diff --git a/Plugins/portscan.go b/Plugins/portscan.go index 90f6292..cf0f1b5 100644 --- a/Plugins/portscan.go +++ b/Plugins/portscan.go @@ -9,93 +9,58 @@ import ( "time" ) -func ProbeHosts(host string, ports <-chan int, respondingHosts chan<- string, done chan<- bool, adjustedTimeout int64) { - for port := range ports { - con, err := net.DialTimeout("tcp4", fmt.Sprintf("%s:%d", host, port), time.Duration(adjustedTimeout)*time.Second) - if err == nil { - con.Close() - address := host + ":" + strconv.Itoa(port) - result := fmt.Sprintf("%s open", address) - common.LogSuccess(result) - respondingHosts <- address - } - } - done <- true +type Addr struct { + ip string + port int } -func ScanAllports(address string, probePorts []int, threads int, adjustedTimeout int64) ([]string, error) { - ports := make(chan int, 20) - results := make(chan string) - done := make(chan bool, threads) - - for worker := 0; worker < threads; worker++ { - go ProbeHosts(address, ports, results, done, adjustedTimeout) - } - - for _, port := range probePorts { - ports <- port - } - close(ports) - - var responses = []string{} - for { - select { - case found := <-results: - responses = append(responses, found) - case <-done: - threads-- - if threads == 0 { - return responses, nil - } - } - } -} - -func TCPportScan(hostslist []string, ports string, timeout int64) []string { +func PortScan(hostslist []string, ports string, timeout int64) []string { var AliveAddress []string probePorts := common.ParsePort(ports) - lm := 20 - if len(hostslist) > 5 && len(hostslist) <= 50 { - lm = 40 - } else if len(hostslist) > 50 && len(hostslist) <= 100 { - lm = 50 - } else if len(hostslist) > 100 && len(hostslist) <= 150 { - lm = 60 - } else if len(hostslist) > 150 && len(hostslist) <= 200 { - lm = 70 - } else if len(hostslist) > 200 { - lm = 75 - } - - thread := 10 - if len(probePorts) > 500 && len(probePorts) <= 4000 { - thread = len(probePorts) / 100 - } else if len(probePorts) > 4000 && len(probePorts) <= 6000 { - thread = len(probePorts) / 200 - } else if len(probePorts) > 6000 && len(probePorts) <= 10000 { - thread = len(probePorts) / 350 - } else if len(probePorts) > 10000 && len(probePorts) < 50000 { - thread = len(probePorts) / 400 - } else if len(probePorts) >= 50000 && len(probePorts) <= 65535 { - thread = len(probePorts) / 500 - } - + workers := common.Threads + Addrs := make(chan Addr) + results := make(chan string) var wg sync.WaitGroup - mutex := &sync.Mutex{} - limiter := make(chan struct{}, lm) - for _, host := range hostslist { - wg.Add(1) - limiter <- struct{}{} - go func(host string) { - defer wg.Done() - if aliveAdd, err := ScanAllports(host, probePorts, thread, timeout); err == nil && len(aliveAdd) > 0 { - mutex.Lock() - AliveAddress = append(AliveAddress, aliveAdd...) - mutex.Unlock() + + //接收结果 + go func() { + for found := range results { + AliveAddress = append(AliveAddress, found) + } + }() + + //多线程扫描 + for i := 0; i < workers; i++ { + go func() { + for addr := range Addrs { + PortConnect(addr, results, timeout) + wg.Done() } - <-limiter - }(host) + }() } + + //添加扫描目标 + for _, host := range hostslist { + for _, port := range probePorts { + Addrs <- Addr{host, port} + wg.Add(1) + } + } + wg.Wait() + close(Addrs) + close(results) return AliveAddress } + +func PortConnect(addr Addr, respondingHosts chan<- string, adjustedTimeout int64) { + host, port := addr.ip, addr.port + con, err := net.DialTimeout("tcp4", fmt.Sprintf("%s:%d", host, port), time.Duration(adjustedTimeout)*time.Second) + if err == nil { + con.Close() + address := host + ":" + strconv.Itoa(port) + result := fmt.Sprintf("%s open", address) + common.LogSuccess(result) + respondingHosts <- address + } +} diff --git a/Plugins/scanner.go b/Plugins/scanner.go index e297233..1da7391 100644 --- a/Plugins/scanner.go +++ b/Plugins/scanner.go @@ -25,7 +25,7 @@ func Scan(info common.HostInfo) { if info.Scantype == "icmp" { return } - AlivePorts := TCPportScan(Hosts, info.Ports, info.Timeout) + AlivePorts := PortScan(Hosts, info.Ports, info.Timeout) if info.Scantype == "portscan" { return } diff --git a/common/flag.go b/common/flag.go index 640344f..90fcfed 100644 --- a/common/flag.go +++ b/common/flag.go @@ -27,7 +27,7 @@ func Flag(Info *HostInfo) { flag.StringVar(&Info.Password, "pwd", "", "password") flag.Int64Var(&Info.Timeout, "time", 3, "Set timeout") flag.StringVar(&Info.Scantype, "m", "all", "Select scan type ,as: -m ssh") - flag.IntVar(&Threads, "t", 200, "Thread nums") + flag.IntVar(&Threads, "t", 600, "Thread nums") flag.StringVar(&HostFile, "hf", "", "host file, -hs ip.txt") flag.StringVar(&Userfile, "userf", "", "username file") flag.StringVar(&Passfile, "pwdf", "", "password file")