
||||||
|
AliveAddress = append(AliveAddress, address)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
|
@ -30,11 +30,16 @@ func Scan(info common.HostInfo) {
|
||||||
common.LogWG.Wait()
|
common.LogWG.Wait()
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
AlivePorts := PortScan(Hosts, info.Ports, info.Timeout)
|
var AlivePorts []string
|
||||||
fmt.Println("[*] alive ports len is:", len(AlivePorts))
|
if info.Scantype == "webonly" {
|
||||||
if info.Scantype == "portscan" {
|
AlivePorts = NoPortScan(Hosts, info.Ports)
|
||||||
common.LogWG.Wait()
|
} else {
|
||||||
return
|
AlivePorts = PortScan(Hosts, info.Ports, info.Timeout)
|
||||||
|
fmt.Println("[*] alive ports len is:", len(AlivePorts))
|
||||||
|
if info.Scantype == "portscan" {
|
||||||
|
common.LogWG.Wait()
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
|
var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
|
||||||
|
|
|
@ -188,6 +188,7 @@ fscan 是 404Team [星链计划2.0](https://github.com/knownsec/404StarLink2.0-G
|
||||||
除非您已充分阅读、完全理解并接受本协议所有条款,否则,请您不要安装并使用本工具。您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。
|
除非您已充分阅读、完全理解并接受本协议所有条款,否则,请您不要安装并使用本工具。您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。
|
||||||
|
|
||||||
## 最近更新
|
## 最近更新
|
||||||
|
[+] 2022/2/25 新增-m webonly,跳过端口扫描,直接访问http。致谢@AgeloVito
|
||||||
[+] 2022/1/11 新增oracle密码爆破
|
[+] 2022/1/11 新增oracle密码爆破
|
||||||
[+] 2022/1/7 扫ip/8时,默认会扫每个C段的网关和数个随机IP,推荐参数:-h ip/8 -m icmp.新增LiveTop功能,检测存活时,默认会输出top10的B、C段ip存活数量.
|
[+] 2022/1/7 扫ip/8时,默认会扫每个C段的网关和数个随机IP,推荐参数:-h ip/8 -m icmp.新增LiveTop功能,检测存活时,默认会输出top10的B、C段ip存活数量.
|
||||||
[+] 2021/12/7 新增rdp扫描,新增添加端口参数-pa 3389(会在原有端口列表基础上,新增该端口)
|
[+] 2021/12/7 新增rdp扫描,新增添加端口参数-pa 3389(会在原有端口列表基础上,新增该端口)
|
||||||
|
|
|
@ -91,10 +91,10 @@ func parseIP(ip string) []string {
|
||||||
return parseIP1(ip)
|
return parseIP1(ip)
|
||||||
//可能是域名,用lookup获取ip
|
//可能是域名,用lookup获取ip
|
||||||
case reg.MatchString(ip):
|
case reg.MatchString(ip):
|
||||||
_, err := net.LookupHost(ip)
|
// _, err := net.LookupHost(ip)
|
||||||
if err != nil {
|
// if err != nil {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
return []string{ip}
|
return []string{ip}
|
||||||
//处理单个ip
|
//处理单个ip
|
||||||
default:
|
default:
|
||||||
|
|
|
@ -32,6 +32,7 @@ var PORTList = map[string]int{
|
||||||
"ms17010": 1000001,
|
"ms17010": 1000001,
|
||||||
"cve20200796": 1000002,
|
"cve20200796": 1000002,
|
||||||
"web": 1000003,
|
"web": 1000003,
|
||||||
|
"webonly": 10000031,
|
||||||
"all": 0,
|
"all": 0,
|
||||||
"portscan": 0,
|
"portscan": 0,
|
||||||
"icmp": 0,
|
"icmp": 0,
|
||||||
|
|
|
@ -10,7 +10,7 @@ import (
|
||||||
|
|
||||||
var Num int64
|
var Num int64
|
||||||
var End int64
|
var End int64
|
||||||
var Results = make(chan string)
|
var Results = make(chan *string)
|
||||||
var Start = true
|
var Start = true
|
||||||
var LogSucTime int64
|
var LogSucTime int64
|
||||||
var LogErrTime int64
|
var LogErrTime int64
|
||||||
|
@ -25,16 +25,16 @@ func init() {
|
||||||
func LogSuccess(result string) {
|
func LogSuccess(result string) {
|
||||||
LogWG.Add(1)
|
LogWG.Add(1)
|
||||||
LogSucTime = time.Now().Unix()
|
LogSucTime = time.Now().Unix()
|
||||||
Results <- result
|
Results <- &result
|
||||||
}
|
}
|
||||||
|
|
||||||
func SaveLog() {
|
func SaveLog() {
|
||||||
for result := range Results {
|
for result := range Results {
|
||||||
if Silent == false || strings.Contains(result, "[+]") || strings.Contains(result, "[*]") {
|
if Silent == false || strings.Contains(*result, "[+]") || strings.Contains(*result, "[*]") {
|
||||||
fmt.Println(result)
|
fmt.Println(*result)
|
||||||
}
|
}
|
||||||
if IsSave {
|
if IsSave {
|
||||||
WriteFile(result, Outputfile)
|
WriteFile(*result, Outputfile)
|
||||||
}
|
}
|
||||||
LogWG.Done()
|
LogWG.Done()
|
||||||
}
|
}
|
||||||
|
|
6
main.go
6
main.go
|
@ -1,14 +1,18 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"fmt"
|
||||||
"github.com/shadow1ng/fscan/Plugins"
|
"github.com/shadow1ng/fscan/Plugins"
|
||||||
"github.com/shadow1ng/fscan/common"
|
"github.com/shadow1ng/fscan/common"
|
||||||
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
start := time.Now()
|
||||||
var Info common.HostInfo
|
var Info common.HostInfo
|
||||||
common.Flag(&Info)
|
common.Flag(&Info)
|
||||||
common.Parse(&Info)
|
common.Parse(&Info)
|
||||||
Plugins.Scan(Info)
|
Plugins.Scan(Info)
|
||||||
print("scan end\n")
|
t := time.Now().Sub(start)
|
||||||
|
fmt.Printf("[*] 扫描结束,耗时: %s", t)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue