From cdbd1aebc2bc8b7933d1ec3a579b41c07beb9d19 Mon Sep 17 00:00:00 2001 From: shadow1ng Date: Sun, 15 Nov 2020 22:17:57 +0800 Subject: [PATCH] update --- Plugins/ms17017.go | 2 +- Plugins/scanner.go | 5 +-- Plugins/smb.go | 1 - Plugins/webtitle.go | 6 ++-- README.md | 8 +++++ common/Parse.go | 12 +++++-- common/ParseIP.go | 82 +++++++++++++++++++++++++++++++++++++++++---- common/config.go | 1 + common/flag.go | 1 + main.go | 2 +- 10 files changed, 101 insertions(+), 19 deletions(-) diff --git a/Plugins/ms17017.go b/Plugins/ms17017.go index 2cd6e87..8358437 100644 --- a/Plugins/ms17017.go +++ b/Plugins/ms17017.go @@ -131,7 +131,7 @@ func MS17010Scan(info *common.HostInfo) { } } else { - result := fmt.Sprintf("%s\t \t(%s)\n", ip, os) + result := fmt.Sprintf("%s (%s)", ip, os) common.LogSuccess(result) } diff --git a/Plugins/scanner.go b/Plugins/scanner.go index 8c1849d..a64f9e0 100644 --- a/Plugins/scanner.go +++ b/Plugins/scanner.go @@ -35,7 +35,7 @@ func IsContain(items []string, item string) bool { } func Scan(info *common.HostInfo) { - Hosts,_ := common.ParseIP(info.Host) + Hosts,_ := common.ParseIP(info.Host,info.HostFile) if info.Isping == false{ Hosts = ICMPRun(Hosts) } @@ -72,9 +72,6 @@ func Scan(info *common.HostInfo) { port,_:=common.PORTList[info.Scantype] scantype = strconv.Itoa(port) AddScan(scantype,info,ch,&wg) - //wg.Add(1) - //go scan_func(PluginList,scantype,info,ch,&wg) - //ch <- 1 } } wg.Wait() diff --git a/Plugins/smb.go b/Plugins/smb.go index 0bc1e5b..2d419ca 100644 --- a/Plugins/smb.go +++ b/Plugins/smb.go @@ -15,7 +15,6 @@ Loop: for _,user:=range common.Userdict["smb"]{ for _,pass:=range common.Passwords{ pass = strings.Replace(pass, "{user}", string(user), -1) - //fmt.Println(user,pass) //flag,err := SmblConn(info,user,pass) flag,err := doWithTimeOut(info,user,pass) //fmt.Println(user,pass,flag,err) diff --git a/Plugins/webtitle.go b/Plugins/webtitle.go index 0836b81..8254301 100644 --- a/Plugins/webtitle.go +++ b/Plugins/webtitle.go @@ -36,13 +36,13 @@ func geturl(info *common.HostInfo) (err error, result string) { body, _ := ioutil.ReadAll(resp.Body) re :=regexp.MustCompile("(.*)") find := re.FindAllStringSubmatch(string(body),-1) - if len(find) > 1{ + if len(find) > 0{ title = find[0][1] }else { title = "None" } - if len(title) > 20{ - title = title[:20] + if len(title) > 50{ + title = title[:50] } if resp.StatusCode == 400 && string(url[5]) != "https"{ info.Url = strings.Replace(url, "http://", "https://", 1) diff --git a/README.md b/README.md index 9ff0f14..2a95016 100644 --- a/README.md +++ b/README.md @@ -38,6 +38,8 @@ fscan.exe -h 192.168.1.1/24 -m ms17010 (指定模块) exec command (ssh) -h string IP address of the host you want to scan,for example: 192.168.11.11 | 192.168.11.11-255 | 192.168.11.11,192.168.11.12 + -hf string + host file, -hs ip.txt -m string Select scan type ,as: -m ssh (default "all") -no @@ -64,6 +66,7 @@ fscan.exe -h 192.168.1.1/24 -m ms17010 (指定模块) username -userf string username file + ``` ## 运行截图 @@ -79,6 +82,11 @@ fscan.exe -h 192.168.1.1/24 -m ms17010 (指定模块) `fscan.exe -h 192.168.x.x -c "whoami;id" (ssh 命令)` ![](image/3.png) + +## 最近更新 +2020/11/15 +[+] 支持ip以文件导入,-hs ip.txt + ## 未来计划 [*] 增加内网常见高危漏洞 [*] 增加高危web漏洞扫描 diff --git a/common/Parse.go b/common/Parse.go index 81f5801..a9a6431 100644 --- a/common/Parse.go +++ b/common/Parse.go @@ -74,7 +74,7 @@ func Readfile(filename string)([]string,error){ file, err := os.Open(filename) if err!=nil{ fmt.Println("Open %s error, %v", filename,err) - return nil,err + os.Exit(0) } defer file.Close() var content []string @@ -92,7 +92,7 @@ func Readfile(filename string)([]string,error){ func ParseInput(Info *HostInfo){ - if Info.Host==""{ + if Info.Host=="" && Info.HostFile ==""{ fmt.Println("Host is none") flag.Usage() os.Exit(0) @@ -123,4 +123,12 @@ func ParseScantype(Info *HostInfo){ PORTList[name] = ScanPort } } +} + + +func CheckErr(text string,err error){ + if err!=nil{ + fmt.Println(text,err.Error()) + os.Exit(0) + } } \ No newline at end of file diff --git a/common/ParseIP.go b/common/ParseIP.go index d759eff..691c044 100644 --- a/common/ParseIP.go +++ b/common/ParseIP.go @@ -1,21 +1,57 @@ package common import ( + "bufio" "errors" + "fmt" "net" + "os" "regexp" "strconv" "strings" ) -var ParseIPErr error =errors.New("host parsing error\n" + +var ParseIPErr =errors.New("host parsing error\n" + "format: \n"+ - "192.168.1.1/24\n"+ "192.168.1.1\n" + + "192.168.1.1/8\n"+ + "192.168.1.1/16\n"+ + "192.168.1.1/24\n"+ "192.168.1.1,192.168.1.2\n" + "192.168.1.1-255") -func ParseIP(ip string)([]string,error){ +func ParseIP(ip string,filename string)(hosts []string,err error){ + + if ip != ""{ + hosts,err = ParseIPs(ip) + } + if filename != ""{ + var filehost []string + filehost,_ = Readipfile(filename) + hosts = append(hosts,filehost...) + } + hosts = RemoveDuplicate(hosts) + return hosts,err +} + +func ParseIPs(ip string)(hosts []string,err error){ + if strings.Contains(ip,","){ + IPList:=strings.Split(ip,",") + var ips []string + for _,ip:=range IPList{ + ips,err = ParseIPone(ip) + CheckErr(ip,err) + hosts = append(hosts,ips...) + } + return hosts,err + }else { + hosts,err = ParseIPone(ip) + CheckErr(ip,err) + return hosts,err + } +} + +func ParseIPone(ip string)([]string,error){ reg:=regexp.MustCompile(`[a-zA-Z]+`) switch { case strings.Contains(ip[len(ip)-3:len(ip)],"/24"): @@ -24,8 +60,6 @@ func ParseIP(ip string)([]string,error){ return ParseIPD(ip) case strings.Contains(ip[len(ip)-2:len(ip)],"/8"): return ParseIPE(ip) - case strings.Contains(ip,","): - return ParseIPB(ip) case strings.Count(ip,"-")==1: return ParseIPC(ip) case reg.MatchString(ip): @@ -42,7 +76,6 @@ func ParseIP(ip string)([]string,error){ return []string{ip},nil } } - //Parsing CIDR IP func ParseIPA(ip string)([]string,error){ realIP:=ip[:len(ip)-3] @@ -128,4 +161,39 @@ func ParseIPE(ip string)([]string,error){ } } return AllIP,nil -} \ No newline at end of file +} + +func Readipfile(filename string)([]string,error){ + file, err := os.Open(filename) + if err!=nil{ + fmt.Println("Open %s error, %v", filename,err) + os.Exit(0) + } + defer file.Close() + var content []string + scanner := bufio.NewScanner(file) + scanner.Split(bufio.ScanLines) + for scanner.Scan() { + text := strings.TrimSpace(scanner.Text()) + if text != "" { + host,err := ParseIPs(text) + CheckErr(text,err) + content=append(content,host...) + } + } + return content,nil +} + + +func RemoveDuplicate(old []string) ([]string) { + result := make([]string, 0, len(old)) + temp := map[string]struct{}{} + for _, item := range old { + if _, ok := temp[item]; !ok { + temp[item] = struct{}{} + result = append(result, item) + } + } + return result +} + diff --git a/common/config.go b/common/config.go index 1883250..74a3587 100644 --- a/common/config.go +++ b/common/config.go @@ -39,6 +39,7 @@ var DefaultPorts = "21,22,23,80,135,443,445,1433,1521,3306,5432,6379,7001,8080,8 type HostInfo struct { Host string + HostFile string Ports string Url string Timeout int64 diff --git a/common/flag.go b/common/flag.go index b227e03..5d957ec 100644 --- a/common/flag.go +++ b/common/flag.go @@ -22,6 +22,7 @@ func Banner(){ func Flag(Info *HostInfo) { Banner() flag.StringVar(&Info.Host,"h","","IP address of the host you want to scan,for example: 192.168.11.11 | 192.168.11.11-255 | 192.168.11.11,192.168.11.12") + flag.StringVar(&Info.HostFile,"hf","","host file, -hs ip.txt") flag.StringVar(&Info.Ports,"p",DefaultPorts,"Select a port,for example: 22 | 1-65535 | 22,80,3306") flag.StringVar(&Info.Command,"c","","exec command (ssh)") flag.IntVar(&Info.Threads,"t",100,"Thread nums") diff --git a/main.go b/main.go index 9b403f7..6483a3e 100644 --- a/main.go +++ b/main.go @@ -1,8 +1,8 @@ package main import ( - "./Plugins" "./common" + "./Plugins" "fmt" )