mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-07-14 05:12:36 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

add socks5 support

Browse Source
This commit is contained in:
ccreater 2022-05-07 23:46:22 +08:00
parent df527adda9
commit d774023da7
15 changed files with 100 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Plugins/CVE-2020-0796.go
View File

@ -3,7 +3,6 @@ package Plugins
import ( import (
"bytes" "bytes"
"fmt" "fmt"
"net"
"time" "time"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
@ -106,7 +105,7 @@ func SmbGhost(info *common.HostInfo) error {
func SmbGhostScan(info *common.HostInfo) error { func SmbGhostScan(info *common.HostInfo) error {
ip, port, timeout := info.Host, 445, time.Duration(info.Timeout)*time.Second ip, port, timeout := info.Host, 445, time.Duration(info.Timeout)*time.Second
addr := fmt.Sprintf("%s:%v", info.Host, port) addr := fmt.Sprintf("%s:%v", info.Host, port)
conn, err := net.DialTimeout("tcp", addr, timeout) conn, err := common.WrapperTcpWithTimeout("tcp", addr, timeout)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

2
Plugins/NetBIOS.go
View File

@ -75,7 +75,7 @@ func NetBIOS1(info *common.HostInfo) (nbname NbnsName, err error) {
payload0 = append(payload0, []byte("\x00 EOENEBFACACACACACACACACACACACACA\x00")...) payload0 = append(payload0, []byte("\x00 EOENEBFACACACACACACACACACACACACA\x00")...)
} }
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports) realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if conn != nil{ if conn != nil{
conn.Close() conn.Close()

3
Plugins/fcgiscan.go
View File

@ -8,7 +8,6 @@ import (
"fmt" "fmt"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"io" "io"
"net"
"strconv" "strconv"
"strings" "strings"
"sync" "sync"
@ -184,7 +183,7 @@ type FCGIClient struct {
} }
func New(addr string, timeout int64) (fcgi *FCGIClient, err error) { func New(addr string, timeout int64) (fcgi *FCGIClient, err error) {
conn, err := net.DialTimeout("tcp", addr, time.Duration(timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", addr, time.Duration(timeout)*time.Second)
fcgi = &FCGIClient{ fcgi = &FCGIClient{
rwc: conn, rwc: conn,
keepAlive: false, keepAlive: false,

3
Plugins/findnet.go
View File

@ -5,7 +5,6 @@ import (
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"net"
"strings" "strings"
"time" "time"
) )
@ -23,7 +22,7 @@ func Findnet(info *common.HostInfo) error {
func FindnetScan(info *common.HostInfo) error { func FindnetScan(info *common.HostInfo) error {
realhost := fmt.Sprintf("%s:%v", info.Host, 135) realhost := fmt.Sprintf("%s:%v", info.Host, 135)
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

3
Plugins/memcached.go
View File

@ -3,14 +3,13 @@ package Plugins
import ( import (
"fmt" "fmt"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"net"
"strings" "strings"
"time" "time"
) )
func MemcachedScan(info *common.HostInfo) (err error) { func MemcachedScan(info *common.HostInfo) (err error) {
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports) realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
client, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second) client, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if client != nil{ if client != nil{
client.Close() client.Close()

3
Plugins/mongodb.go
View File

@ -4,7 +4,6 @@ import (
"fmt" "fmt"
_ "github.com/denisenkom/go-mssqldb" _ "github.com/denisenkom/go-mssqldb"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"net"
"strings" "strings"
"time" "time"
) )
@ -26,7 +25,7 @@ func MongodbUnauth(info *common.HostInfo) (flag bool, err error) {
flag = false flag = false
senddata := []byte{72, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 212, 7, 0, 0, 0, 0, 0, 0, 97, 100, 109, 105, 110, 46, 36, 99, 109, 100, 0, 0, 0, 0, 0, 1, 0, 0, 0, 33, 0, 0, 0, 2, 103, 101, 116, 76, 111, 103, 0, 16, 0, 0, 0, 115, 116, 97, 114, 116, 117, 112, 87, 97, 114, 110, 105, 110, 103, 115, 0, 0} senddata := []byte{72, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 212, 7, 0, 0, 0, 0, 0, 0, 97, 100, 109, 105, 110, 46, 36, 99, 109, 100, 0, 0, 0, 0, 0, 1, 0, 0, 0, 33, 0, 0, 0, 2, 103, 101, 116, 76, 111, 103, 0, 16, 0, 0, 0, 115, 116, 97, 114, 116, 117, 112, 87, 97, 114, 110, 105, 110, 103, 115, 0, 0}
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports) realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

3
Plugins/ms17010.go
View File

@ -6,7 +6,6 @@ import (
"errors" "errors"
"fmt" "fmt"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"net"
"strings" "strings"
"time" "time"
) )
@ -34,7 +33,7 @@ func MS17010(info *common.HostInfo) error {
func MS17010Scan(info *common.HostInfo) error { func MS17010Scan(info *common.HostInfo) error {
ip := info.Host ip := info.Host
// connecting to a host in LAN if reachable should be very quick // connecting to a host in LAN if reachable should be very quick
conn, err := net.DialTimeout("tcp", ip+":445", time.Duration(info.Timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", ip+":445", time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

3
Plugins/portscan.go
View File

@ -3,7 +3,6 @@ package Plugins
import ( import (
"fmt" "fmt"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"net"
"sort" "sort"
"strconv" "strconv"
"sync" "sync"
@ -74,7 +73,7 @@ func PortScan(hostslist []string, ports string, timeout int64) []string {
func PortConnect(addr Addr, respondingHosts chan<- string, adjustedTimeout int64, wg *sync.WaitGroup) { func PortConnect(addr Addr, respondingHosts chan<- string, adjustedTimeout int64, wg *sync.WaitGroup) {
host, port := addr.ip, addr.port host, port := addr.ip, addr.port
conn, err := net.DialTimeout("tcp4", fmt.Sprintf("%s:%v", host, port), time.Duration(adjustedTimeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp4", fmt.Sprintf("%s:%v", host, port), time.Duration(adjustedTimeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

3
Plugins/rdp.go
View File

@ -14,7 +14,6 @@ import (
"github.com/tomatome/grdp/protocol/tpkt" "github.com/tomatome/grdp/protocol/tpkt"
"github.com/tomatome/grdp/protocol/x224" "github.com/tomatome/grdp/protocol/x224"
"log" "log"
"net"
"os" "os"
"strconv" "strconv"
"strings" "strings"
@ -127,7 +126,7 @@ func NewClient(host string, logLevel glog.LEVEL) *Client {
} }
func (g *Client) Login(domain, user, pwd string, timeout int64) error { func (g *Client) Login(domain, user, pwd string, timeout int64) error {
conn, err := net.DialTimeout("tcp", g.Host, time.Duration(timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", g.Host, time.Duration(timeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

4
Plugins/redis.go
View File

@ -47,7 +47,7 @@ func RedisScan(info *common.HostInfo) (tmperr error) {
func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) { func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) {
flag = false flag = false
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports) realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()
@ -87,7 +87,7 @@ func RedisConn(info *common.HostInfo, pass string) (flag bool, err error) {
func RedisUnauth(info *common.HostInfo) (flag bool, err error) { func RedisUnauth(info *common.HostInfo) (flag bool, err error) {
flag = false flag = false
realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports) realhost := fmt.Sprintf("%s:%v", info.Host, info.Ports)
conn, err := net.DialTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second) conn, err := common.WrapperTcpWithTimeout("tcp", realhost, time.Duration(info.Timeout)*time.Second)
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

4
Plugins/webtitle.go
View File

@ -10,7 +10,6 @@ import (
"golang.org/x/text/encoding/simplifiedchinese" "golang.org/x/text/encoding/simplifiedchinese"
"io" "io"
"io/ioutil" "io/ioutil"
"net"
"net/http" "net/http"
"net/url" "net/url"
"regexp" "regexp"
@ -218,7 +217,8 @@ func GetProtocol(host string, Timeout int64) (protocol string) {
return return
} }
conn, err := tls.DialWithDialer(&net.Dialer{Timeout: time.Duration(Timeout) * time.Second}, "tcp", host, &tls.Config{InsecureSkipVerify: true}) socksconn, err := common.WrapperTcpWithTimeout("tcp", host, time.Duration(Timeout) * time.Second)
conn := tls.Client(socksconn, &tls.Config{InsecureSkipVerify: true})
defer func() { defer func() {
if conn != nil { if conn != nil {
conn.Close() conn.Close()

21
WebScan/lib/client.go
View File

@ -1,8 +1,11 @@
package lib package lib
import ( import (
"context"
"crypto/tls" "crypto/tls"
"errors"
"github.com/shadow1ng/fscan/common" "github.com/shadow1ng/fscan/common"
"golang.org/x/net/proxy"
"log" "log"
"net" "net"
"net/http" "net/http"
@ -27,13 +30,29 @@ func Inithttp(PocInfo common.PocInfo) {
} }
func InitHttpClient(ThreadsNum int, DownProxy string, Timeout time.Duration) error { func InitHttpClient(ThreadsNum int, DownProxy string, Timeout time.Duration) error {
type DialContext = func(ctx context.Context, network, addr string) (net.Conn, error)
var dialContext DialContext
dialer := &net.Dialer{ dialer := &net.Dialer{
Timeout: dialTimout, Timeout: dialTimout,
KeepAlive: keepAlive, KeepAlive: keepAlive,
} }
if common.Socks5Proxy != "" {
dialSocksProxy, err := common.Socks5Dailer(dialer)
if err != nil {
return err
}
if contextDialer, ok := dialSocksProxy.(proxy.ContextDialer); ok {
dialContext = contextDialer.DialContext
} else {
return errors.New("Failed type assertion to DialContext")
}
}else {
dialContext = dialer.DialContext
}
tr := &http.Transport{ tr := &http.Transport{
DialContext: dialer.DialContext, DialContext: dialContext,
MaxConnsPerHost: 5, MaxConnsPerHost: 5,
MaxIdleConns: 0, MaxIdleConns: 0,
MaxIdleConnsPerHost: ThreadsNum * 2, MaxIdleConnsPerHost: ThreadsNum * 2,

1
common/config.go
View File

@ -106,4 +106,5 @@ var (
PassAdd string PassAdd string
BruteThread int BruteThread int
LiveTop int LiveTop int
Socks5Proxy string
) )

1
common/flag.go
View File

@ -55,6 +55,7 @@ func Flag(Info *HostInfo) {
flag.StringVar(&UrlFile, "uf", "", "urlfile") flag.StringVar(&UrlFile, "uf", "", "urlfile")
flag.StringVar(&Pocinfo.PocName, "pocname", "", "use the pocs these contain pocname, -pocname weblogic") flag.StringVar(&Pocinfo.PocName, "pocname", "", "use the pocs these contain pocname, -pocname weblogic")
flag.StringVar(&Pocinfo.Proxy, "proxy", "", "set poc proxy, -proxy http://127.0.0.1:8080") flag.StringVar(&Pocinfo.Proxy, "proxy", "", "set poc proxy, -proxy http://127.0.0.1:8080")
flag.StringVar(&Socks5Proxy, "socks5", "", "set socks5 proxy, will be used in tcp connection, timeout setting will not work")
flag.StringVar(&Pocinfo.Cookie, "cookie", "", "set poc cookie") flag.StringVar(&Pocinfo.Cookie, "cookie", "", "set poc cookie")
flag.Int64Var(&Pocinfo.Timeout, "wt", 5, "Set web timeout") flag.Int64Var(&Pocinfo.Timeout, "wt", 5, "Set web timeout")
flag.IntVar(&Pocinfo.Num, "num", 20, "poc rate") flag.IntVar(&Pocinfo.Num, "num", 20, "poc rate")

65
common/proxy.go Normal file
View File

@ -0,0 +1,65 @@
package common
import (
"errors"
"golang.org/x/net/proxy"
"net"
"net/url"
"strings"
"time"
)
func WrapperTcpWithTimeout(network, address string, timeout time.Duration) (net.Conn, error) {
d := &net.Dialer{Timeout: timeout/2}
return WrapperTCP(network, address, d)
}
func WrapperTCP(network, address string,forward * net.Dialer) (net.Conn, error) {
//get conn
var conn net.Conn
if Socks5Proxy == "" {
var err error
conn,err = forward.Dial(network, address)
if err != nil {
return nil, err
}
}else {
dailer, err := Socks5Dailer(forward)
if err != nil{
return nil, err
}
conn,err = dailer.Dial(network, address)
if err != nil {
return nil, err
}
}
return conn, nil
}
func Socks5Dailer(forward * net.Dialer) (proxy.Dialer, error) {
u,err := url.Parse(Socks5Proxy)
if err != nil {
return nil, err
}
if strings.ToLower(u.Scheme) != "socks5" {
return nil, errors.New("Only support socks5")
}
address := u.Host
var auth proxy.Auth
var dailer proxy.Dialer
if u.User.String() != "" {
auth = proxy.Auth{}
auth.User = u.User.Username()
password,_ := u.User.Password()
auth.Password = password
dailer, err = proxy.SOCKS5("tcp", address, &auth, forward)
}else {
dailer, err = proxy.SOCKS5("tcp", address, nil, forward)
}
if err != nil {
return nil, err
}
return dailer, nil
}