diff --git a/Plugins/scanner.go b/Plugins/scanner.go index 0f4effd..58c2c3a 100644 --- a/Plugins/scanner.go +++ b/Plugins/scanner.go @@ -2,59 +2,57 @@ package Plugins import ( "fmt" + "github.com/shadow1ng/fscan/WebScan/lib" + "github.com/shadow1ng/fscan/common" "reflect" "strconv" "strings" "sync" - - "github.com/fatih/color" - "github.com/shadow1ng/fscan/WebScan/lib" - "github.com/shadow1ng/fscan/common" ) -func Scan(info common.HostInfo, flags common.Flags) { +func Scan(info common.HostInfo) { fmt.Println("start infoscan") - Hosts, err := common.ParseIP(&info.HostPort, info.Host, flags.HostFile, flags.NoHosts) + Hosts, err := common.ParseIP(info.Host, common.HostFile, common.NoHosts) if err != nil { fmt.Println("len(hosts)==0", err) return } - lib.Inithttp(flags) - var ch = make(chan struct{}, flags.Threads) + lib.Inithttp(common.Pocinfo) + var ch = make(chan struct{}, common.Threads) var wg = sync.WaitGroup{} web := strconv.Itoa(common.PORTList["web"]) ms17010 := strconv.Itoa(common.PORTList["ms17010"]) - if len(Hosts) > 0 || len(info.HostPort) > 0 { - if flags.NoPing == false && len(Hosts) > 0 { - Hosts = CheckLive(Hosts, flags.Ping, flags.LiveTop) - color.Cyan("[*] Icmp alive hosts len is: %d", len(Hosts)) + if len(Hosts) > 0 || len(common.HostPort) > 0 { + if common.NoPing == false && len(Hosts) > 0 { + Hosts = CheckLive(Hosts, common.Ping) + fmt.Println("[*] Icmp alive hosts len is:", len(Hosts)) } - if flags.Scantype == "icmp" { + if common.Scantype == "icmp" { common.LogWG.Wait() return } - + common.GC() var AlivePorts []string - if flags.Scantype == "webonly" || flags.Scantype == "webpoc" { - AlivePorts = NoPortScan(Hosts, info.Ports, flags) - } else if flags.Scantype == "hostname" { + if common.Scantype == "webonly" || common.Scantype == "webpoc" { + AlivePorts = NoPortScan(Hosts, info.Ports) + } else if common.Scantype == "hostname" { info.Ports = "139" - AlivePorts = NoPortScan(Hosts, info.Ports, flags) + AlivePorts = NoPortScan(Hosts, info.Ports) } else if len(Hosts) > 0 { - AlivePorts = PortScan(Hosts, info.Ports, flags) - color.Cyan("[*] alive ports len is: %d", len(AlivePorts)) - if flags.Scantype == "portscan" { + AlivePorts = PortScan(Hosts, info.Ports, common.Timeout) + fmt.Println("[*] alive ports len is:", len(AlivePorts)) + if common.Scantype == "portscan" { common.LogWG.Wait() return } } - if len(info.HostPort) > 0 { - AlivePorts = append(AlivePorts, info.HostPort...) + if len(common.HostPort) > 0 { + AlivePorts = append(AlivePorts, common.HostPort...) AlivePorts = common.RemoveDuplicate(AlivePorts) - info.HostPort = nil - color.Cyan("[*] AlivePorts len is:", len(AlivePorts)) + common.HostPort = nil + fmt.Println("[*] AlivePorts len is:", len(AlivePorts)) } - + common.GC() var severports []string //severports := []string{"21","22","135"."445","1433","3306","5432","6379","9200","11211","27017"...} for _, port := range common.PORTList { severports = append(severports, strconv.Itoa(port)) @@ -62,54 +60,53 @@ func Scan(info common.HostInfo, flags common.Flags) { fmt.Println("start vulscan") for _, targetIP := range AlivePorts { info.Host, info.Ports = strings.Split(targetIP, ":")[0], strings.Split(targetIP, ":")[1] - if flags.Scantype == "all" || flags.Scantype == "main" { + if common.Scantype == "all" || common.Scantype == "main" { switch { case info.Ports == "135": - AddScan(info.Ports, info, flags, &ch, &wg) //findnet - if flags.IsWmi { - AddScan("1000005", info, flags, &ch, &wg) //wmiexec + AddScan(info.Ports, info, &ch, &wg) //findnet + if common.IsWmi { + AddScan("1000005", info, &ch, &wg) //wmiexec } case info.Ports == "445": - AddScan(ms17010, info, flags, &ch, &wg) //ms17010 + AddScan(ms17010, info, &ch, &wg) //ms17010 //AddScan(info.Ports, info, ch, &wg) //smb //AddScan("1000002", info, ch, &wg) //smbghost case info.Ports == "9000": - AddScan(web, info, flags, &ch, &wg) //http - AddScan(info.Ports, info, flags, &ch, &wg) //fcgiscan + AddScan(web, info, &ch, &wg) //http + AddScan(info.Ports, info, &ch, &wg) //fcgiscan case IsContain(severports, info.Ports): - AddScan(info.Ports, info, flags, &ch, &wg) //plugins scan + AddScan(info.Ports, info, &ch, &wg) //plugins scan default: - AddScan(web, info, flags, &ch, &wg) //webtitle + AddScan(web, info, &ch, &wg) //webtitle } } else { - scantype := strconv.Itoa(common.PORTList[flags.Scantype]) - AddScan(scantype, info, flags, &ch, &wg) + scantype := strconv.Itoa(common.PORTList[common.Scantype]) + AddScan(scantype, info, &ch, &wg) } } } - - for _, url := range flags.Urls { + common.GC() + for _, url := range common.Urls { info.Url = url - AddScan(web, info, flags, &ch, &wg) + AddScan(web, info, &ch, &wg) } - + common.GC() wg.Wait() common.LogWG.Wait() close(common.Results) - - fmt.Printf("Finished %d/%d", common.End, common.Num) + fmt.Println(fmt.Sprintf("已完成 %v/%v", common.End, common.Num)) } var Mutex = &sync.Mutex{} -func AddScan(scantype string, info common.HostInfo, flags common.Flags, ch *chan struct{}, wg *sync.WaitGroup) { +func AddScan(scantype string, info common.HostInfo, ch *chan struct{}, wg *sync.WaitGroup) { *ch <- struct{}{} wg.Add(1) go func() { Mutex.Lock() common.Num += 1 Mutex.Unlock() - ScanFunc(scantype, info, flags) + ScanFunc(&scantype, &info) Mutex.Lock() common.End += 1 Mutex.Unlock() @@ -118,9 +115,9 @@ func AddScan(scantype string, info common.HostInfo, flags common.Flags, ch *chan }() } -func ScanFunc(name string, info common.HostInfo, flags common.Flags) { - f := reflect.ValueOf(PluginList[name]) - in := []reflect.Value{reflect.ValueOf(info), reflect.ValueOf(flags)} +func ScanFunc(name *string, info *common.HostInfo) { + f := reflect.ValueOf(PluginList[*name]) + in := []reflect.Value{reflect.ValueOf(info)} f.Call(in) }