2020-12-29 17:17:10 +08:00
|
|
|
package common
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bufio"
|
2022-11-19 17:04:13 +08:00
|
|
|
"encoding/hex"
|
2020-12-29 17:17:10 +08:00
|
|
|
"flag"
|
|
|
|
|
"fmt"
|
2024-12-18 21:56:08 +08:00
|
|
|
"github.com/shadow1ng/fscan/Config"
|
2022-11-19 17:04:13 +08:00
|
|
|
"net/url"
|
2020-12-29 17:17:10 +08:00
|
|
|
"os"
|
|
|
|
|
"strconv"
|
|
|
|
|
"strings"
|
|
|
|
|
)
|
|
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
func Parse(Info *Config.HostInfo) {
|
2022-07-03 23:41:39 +08:00
|
|
|
ParseUser()
|
2020-12-29 17:17:10 +08:00
|
|
|
ParsePass(Info)
|
|
|
|
|
ParseInput(Info)
|
2022-05-12 17:56:32 +08:00
|
|
|
ParseScantype(Info)
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
|
2022-07-03 23:41:39 +08:00
|
|
|
func ParseUser() {
|
|
|
|
|
if Username == "" && Userfile == "" {
|
2021-09-11 16:43:38 +08:00
|
|
|
return
|
|
|
|
|
}
|
2022-07-03 23:41:39 +08:00
|
|
|
var Usernames []string
|
|
|
|
|
if Username != "" {
|
|
|
|
|
Usernames = strings.Split(Username, ",")
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
2021-09-11 16:43:38 +08:00
|
|
|
|
2021-02-05 14:43:07 +08:00
|
|
|
if Userfile != "" {
|
2021-03-01 21:55:19 +08:00
|
|
|
users, err := Readfile(Userfile)
|
2020-12-29 17:17:10 +08:00
|
|
|
if err == nil {
|
2021-03-01 21:55:19 +08:00
|
|
|
for _, user := range users {
|
|
|
|
|
if user != "" {
|
2022-07-03 23:41:39 +08:00
|
|
|
Usernames = append(Usernames, user)
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-03 23:41:39 +08:00
|
|
|
Usernames = RemoveDuplicate(Usernames)
|
2021-09-11 16:43:38 +08:00
|
|
|
for name := range Userdict {
|
2022-07-03 23:41:39 +08:00
|
|
|
Userdict[name] = Usernames
|
2021-09-11 16:43:38 +08:00
|
|
|
}
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
func ParsePass(Info *Config.HostInfo) {
|
2022-07-03 23:41:39 +08:00
|
|
|
var PwdList []string
|
|
|
|
|
if Password != "" {
|
|
|
|
|
passs := strings.Split(Password, ",")
|
2020-12-29 17:17:10 +08:00
|
|
|
for _, pass := range passs {
|
|
|
|
|
if pass != "" {
|
2022-07-03 23:41:39 +08:00
|
|
|
PwdList = append(PwdList, pass)
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
}
|
2022-07-03 23:41:39 +08:00
|
|
|
Passwords = PwdList
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
2021-02-05 14:43:07 +08:00
|
|
|
if Passfile != "" {
|
|
|
|
|
passs, err := Readfile(Passfile)
|
2020-12-29 17:17:10 +08:00
|
|
|
if err == nil {
|
|
|
|
|
for _, pass := range passs {
|
|
|
|
|
if pass != "" {
|
2022-07-03 23:41:39 +08:00
|
|
|
PwdList = append(PwdList, pass)
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
}
|
2022-07-03 23:41:39 +08:00
|
|
|
Passwords = PwdList
|
2021-03-04 14:42:10 +08:00
|
|
|
}
|
|
|
|
|
}
|
2024-08-29 15:12:30 +08:00
|
|
|
if Hashfile != "" {
|
|
|
|
|
hashs, err := Readfile(Hashfile)
|
|
|
|
|
if err == nil {
|
|
|
|
|
for _, line := range hashs {
|
|
|
|
|
if line == "" {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if len(line) == 32 {
|
|
|
|
|
Hashs = append(Hashs, line)
|
|
|
|
|
} else {
|
|
|
|
|
fmt.Println("[-] len(hash) != 32 " + line)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-07-06 21:42:00 +08:00
|
|
|
if URL != "" {
|
|
|
|
|
urls := strings.Split(URL, ",")
|
|
|
|
|
TmpUrls := make(map[string]struct{})
|
|
|
|
|
for _, url := range urls {
|
|
|
|
|
if _, ok := TmpUrls[url]; !ok {
|
|
|
|
|
TmpUrls[url] = struct{}{}
|
|
|
|
|
if url != "" {
|
|
|
|
|
Urls = append(Urls, url)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-03-04 14:42:10 +08:00
|
|
|
if UrlFile != "" {
|
|
|
|
|
urls, err := Readfile(UrlFile)
|
|
|
|
|
if err == nil {
|
|
|
|
|
TmpUrls := make(map[string]struct{})
|
|
|
|
|
for _, url := range urls {
|
|
|
|
|
if _, ok := TmpUrls[url]; !ok {
|
|
|
|
|
TmpUrls[url] = struct{}{}
|
|
|
|
|
if url != "" {
|
|
|
|
|
Urls = append(Urls, url)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
}
|
2022-04-20 17:45:27 +08:00
|
|
|
if PortFile != "" {
|
|
|
|
|
ports, err := Readfile(PortFile)
|
|
|
|
|
if err == nil {
|
|
|
|
|
newport := ""
|
|
|
|
|
for _, port := range ports {
|
|
|
|
|
if port != "" {
|
|
|
|
|
newport += port + ","
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-13 16:23:19 +08:00
|
|
|
Ports = newport
|
2022-04-20 17:45:27 +08:00
|
|
|
}
|
|
|
|
|
}
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Readfile(filename string) ([]string, error) {
|
|
|
|
|
file, err := os.Open(filename)
|
|
|
|
|
if err != nil {
|
2021-03-01 21:59:47 +08:00
|
|
|
fmt.Printf("Open %s error, %v\n", filename, err)
|
2020-12-29 17:17:10 +08:00
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
|
|
|
|
defer file.Close()
|
|
|
|
|
var content []string
|
|
|
|
|
scanner := bufio.NewScanner(file)
|
|
|
|
|
scanner.Split(bufio.ScanLines)
|
|
|
|
|
for scanner.Scan() {
|
|
|
|
|
text := strings.TrimSpace(scanner.Text())
|
|
|
|
|
if text != "" {
|
|
|
|
|
content = append(content, scanner.Text())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return content, nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
func ParseInput(Info *Config.HostInfo) {
|
2021-03-04 14:42:10 +08:00
|
|
|
if Info.Host == "" && HostFile == "" && URL == "" && UrlFile == "" {
|
2020-12-29 17:17:10 +08:00
|
|
|
fmt.Println("Host is none")
|
|
|
|
|
flag.Usage()
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
2021-03-30 22:30:16 +08:00
|
|
|
|
2022-04-28 17:02:48 +08:00
|
|
|
if BruteThread <= 0 {
|
|
|
|
|
BruteThread = 1
|
|
|
|
|
}
|
2022-11-30 10:49:02 +08:00
|
|
|
|
2021-02-05 14:43:07 +08:00
|
|
|
if TmpSave == true {
|
2020-12-29 17:17:10 +08:00
|
|
|
IsSave = false
|
|
|
|
|
}
|
2022-07-02 17:25:15 +08:00
|
|
|
|
2023-11-13 16:23:19 +08:00
|
|
|
if Ports == DefaultPorts {
|
|
|
|
|
Ports += "," + Webport
|
2021-04-21 00:13:04 +08:00
|
|
|
}
|
2021-12-07 17:01:21 +08:00
|
|
|
|
|
|
|
|
if PortAdd != "" {
|
2023-11-13 16:23:19 +08:00
|
|
|
if strings.HasSuffix(Ports, ",") {
|
|
|
|
|
Ports += PortAdd
|
2021-12-07 17:01:21 +08:00
|
|
|
} else {
|
2023-11-13 16:23:19 +08:00
|
|
|
Ports += "," + PortAdd
|
2021-12-07 17:01:21 +08:00
|
|
|
}
|
|
|
|
|
}
|
2022-01-07 10:51:36 +08:00
|
|
|
|
|
|
|
|
if UserAdd != "" {
|
|
|
|
|
user := strings.Split(UserAdd, ",")
|
2022-07-03 23:41:39 +08:00
|
|
|
for a := range Userdict {
|
2022-01-07 10:51:36 +08:00
|
|
|
Userdict[a] = append(Userdict[a], user...)
|
|
|
|
|
Userdict[a] = RemoveDuplicate(Userdict[a])
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if PassAdd != "" {
|
|
|
|
|
pass := strings.Split(PassAdd, ",")
|
|
|
|
|
Passwords = append(Passwords, pass...)
|
|
|
|
|
Passwords = RemoveDuplicate(Passwords)
|
|
|
|
|
}
|
2022-07-02 17:25:15 +08:00
|
|
|
if Socks5Proxy != "" && !strings.HasPrefix(Socks5Proxy, "socks5://") {
|
2022-11-19 17:04:13 +08:00
|
|
|
if !strings.Contains(Socks5Proxy, ":") {
|
|
|
|
|
Socks5Proxy = "socks5://127.0.0.1" + Socks5Proxy
|
|
|
|
|
} else {
|
|
|
|
|
Socks5Proxy = "socks5://" + Socks5Proxy
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if Socks5Proxy != "" {
|
|
|
|
|
fmt.Println("Socks5Proxy:", Socks5Proxy)
|
|
|
|
|
_, err := url.Parse(Socks5Proxy)
|
|
|
|
|
if err != nil {
|
|
|
|
|
fmt.Println("Socks5Proxy parse error:", err)
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
2022-08-16 15:10:09 +08:00
|
|
|
NoPing = true
|
2022-07-02 17:25:15 +08:00
|
|
|
}
|
2022-11-19 17:04:13 +08:00
|
|
|
if Proxy != "" {
|
|
|
|
|
if Proxy == "1" {
|
|
|
|
|
Proxy = "http://127.0.0.1:8080"
|
|
|
|
|
} else if Proxy == "2" {
|
|
|
|
|
Proxy = "socks5://127.0.0.1:1080"
|
|
|
|
|
} else if !strings.Contains(Proxy, "://") {
|
|
|
|
|
Proxy = "http://127.0.0.1:" + Proxy
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("Proxy:", Proxy)
|
|
|
|
|
if !strings.HasPrefix(Proxy, "socks") && !strings.HasPrefix(Proxy, "http") {
|
|
|
|
|
fmt.Println("no support this proxy")
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
|
|
|
|
_, err := url.Parse(Proxy)
|
|
|
|
|
if err != nil {
|
|
|
|
|
fmt.Println("Proxy parse error:", err)
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if Hash != "" && len(Hash) != 32 {
|
|
|
|
|
fmt.Println("[-] Hash is error,len(hash) must be 32")
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
} else {
|
2024-08-29 15:12:30 +08:00
|
|
|
Hashs = append(Hashs, Hash)
|
|
|
|
|
}
|
|
|
|
|
Hashs = RemoveDuplicate(Hashs)
|
|
|
|
|
for _, hash := range Hashs {
|
|
|
|
|
hashbyte, err := hex.DecodeString(Hash)
|
2022-11-19 17:04:13 +08:00
|
|
|
if err != nil {
|
2024-08-29 15:12:30 +08:00
|
|
|
fmt.Println("[-] Hash is error,hex decode error ", hash)
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
HashBytes = append(HashBytes, hashbyte)
|
2022-11-19 17:04:13 +08:00
|
|
|
}
|
|
|
|
|
}
|
2024-08-29 15:12:30 +08:00
|
|
|
Hashs = []string{}
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
|
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
// ParseScantype 解析扫描类型并设置对应的端口
|
|
|
|
|
func ParseScantype(Info *Config.HostInfo) error {
|
|
|
|
|
// 先处理特殊扫描类型
|
|
|
|
|
specialTypes := map[string]string{
|
|
|
|
|
"hostname": "135,137,139,445",
|
|
|
|
|
"webonly": Webport,
|
|
|
|
|
"webpoc": Webport,
|
|
|
|
|
"web": Webport,
|
|
|
|
|
"portscan": DefaultPorts + "," + Webport,
|
|
|
|
|
"main": DefaultPorts,
|
|
|
|
|
"all": DefaultPorts + "," + Webport,
|
|
|
|
|
"icmp": "", // ICMP不需要端口
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
2024-12-18 15:19:27 +08:00
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
// 如果是特殊扫描类型
|
|
|
|
|
if customPorts, isSpecial := specialTypes[Scantype]; isSpecial {
|
|
|
|
|
if Scantype != "all" && Ports == DefaultPorts+","+Webport {
|
|
|
|
|
Ports = customPorts
|
2021-10-11 17:58:26 +08:00
|
|
|
}
|
2024-12-18 21:56:08 +08:00
|
|
|
fmt.Printf("[*] 扫描类型: %s, 目标端口: %s\n", Scantype, Ports)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2024-12-18 15:19:27 +08:00
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
// 检查是否是注册的插件类型
|
|
|
|
|
plugin, validType := Config.PluginManager[Scantype]
|
|
|
|
|
if !validType {
|
|
|
|
|
showmode()
|
|
|
|
|
return fmt.Errorf("无效的扫描类型: %s", Scantype)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 如果是插件扫描且使用默认端口配置
|
|
|
|
|
if Ports == DefaultPorts+","+Webport {
|
|
|
|
|
if plugin.Port > 0 {
|
|
|
|
|
Ports = strconv.Itoa(plugin.Port)
|
|
|
|
|
}
|
|
|
|
|
fmt.Printf("[*] 扫描类型: %s, 目标端口: %s\n", plugin.Name, Ports)
|
2020-12-29 17:17:10 +08:00
|
|
|
}
|
2020-12-30 21:30:36 +08:00
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
return nil
|
|
|
|
|
}
|
2024-12-18 15:19:27 +08:00
|
|
|
|
2024-12-18 21:56:08 +08:00
|
|
|
// showmode 显示所有支持的扫描类型
|
2021-03-09 17:21:27 +08:00
|
|
|
func showmode() {
|
2024-12-18 21:56:08 +08:00
|
|
|
fmt.Println("[!] 指定的扫描类型不存在")
|
|
|
|
|
fmt.Println("[*] 支持的扫描类型:")
|
|
|
|
|
|
|
|
|
|
// 显示常规服务扫描类型
|
|
|
|
|
fmt.Println("\n[+] 常规服务扫描:")
|
|
|
|
|
for name, plugin := range Config.PluginManager {
|
|
|
|
|
if plugin.Port > 0 && plugin.Port < 1000000 {
|
|
|
|
|
fmt.Printf(" - %-10s (端口: %d)\n", name, plugin.Port)
|
|
|
|
|
}
|
2021-03-09 17:21:27 +08:00
|
|
|
}
|
2024-12-18 21:56:08 +08:00
|
|
|
|
|
|
|
|
// 显示特殊漏洞扫描类型
|
|
|
|
|
fmt.Println("\n[+] 特殊漏洞扫描:")
|
|
|
|
|
for name, plugin := range Config.PluginManager {
|
|
|
|
|
if plugin.Port >= 1000000 || plugin.Port == 0 {
|
|
|
|
|
fmt.Printf(" - %-10s\n", name)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 显示其他扫描类型
|
|
|
|
|
fmt.Println("\n[+] 其他扫描类型:")
|
|
|
|
|
specialTypes := []string{"all", "portscan", "icmp", "main", "webonly", "webpoc"}
|
|
|
|
|
for _, name := range specialTypes {
|
|
|
|
|
fmt.Printf(" - %s\n", name)
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-09 17:21:27 +08:00
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
