update

2025-07-16 06:12:34 +08:00 · 2020-11-17 13:15:08 +08:00 · 2020-11-17 13:15:08 +08:00 · a33ed4cfeb
commit a33ed4cfeb
parent 30c1f267c2
6 changed files with 76 additions and 34 deletions
--- a/Plugins/webtitle.go
+++ b/Plugins/webtitle.go
@ -1,11 +1,12 @@
 package Plugins

 import (
+	"crypto/tls"
 	"fmt"
+	"github.com/shadow1ng/fscan/WebScan"
 	"io/ioutil"
 	"net/http"
 	"regexp"
-	"strings"
 	"sync"
 	"time"

@ -15,6 +16,16 @@ import (
 func WebTitle(info *common.HostInfo, ch chan int, wg *sync.WaitGroup) (err error, result string) {
 	info.Url = fmt.Sprintf("http://%s:%s", info.Host, info.Ports)
 	err, result = geturl(info)
+	if err == nil{
+		WebScan.WebScan(info)
+	}
+
+	info.Url = fmt.Sprintf("https://%s:%s", info.Host, info.Ports)
+	err, result = geturl(info)
+	if err == nil{
+		WebScan.WebScan(info)
+	}
+
 	wg.Done()
 	<-ch
 	return err, result
@ -22,7 +33,11 @@ func WebTitle(info *common.HostInfo, ch chan int, wg *sync.WaitGroup) (err error

 func geturl(info *common.HostInfo) (err error, result string) {
 	url := info.Url
-	var client = &http.Client{Timeout: time.Duration(info.Timeout) * time.Second}
+	info.Timeout = 20
+	tr := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
+	var client = &http.Client{Timeout: time.Duration(info.Timeout) * time.Second, Transport: tr}
 	res, err := http.NewRequest("GET", url, nil)
 	if err == nil {
 		res.Header.Add("User-agent", "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36")
@ -45,40 +60,11 @@ func geturl(info *common.HostInfo) (err error, result string) {
 			if len(title) > 50 {
 				title = title[:50]
 			}
-			if resp.StatusCode == 400 && string(url[5]) != "https" {
-				info.Url = strings.Replace(url, "http://", "https://", 1)
-				return geturl(info)
-			} else {
-				result = fmt.Sprintf("WebTitle:%v %v %v", url, resp.StatusCode, title)
-				common.LogSuccess(result)
-			}
+			result = fmt.Sprintf("WebTitle:%v %v %v", url, resp.StatusCode, title)
+			common.LogSuccess(result)
 			return err, result
 		}
+		return err, ""
 	}
 	return err, ""
 }
-
-//var client = &http.Client{
-//	Transport:&http.Transport{
-//		DialContext:(&net.Dialer{
-//			Timeout:time.Duration(info.Timeout)*time.Second,
-//		}).DialContext,
-//	},
-//	CheckRedirect:func(req *http.Request, via []*http.Request) error{
-//		return http.ErrUseLastResponse
-//	},
-//}
-
-//if info.Cookie!=""{
-//	res.Header.Add("Cookie",info.Cookie)
-//}
-//if info.Header!=""{
-//	var header = make(map[string]string)
-//	err:=json.Unmarshal([]byte(info.Header),&header)
-//	if err!=nil{
-//		Misc.CheckErr(err)
-//	}
-//	for k,v:=range header{
-//		res.Header.Add(k,v)
-//	}
-//}
--- a/README.md
+++ b/README.md
@ -14,6 +14,7 @@
   因为用习惯了f-scrack，习惯一条命令跑完所有模块，省去一个个模块单独调用的时间，当然我附加了-m 指定模块的功能。

 ## 最近更新
+[+] 2020/11/17 增加WebScan模块,新增shiro简单识别。https访问时,跳过证书认证。将服务模块和web模块的超时分开,增加-wb 参数(WebTimeout)。    
 [+] 2020/11/16 对icmp模块进行优化,增加-it 参数(IcmpThreads),默认11000,适合扫B段  
 [+] 2020/11/15 支持ip以文件导入,-hs ip.txt,并对去重做了处理

--- a/WebScan/WebScan.go
+++ b/WebScan/WebScan.go
@ -0,0 +1,9 @@
+package WebScan
+
+import (
+	"github.com/shadow1ng/fscan/common"
+)
+
+func WebScan(info *common.HostInfo) {
+	Shiro(info)
+}
--- a/WebScan/shiro.go
+++ b/WebScan/shiro.go
@ -0,0 +1,44 @@
+package WebScan
+
+import (
+	"crypto/tls"
+	"fmt"
+	"github.com/shadow1ng/fscan/common"
+	"net/http"
+	"strings"
+	"time"
+)
+
+
+func Shiro(info *common.HostInfo) (err error, result string) {
+	url := info.Url
+	tr := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
+	var client = &http.Client{Timeout: time.Duration(info.Timeout) * time.Second, Transport: tr}
+	res, err := http.NewRequest("GET", url, nil)
+	if err == nil {
+		res.Header.Add("User-agent", "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36")
+		res.Header.Add("Accept", "*/*")
+		res.Header.Add("Cookie", "rememberMe=1")
+		res.Header.Add("Accept-Language", "zh-CN,zh;q=0.9")
+		res.Header.Add("Accept-Encoding", "gzip, deflate")
+		res.Header.Add("Connection", "close")
+		resp, err := client.Do(res)
+		if err == nil {
+			defer resp.Body.Close()
+			for _,a := range resp.Header{
+				if len(a) >1{
+					for _,b :=range a{
+						if strings.Contains(b,"rememberMe"){
+							result = fmt.Sprintf("%v is shiro",url)
+							 common.LogSuccess(result)
+							return err, result
+						}
+					}
+				}
+			}
+		}
+	}
+	return err, ""
+}
--- a/common/config.go
+++ b/common/config.go
@ -61,6 +61,7 @@ type HostInfo struct {
 	Ports string
 	Url string
 	Timeout int64
+	WebTimeout int64
 	Scantype string
 	Isping bool
 	Threads int
--- a/common/flag.go
+++ b/common/flag.go
@ -35,6 +35,7 @@ func Flag(Info *HostInfo)  {
 	flag.StringVar(&Info.Passfile,"pwdf","","password file")
 	flag.StringVar(&Info.Outputfile,"o","result.txt","Outputfile")
 	flag.Int64Var(&Info.Timeout,"time",3,"Set timeout")
+	flag.Int64Var(&Info.WebTimeout,"wt",3,"Set web timeout")
 	flag.StringVar(&Info.Scantype,"m","all","Select scan type ,as: -m ssh")
 	flag.StringVar(&Info.RedisFile,"rf","","redis file to write sshkey file (as: -rf id_rsa.pub) ")
 	flag.StringVar(&Info.RedisShell,"rs","","redis shell to write cron file (as: -rs 192.168.1.1:6666) ")