From 468c2a0ff9491232bb5f49ddfa7299865cac8c04 Mon Sep 17 00:00:00 2001 From: shadow1ng Date: Mon, 16 Nov 2020 19:55:00 +0800 Subject: [PATCH] update icmp threads --- Plugins/icmp.go | 26 ++++++++++++-------------- Plugins/redis.go | 14 ++++++++------ Plugins/scanner.go | 5 +++-- common/config.go | 19 +++++++++++++++++++ common/flag.go | 5 +++-- 5 files changed, 45 insertions(+), 24 deletions(-) diff --git a/Plugins/icmp.go b/Plugins/icmp.go index 38b325a..fcdeeef 100644 --- a/Plugins/icmp.go +++ b/Plugins/icmp.go @@ -71,7 +71,7 @@ func isping(ip string) bool { buffer.Reset() binary.Write(&buffer, binary.BigEndian, icmp) - Time, _ := time.ParseDuration("2s") + Time, _ := time.ParseDuration("3s") conn, err := net.DialTimeout("ip4:icmp", ip, Time) if err != nil { return false @@ -80,7 +80,7 @@ func isping(ip string) bool { if err != nil { return false } - conn.SetReadDeadline(time.Now().Add(time.Second * 2)) + conn.SetReadDeadline(time.Now().Add(time.Second * 3)) num, err := conn.Read(recvBuf) if err != nil { return false @@ -115,11 +115,13 @@ func CheckSum(data []byte) uint16 { return uint16(^sum) } -func IcmpCheck(hostslist []string) { +func IcmpCheck(hostslist []string,IcmpThreads int) { var wg sync.WaitGroup mutex := &sync.Mutex{} + limiter := make(chan int, IcmpThreads) for _,host :=range hostslist{ wg.Add(1) + limiter <- 1 go func(host string) { defer wg.Done() if isping(host){ @@ -127,11 +129,14 @@ func IcmpCheck(hostslist []string) { AliveHosts = append(AliveHosts, host) mutex.Unlock() } + <- limiter }(host) + } wg.Wait() } + func ExecCommandPing(ip string,bsenv string) bool { command := exec.Command(bsenv, "-c", "ping -c 1 -w 1 "+ip+" >/dev/null && echo true || echo false") //ping -c 1 -i 0.5 -t 4 -W 2 -w 5 "+ip+" >/dev/null && echo true || echo false" outinfo := bytes.Buffer{} @@ -156,12 +161,6 @@ func PingCMDcheck(hostslist []string,bsenv string) { var wg sync.WaitGroup mutex := &sync.Mutex{} limiter := make(chan struct{}, 40) - //aliveHost := make(chan string, 20) - //go func() { - // for s := range aliveHost { - // fmt.Println(s) - // } - //}() for _,host :=range hostslist{ wg.Add(1) limiter <- struct{}{} @@ -177,24 +176,23 @@ func PingCMDcheck(hostslist []string,bsenv string) { }(host) } wg.Wait() - //close(aliveHost) } -func ICMPRun(hostslist []string) []string{ +func ICMPRun(hostslist []string,IcmpThreads int) []string{ var sysinfo SystemInfo sysinfo = GetSys() if sysinfo.OS == "windows" { - IcmpCheck(hostslist) + IcmpCheck(hostslist,IcmpThreads) }else if sysinfo.OS == "linux" { if (sysinfo.Groupid == "0" || sysinfo.Userid == "0" || sysinfo.Username == "root") { - IcmpCheck(hostslist) + IcmpCheck(hostslist,IcmpThreads) }else { PingCMDcheck(hostslist,"/bin/bash") } }else if sysinfo.OS == "darwin" { if (sysinfo.Groupid == "0" || sysinfo.Userid == "0" || sysinfo.Username == "root") { - IcmpCheck(hostslist) + IcmpCheck(hostslist,IcmpThreads) }else { PingCMDcheck(hostslist,"/usr/local/bin/bash") } diff --git a/Plugins/redis.go b/Plugins/redis.go index 2c17fdf..5766f25 100644 --- a/Plugins/redis.go +++ b/Plugins/redis.go @@ -81,7 +81,7 @@ func Expoilt(info *common.HostInfo,realhost string,conn net.Conn) { result := fmt.Sprintf("%v SSH public key was written successfully",realhost) common.LogSuccess(result) }else { - fmt.Println(realhost,"SSHPUB write failed",text) + fmt.Println("Redis:",realhost,"SSHPUB write failed",text) } } } @@ -94,7 +94,7 @@ func Expoilt(info *common.HostInfo,realhost string,conn net.Conn) { result := fmt.Sprintf("%v /var/spool/cron/root was written successfully",realhost) common.LogSuccess(result) }else { - fmt.Println(realhost,"cron write failed",text) + fmt.Println("Redis:",realhost,"cron write failed",text) } } } @@ -121,6 +121,7 @@ func writekey(conn net.Conn,filename string) (flag bool,text string) { } } } + text = strings.TrimSpace(text) if len(text) > 50{ text = text[:50] } @@ -145,10 +146,11 @@ func writecron(conn net.Conn,host string) (flag bool,text string) { text,_ = readreply(conn) if strings.Contains(text,"OK") { flag = true - } - } - } - } + }//else {fmt.Println(text)} + }//else {fmt.Println(text)} + }//else {fmt.Println(text)} + }//else {fmt.Println(text)} + text = strings.TrimSpace(text) if len(text) > 50{ text = text[:50] } diff --git a/Plugins/scanner.go b/Plugins/scanner.go index ccd6246..083868e 100644 --- a/Plugins/scanner.go +++ b/Plugins/scanner.go @@ -34,9 +34,10 @@ func IsContain(items []string, item string) bool { } func Scan(info common.HostInfo) { + fmt.Println("scan start") Hosts,_ := common.ParseIP(info.Host,info.HostFile) if info.Isping == false{ - Hosts = ICMPRun(Hosts) + Hosts = ICMPRun(Hosts,info.IcmpThreads) } _,AlivePorts := TCPportScan(Hosts,info.Ports,"icmp",3) //return AliveHosts,AlivePorts var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...} @@ -64,7 +65,7 @@ func Scan(info common.HostInfo) { AddScan("1000002",info,ch,&wg) } }else { - port,_:=common.PORTList[info.Scantype] + port,_:=common.PORTList_bak[info.Scantype] scantype = strconv.Itoa(port) AddScan(scantype,info,ch,&wg) } diff --git a/common/config.go b/common/config.go index 4783447..123288b 100644 --- a/common/config.go +++ b/common/config.go @@ -31,6 +31,24 @@ var PORTList = map[string]int{ "all":0, } +var PORTList_bak = map[string]int{ + "ftp": 21, + "ssh": 22, + "mem": 11211, + "mgo": 27017, + "mssql": 1433, + "psql": 5432, + "redis": 6379, + "mysql": 3306, + "smb": 445, + "ms17010": 1000001, + "cve20200796":1000002, + "webtitle": 1000003, + "elastic": 9200, + "findnet": 135, + "all":0, +} + var Outputfile = "result.txt" var IsSave = true @@ -46,6 +64,7 @@ type HostInfo struct { Scantype string Isping bool Threads int + IcmpThreads int Command string Username string Password string diff --git a/common/flag.go b/common/flag.go index 5d957ec..ad4a06a 100644 --- a/common/flag.go +++ b/common/flag.go @@ -25,7 +25,8 @@ func Flag(Info *HostInfo) { flag.StringVar(&Info.HostFile,"hf","","host file, -hs ip.txt") flag.StringVar(&Info.Ports,"p",DefaultPorts,"Select a port,for example: 22 | 1-65535 | 22,80,3306") flag.StringVar(&Info.Command,"c","","exec command (ssh)") - flag.IntVar(&Info.Threads,"t",100,"Thread nums") + flag.IntVar(&Info.Threads,"t",200,"Thread nums") + flag.IntVar(&Info.IcmpThreads,"it",3000,"Icmp Threads nums") flag.BoolVar(&Info.Isping,"np",false,"not to ping") flag.BoolVar(&Info.IsSave,"no",false,"not to save output log") flag.StringVar(&Info.Username,"user","","username") @@ -36,6 +37,6 @@ func Flag(Info *HostInfo) { flag.Int64Var(&Info.Timeout,"time",3,"Set timeout") flag.StringVar(&Info.Scantype,"m","all","Select scan type ,as: -m ssh") flag.StringVar(&Info.RedisFile,"rf","","redis file to write sshkey file (as: -rf id_rsa.pub) ") - flag.StringVar(&Info.RedisFile,"rs","","redis shell to write cron file (as: -rs 192.168.1.1:6666) ") + flag.StringVar(&Info.RedisShell,"rs","","redis shell to write cron file (as: -rs 192.168.1.1:6666) ") flag.Parse() } \ No newline at end of file