修复一个web超时的bug

Plugins/elasticsearch.go

@@ -1,15 +1,12 @@
 package Plugins
 
 import (
-	"crypto/tls"
 	"fmt"
+	"github.com/shadow1ng/fscan/WebScan/lib"
+	"github.com/shadow1ng/fscan/common"
 	"io/ioutil"
-	"net"
 	"net/http"
 	"strings"
-	"time"
-
-	"github.com/shadow1ng/fscan/common"
 )
 
 func elasticsearchScan(info *common.HostInfo) error {
@@ -20,20 +17,6 @@ func elasticsearchScan(info *common.HostInfo) error {
 func geturl2(info *common.HostInfo) (flag bool, err error) {
 	flag = false
 	url := fmt.Sprintf("%s:%d/_cat", info.Url, common.PORTList["elastic"])
-	var client = &http.Client{
-		Timeout: time.Duration(info.WebTimeout) * time.Second,
-		Transport: &http.Transport{
-			TLSClientConfig:   &tls.Config{InsecureSkipVerify: true},
-			DisableKeepAlives: false,
-			DialContext: (&net.Dialer{
-				Timeout: time.Duration(info.WebTimeout) * time.Second,
-			}).DialContext,
-		},
-		CheckRedirect: func(req *http.Request, via []*http.Request) error {
-			return http.ErrUseLastResponse
-		},
-	}
-
 	res, err := http.NewRequest("GET", url, nil)
 	if err == nil {
 		res.Header.Add("User-agent", "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36")
@@ -41,8 +24,10 @@ func geturl2(info *common.HostInfo) (flag bool, err error) {
 		res.Header.Add("Accept-Language", "zh-CN,zh;q=0.9")
 		res.Header.Add("Accept-Encoding", "gzip, deflate")
 		res.Header.Add("Connection", "close")
-		resp, err := client.Do(res)
+		if common.Pocinfo.Cookie != "" {
-
+			res.Header.Set("Cookie", common.Pocinfo.Cookie)
+		}
+		resp, err := lib.Client.Do(res)
 		if err == nil {
 			defer resp.Body.Close()
 			body, _ := ioutil.ReadAll(resp.Body)

Plugins/scanner.go

@@ -14,39 +14,42 @@ import (
 func Scan(info common.HostInfo) {
 	fmt.Println("scan start")
 	Hosts, _ := common.ParseIP(info.Host, common.HostFile)
-	if common.IsPing == false {
-		Hosts = ICMPRun(Hosts, common.Ping)
-		fmt.Println("icmp alive hosts len is:", len(Hosts))
-	}
-	if info.Scantype == "icmp" {
-		return
-	}
-	AlivePorts := TCPportScan(Hosts, info.Ports, info.Timeout)
-	if info.Scantype == "portscan" {
-		return
-	}
 	WebScan.Inithttp(common.Pocinfo)
-	var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
-	for _, port := range common.PORTList {
-		severports = append(severports, strconv.Itoa(port))
-	}
 	var ch = make(chan struct{}, common.Threads)
 	var wg = sync.WaitGroup{}
-	for _, targetIP := range AlivePorts {
+	if len(Hosts) > 0 {
-		info.Host, info.Ports = strings.Split(targetIP, ":")[0], strings.Split(targetIP, ":")[1]
+		if common.IsPing == false {
-		if info.Scantype == "all" {
+			Hosts = ICMPRun(Hosts, common.Ping)
-			if info.Ports == "445" { //scan more vul
+			fmt.Println("icmp alive hosts len is:", len(Hosts))
-				AddScan("1000001", info, ch, &wg)
+		}
-				AddScan("1000002", info, ch, &wg)
+		if info.Scantype == "icmp" {
-			} else if IsContain(severports, info.Ports) {
+			return
-				AddScan(info.Ports, info, ch, &wg)
+		}
+		AlivePorts := TCPportScan(Hosts, info.Ports, info.Timeout)
+		if info.Scantype == "portscan" {
+			return
+		}
+
+		var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...}
+		for _, port := range common.PORTList {
+			severports = append(severports, strconv.Itoa(port))
+		}
+		for _, targetIP := range AlivePorts {
+			info.Host, info.Ports = strings.Split(targetIP, ":")[0], strings.Split(targetIP, ":")[1]
+			if info.Scantype == "all" {
+				if info.Ports == "445" { //scan more vul
+					AddScan("1000001", info, ch, &wg)
+					AddScan("1000002", info, ch, &wg)
+				} else if IsContain(severports, info.Ports) {
+					AddScan(info.Ports, info, ch, &wg)
+				} else {
+					AddScan("1000003", info, ch, &wg) //webtitle
+				}
 			} else {
-				AddScan("1000003", info, ch, &wg) //webtitle
+				port, _ := common.PortlistBack[info.Scantype]
+				scantype := strconv.Itoa(port)
+				AddScan(scantype, info, ch, &wg)
 			}
-		} else {
-			port, _ := common.PortlistBack[info.Scantype]
-			scantype := strconv.Itoa(port)
-			AddScan(scantype, info, ch, &wg)
 		}
 	}
 	if common.URL != "" {

common/config.go

@@ -58,18 +58,17 @@ var Webport = "9098,9448,8888,82,8858,1081,8879,21502,9097,8088,8090,8200,91,108
 var DefaultPorts = "21,22,80,81,135,443,445,1433,3306,5432,6379,7001,8000,8080,8089,9200,11211,27017"
 
 type HostInfo struct {
-	Host       string
+	Host      string
-	Ports      string
+	Ports     string
-	Domain     string
+	Domain    string
-	Url        string
+	Url       string
-	Timeout    int64
+	Timeout   int64
-	WebTimeout int64
+	Scantype  string
-	Scantype   string
+	Command   string
-	Command    string
+	Username  string
-	Username   string
+	Password  string
-	Password   string
+	Usernames []string
-	Usernames  []string
+	Passwords []string
-	Passwords  []string
 }
 
 type PocInfo struct {

common/flag.go

@@ -26,7 +26,6 @@ func Flag(Info *HostInfo) {
 	flag.StringVar(&Info.Username, "user", "", "username")
 	flag.StringVar(&Info.Password, "pwd", "", "password")
 	flag.Int64Var(&Info.Timeout, "time", 3, "Set timeout")
-	flag.Int64Var(&Info.WebTimeout, "wt", 5, "Set web timeout")
 	flag.StringVar(&Info.Scantype, "m", "all", "Select scan type ,as: -m ssh")
 	flag.IntVar(&Threads, "t", 200, "Thread nums")
 	flag.StringVar(&HostFile, "hf", "", "host file, -hs ip.txt")
@@ -45,6 +44,7 @@ func Flag(Info *HostInfo) {
 	flag.StringVar(&Pocinfo.PocName, "pocname", "", "use the pocs these contain pocname, -pocname weblogic")
 	flag.StringVar(&Pocinfo.Proxy, "proxy", "", "set poc proxy, -proxy http://127.0.0.1:8080")
 	flag.StringVar(&Pocinfo.Cookie, "cookie", "", "set poc cookie")
+	flag.Int64Var(&Pocinfo.Timeout, "wt", 5, "Set web timeout")
 	flag.IntVar(&Pocinfo.Num, "Num", 20, "poc rate")
 	flag.Parse()
 }