新增LiveTop功能,检测存活时,默认会输出top10的b、c段ip存活数量

Plugins/icmp.go

@@ -20,7 +20,7 @@ var (
 	livewg     sync.WaitGroup
 )
 
-func ICMPRun(hostslist []string, Ping bool) []string {
+func CheckLive(hostslist []string, Ping bool) []string {
 	chanHosts := make(chan string, len(hostslist))
 	go func() {
 		for ip := range chanHosts {
@@ -28,9 +28,9 @@ func ICMPRun(hostslist []string, Ping bool) []string {
 				ExistHosts[ip] = struct{}{}
 				if common.Silent == false {
 					if Ping == false {
-						fmt.Printf("(icmp) Target '%s' is alive\n", ip)
+						fmt.Printf("(icmp) Target %-15s is alive\n", ip)
 					} else {
-						fmt.Printf("(ping) Target '%s' is alive\n", ip)
+						fmt.Printf("(ping) Target %-15s is alive\n", ip)
 					}
 				}
 				AliveHosts = append(AliveHosts, ip)
@@ -50,9 +50,10 @@ func ICMPRun(hostslist []string, Ping bool) []string {
 		} else {
 			common.LogError(err)
 			//尝试无监听icmp探测
+			fmt.Println("trying RunIcmp2")
 			conn, err := net.DialTimeout("ip4:icmp", "127.0.0.1", 3*time.Second)
 			defer func() {
-				if conn != nil{
+				if conn != nil {
 					conn.Close()
 				}
 			}()
@@ -70,6 +71,18 @@ func ICMPRun(hostslist []string, Ping bool) []string {
 
 	livewg.Wait()
 	close(chanHosts)
+	if common.IsIPRange {
+		arrTop, arrLen := ArrayCountValueTop(AliveHosts, common.LiveTop, true)
+		for i := 0; i < len(arrTop); i++ {
+			output := fmt.Sprintf("[*] LiveTop %-16s 段存活数量为: %d", arrTop[i]+".0.0/16", arrLen[i])
+			common.LogSuccess(output)
+		}
+	}
+	arrTop, arrLen := ArrayCountValueTop(AliveHosts, common.LiveTop, false)
+	for i := 0; i < len(arrTop); i++ {
+		output := fmt.Sprintf("[*] LiveTop %-16s 段存活数量为: %d", arrTop[i]+".0/24", arrLen[i])
+		common.LogSuccess(output)
+	}
 	return AliveHosts
 }
 
@@ -143,7 +156,7 @@ func icmpalive(host string) bool {
 	startTime := time.Now()
 	conn, err := net.DialTimeout("ip4:icmp", host, 6*time.Second)
 	defer func() {
-		if conn != nil{
+		if conn != nil {
 			conn.Close()
 		}
 	}()
@@ -253,3 +266,49 @@ func genSequence(v int16) (byte, byte) {
 func genIdentifier(host string) (byte, byte) {
 	return host[0], host[1]
 }
+
+func ArrayCountValueTop(arrInit []string, length int, flag bool) (arrTop []string, arrLen []int) {
+	if len(arrInit) == 0 {
+		return
+	}
+	arrMap1 := make(map[string]int)
+	arrMap2 := make(map[string]int)
+	for _, value := range arrInit {
+		line := strings.Split(value, ".")
+		if len(line) == 4 {
+			if flag {
+				value = fmt.Sprintf("%s.%s", line[0], line[1])
+			} else {
+				value = fmt.Sprintf("%s.%s.%s", line[0], line[1], line[2])
+			}
+		}
+		if arrMap1[value] != 0 {
+			arrMap1[value]++
+		} else {
+			arrMap1[value] = 1
+		}
+	}
+	for k, v := range arrMap1 {
+		arrMap2[k] = v
+	}
+
+	i := 0
+	for _ = range arrMap1 {
+		var maxCountKey string
+		var maxCountVal = 0
+		for key, val := range arrMap2 {
+			if val > maxCountVal {
+				maxCountVal = val
+				maxCountKey = key
+			}
+		}
+		arrTop = append(arrTop, maxCountKey)
+		arrLen = append(arrLen, maxCountVal)
+		i++
+		if i >= length {
+			return
+		}
+		delete(arrMap2, maxCountKey)
+	}
+	return
+}

Plugins/scanner.go

@@ -23,15 +23,17 @@ func Scan(info common.HostInfo) {
 	var wg = sync.WaitGroup{}
 	if len(Hosts) > 0 {
 		if common.IsPing == false {
-			Hosts = ICMPRun(Hosts, common.Ping)
+			Hosts = CheckLive(Hosts, common.Ping)
-			fmt.Println("icmp alive hosts len is:", len(Hosts))
+			fmt.Println("[*] Icmp alive hosts len is:", len(Hosts))
 		}
 		if info.Scantype == "icmp" {
+			common.LogWG.Wait()
 			return
 		}
 		AlivePorts := PortScan(Hosts, info.Ports, info.Timeout)
-		fmt.Println("alive ports len is:", len(AlivePorts))
+		fmt.Println("[*] alive ports len is:", len(AlivePorts))
 		if info.Scantype == "portscan" {
+			common.LogWG.Wait()
 			return
 		}
 

README.md

@@ -153,6 +153,8 @@ go build -ldflags="-s -w " -trimpath
 `go run .\main.go -h 192.168.x.x/24 -m netbios(-m netbios时,才会显示完整的netbios信息)`
 ![](image/netbios1.png)
 
+`go run .\main.go -h 192.0.0.0/8 -m icmp(探测每个C段的网关和数个随机IP,并统计top 10 B、C段存活数量)`
+![img.png](image/live.png)
 ## 参考链接
 https://github.com/Adminisme/ServerScan  
 https://github.com/netxfly/x-crack  
@@ -186,6 +188,7 @@ fscan 是 404Team [星链计划2.0](https://github.com/knownsec/404StarLink2.0-G
 除非您已充分阅读、完全理解并接受本协议所有条款，否则，请您不要安装并使用本工具。您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的，即视为您已阅读并同意本协议的约束。
 
 ## 最近更新
+[+] 2022/1/7  扫ip/8时,默认会扫每个C段的网关和数个随机IP,推荐参数:-h ip/8 -m icmp.新增LiveTop功能,检测存活时,默认会输出top10的B、C段ip存活数量.  
 [+] 2021/12/7 新增rdp扫描,新增添加端口参数-pa 3389(会在原有端口列表基础上,新增该端口)  
 [+] 2021/12/1 优化xray解析模块,支持groups、新增poc,加入https判断(tls握手包),优化ip解析模块(支持所有ip/xx),增加爆破关闭参数 -nobr,添加跳过某些ip扫描功能 -hn 192.168.1.1,添加跳过某些端口扫描功能-pn 21,445,增加扫描docker未授权漏洞  
 [+] 2021/6/18 改善一下poc的机制，如果识别出指纹会根据指纹信息发送poc，如果没有识别到指纹才会把所有poc打一遍  

common/config.go

@@ -1,5 +1,6 @@
 package common
 
+var version = "1.7.0"
 var Userdict = map[string][]string{
 	"ftp":        {"ftp", "admin", "www", "web", "root", "db", "wwwroot", "data"},
 	"mysql":      {"root", "mysql"},
@@ -99,4 +100,5 @@ var (
 	UserAdd       string
 	PassAdd       string
 	BruteThread   int
+	LiveTop       int
 )

common/flag.go

@@ -11,7 +11,7 @@ func Banner() {
  / /_\/____/ __|/ __| '__/ _` + "`" + ` |/ __| |/ /
 / /_\\_____\__ \ (__| | | (_| | (__|   <    
 \____/     |___/\___|_|  \__,_|\___|_|\_\   
-                     fscan version: 1.6.3
+                     fscan version: ` + version + `
 `
 	print(banner)
 }
@@ -34,6 +34,7 @@ func Flag(Info *HostInfo) {
 	flag.StringVar(&Info.Scantype, "m", "all", "Select scan type ,as: -m ssh")
 	flag.StringVar(&Info.Path, "path", "", "fcgi、smb romote file path")
 	flag.IntVar(&Threads, "t", 600, "Thread nums")
+	flag.IntVar(&LiveTop, "top", 10, "show live len top")
 	flag.StringVar(&HostFile, "hf", "", "host file, -hf ip.txt")
 	flag.StringVar(&Userfile, "userf", "", "username file")
 	flag.StringVar(&Passfile, "pwdf", "", "password file")