backup/Yasso
1
0
Fork 0
mirror of https://github.com/sairson/Yasso.git synced 2026-02-12 06:45:12 +08:00
Code Issues Projects Releases Wiki Activity

增加ips支持127.0.0.1:8080格式

Browse Source
This commit is contained in:
sairson
2022-03-15 14:36:17 +08:00
parent 213e8e55f1
commit 2a54e60727
7 changed files with 88 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
Yasso.json
View File

@@ -1 +1,51 @@
[{"HostName":"192.168.248.1","Ports":[8089,135,80,5985,139,445,3306],"WeakPass":[{"smb":{"administrator":"930517"}},{"mysql":{"root":"root"}}],"Web":["200 http://192.168.248.1 [Nginx] Index of /","200 http://192.168.248.1:8089 None"]},{"HostName":"192.168.248.212","Ports":[445,80,135,139,3389,5985],"WeakPass":[{"smb":{"administrator":"P@ssw0rd"}}],"Web":["200 http://192.168.248.212 [IIS] IIS Windows Server"]},{"HostName":"192.168.248.219","Ports":[22,27017,21,5432,6379,11211],"WeakPass":[{"ssh":{"root":"kali"}},{"mongodb":{"null":"null"}},{"mongodb":{"admin":"123456"}},{"ftp":{"kali":"kali"}},{"postgres":{"admin":"admin@123"}},{"redis":{"null":"null"}},{"Memcached":{"null":"null"}}],"Web":null}]
[
{
"HostName": "192.168.248.219",
"Ports": [
21,
27017,
6379,
22,
11211,
5432
],
"WeakPass": [
{
"ftp": {
"kali": "kali"
}
},
{
"mongodb": {
"null": "null"
}
},
{
"mongodb": {
"admin": "123456"
}
},
{
"redis": {
"null": "null"
}
},
{
"ssh": {
"root": "kali"
}
},
{
"Memcached": {
"null": "null"
}
},
{
"postgres": {
"admin": "admin@123"
}
}
],
"Web": null
}
]

4
cmd/all.go
View File

@@ -64,10 +64,10 @@ func allRun(hostString string, portString string, jsonbool bool, runtime int, no
fmt.Println("----- [Yasso] Start do ping scan -----")
alive = execute(ips, RunICMP)
}
fmt.Println("[Yasoo get alive host] is", len(alive))
fmt.Println("[Yasso get alive host] is", len(alive))
// 做漏洞扫描
var out []JsonOut
//TODO:
if len(alive) > 0 {
fmt.Println("----- [Yasso] Start do vuln scan -----")
VulScan(alive, false, true, false) // 做漏洞扫描

2
cmd/brute.go
View File

@@ -229,7 +229,7 @@ func ReadTextToDic(service, user, pass string) ([]string, []string) {
userdic = config.Userdict[service]
passdic = config.Passwords
)
// 入过不包含.txt的话按照用户名和密码来算。其中
// 如果不包含.txt的话按照用户名和密码来算。其中
if user != "" && !strings.Contains(user, ".txt") {
userdic = strings.Split(user, ",")
}

16
cmd/icmp.go
View File

@@ -47,13 +47,25 @@ func execute(ips []string, r bool) []string {
var wg sync.WaitGroup
// 修改ants池的并发方式
p, _ := ants.NewPoolWithFunc(len(ips), func(ip interface{}) {
var ipt string
if r == true {
if icmp(ip.(string)) {
// 127.0.0.1:8080格式
if strings.Contains(ip.(string), ":") {
ipt = strings.Split(ip.(string), ":")[0]
} else {
ipt = ip.(string)
}
if icmp(ipt) {
Println(fmt.Sprintf("[+] Find %v (icmp)", ip))
Alive = append(Alive, ip.(string))
}
} else {
if ping(ip.(string)) {
if strings.Contains(ip.(string), ":") {
ipt = strings.Split(ip.(string), ":")[0]
} else {
ipt = ip.(string)
}
if ping(ipt) {
Println(fmt.Sprintf("[+] Find %v (ping)", ip))
Alive = append(Alive, ip.(string))
}

15
cmd/ps.go
View File

@@ -6,6 +6,8 @@ import (
"github.com/spf13/cobra"
"math"
"net"
"strconv"
"strings"
"sync"
"time"
)
@@ -74,8 +76,17 @@ func PortScan(host []string, ports []int) []PortResult {
})
})
for _, ip := range host {
wg.Add(1)
_ = p.Invoke(ip)
if strings.Contains(ip, ":") {
addr := strings.Split(ip, ":")[0]
port, _ := strconv.Atoi(strings.Split(ip, ":")[1])
if portConn(addr, port) {
Println(fmt.Sprintf("[+] %v %v open", addr, port))
tempPort = append(tempPort, PortResult{addr, []int{port}})
}
} else {
wg.Add(1)
_ = p.Invoke(ip)
}
}
wg.Wait()
return tempPort

4
cmd/vuln.go
View File

@@ -5,6 +5,7 @@ import (
"fmt"
"github.com/panjf2000/ants/v2"
"github.com/spf13/cobra"
"strings"
"sync"
)
@@ -67,6 +68,9 @@ func VulScan(ips []string, ms17010bool bool, allbool bool, smbGohstbool bool) {
})
for _, ip := range ips {
if strings.Contains(ip, ":") && !strings.Contains(ip, ":445") {
continue
}
wg.Add(1)
_ = p.Invoke(ip)
}

3
ips.txt
View File

@@ -2,3 +2,6 @@
192.168.248.219
192.168.248.212
192.168.248.128
127.0.0.1:445
127.0.0.1:5985