From 2a54e60727eb8722938ccbf2744080e3530b5e97 Mon Sep 17 00:00:00 2001 From: sairson Date: Tue, 15 Mar 2022 14:36:17 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0ips=E6=94=AF=E6=8C=81127.0.0.?= =?UTF-8?q?1:8080=E6=A0=BC=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Yasso.json | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++- cmd/all.go | 4 ++-- cmd/brute.go | 2 +- cmd/icmp.go | 16 ++++++++++++++-- cmd/ps.go | 15 +++++++++++++-- cmd/vuln.go | 4 ++++ ips.txt | 3 +++ 7 files changed, 88 insertions(+), 8 deletions(-) diff --git a/Yasso.json b/Yasso.json index 425cee6..715cb3b 100644 --- a/Yasso.json +++ b/Yasso.json @@ -1 +1,51 @@ -[{"HostName":"192.168.248.1","Ports":[8089,135,80,5985,139,445,3306],"WeakPass":[{"smb":{"administrator":"930517"}},{"mysql":{"root":"root"}}],"Web":["200 http://192.168.248.1 [Nginx] Index of /","200 http://192.168.248.1:8089 None"]},{"HostName":"192.168.248.212","Ports":[445,80,135,139,3389,5985],"WeakPass":[{"smb":{"administrator":"P@ssw0rd"}}],"Web":["200 http://192.168.248.212 [IIS] IIS Windows Server"]},{"HostName":"192.168.248.219","Ports":[22,27017,21,5432,6379,11211],"WeakPass":[{"ssh":{"root":"kali"}},{"mongodb":{"null":"null"}},{"mongodb":{"admin":"123456"}},{"ftp":{"kali":"kali"}},{"postgres":{"admin":"admin@123"}},{"redis":{"null":"null"}},{"Memcached":{"null":"null"}}],"Web":null}] \ No newline at end of file +[ + { + "HostName": "192.168.248.219", + "Ports": [ + 21, + 27017, + 6379, + 22, + 11211, + 5432 + ], + "WeakPass": [ + { + "ftp": { + "kali": "kali" + } + }, + { + "mongodb": { + "null": "null" + } + }, + { + "mongodb": { + "admin": "123456" + } + }, + { + "redis": { + "null": "null" + } + }, + { + "ssh": { + "root": "kali" + } + }, + { + "Memcached": { + "null": "null" + } + }, + { + "postgres": { + "admin": "admin@123" + } + } + ], + "Web": null + } +] \ No newline at end of file diff --git a/cmd/all.go b/cmd/all.go index 18e9ee1..7c504b0 100644 --- a/cmd/all.go +++ b/cmd/all.go @@ -64,10 +64,10 @@ func allRun(hostString string, portString string, jsonbool bool, runtime int, no fmt.Println("----- [Yasso] Start do ping scan -----") alive = execute(ips, RunICMP) } - fmt.Println("[Yasoo get alive host] is", len(alive)) + fmt.Println("[Yasso get alive host] is", len(alive)) // 做漏洞扫描 var out []JsonOut - + //TODO: if len(alive) > 0 { fmt.Println("----- [Yasso] Start do vuln scan -----") VulScan(alive, false, true, false) // 做漏洞扫描 diff --git a/cmd/brute.go b/cmd/brute.go index 7f3326e..c40560c 100644 --- a/cmd/brute.go +++ b/cmd/brute.go @@ -229,7 +229,7 @@ func ReadTextToDic(service, user, pass string) ([]string, []string) { userdic = config.Userdict[service] passdic = config.Passwords ) - // 入过不包含.txt的话,按照用户名和密码来算。其中 + // 如果不包含.txt的话,按照用户名和密码来算。其中 if user != "" && !strings.Contains(user, ".txt") { userdic = strings.Split(user, ",") } diff --git a/cmd/icmp.go b/cmd/icmp.go index eac0410..c734578 100644 --- a/cmd/icmp.go +++ b/cmd/icmp.go @@ -47,13 +47,25 @@ func execute(ips []string, r bool) []string { var wg sync.WaitGroup // 修改ants池的并发方式 p, _ := ants.NewPoolWithFunc(len(ips), func(ip interface{}) { + var ipt string if r == true { - if icmp(ip.(string)) { + // 127.0.0.1:8080格式 + if strings.Contains(ip.(string), ":") { + ipt = strings.Split(ip.(string), ":")[0] + } else { + ipt = ip.(string) + } + if icmp(ipt) { Println(fmt.Sprintf("[+] Find %v (icmp)", ip)) Alive = append(Alive, ip.(string)) } } else { - if ping(ip.(string)) { + if strings.Contains(ip.(string), ":") { + ipt = strings.Split(ip.(string), ":")[0] + } else { + ipt = ip.(string) + } + if ping(ipt) { Println(fmt.Sprintf("[+] Find %v (ping)", ip)) Alive = append(Alive, ip.(string)) } diff --git a/cmd/ps.go b/cmd/ps.go index cdf246d..bb2b8c8 100644 --- a/cmd/ps.go +++ b/cmd/ps.go @@ -6,6 +6,8 @@ import ( "github.com/spf13/cobra" "math" "net" + "strconv" + "strings" "sync" "time" ) @@ -74,8 +76,17 @@ func PortScan(host []string, ports []int) []PortResult { }) }) for _, ip := range host { - wg.Add(1) - _ = p.Invoke(ip) + if strings.Contains(ip, ":") { + addr := strings.Split(ip, ":")[0] + port, _ := strconv.Atoi(strings.Split(ip, ":")[1]) + if portConn(addr, port) { + Println(fmt.Sprintf("[+] %v %v open", addr, port)) + tempPort = append(tempPort, PortResult{addr, []int{port}}) + } + } else { + wg.Add(1) + _ = p.Invoke(ip) + } } wg.Wait() return tempPort diff --git a/cmd/vuln.go b/cmd/vuln.go index 334c8d9..be8bd5d 100644 --- a/cmd/vuln.go +++ b/cmd/vuln.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/panjf2000/ants/v2" "github.com/spf13/cobra" + "strings" "sync" ) @@ -67,6 +68,9 @@ func VulScan(ips []string, ms17010bool bool, allbool bool, smbGohstbool bool) { }) for _, ip := range ips { + if strings.Contains(ip, ":") && !strings.Contains(ip, ":445") { + continue + } wg.Add(1) _ = p.Invoke(ip) } diff --git a/ips.txt b/ips.txt index 850cd61..881c59d 100644 --- a/ips.txt +++ b/ips.txt @@ -2,3 +2,6 @@ 192.168.248.219 192.168.248.212 192.168.248.128 +127.0.0.1:445 +127.0.0.1:5985 +