├── .gitignore
├── language
    ├── zh.js
    ├── en.js
    └── index.js
├── package.json
├── README.md
├── payload.js
└── index.js


/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_*
2 | 


--------------------------------------------------------------------------------
/language/zh.js:
--------------------------------------------------------------------------------
 1 | module.exports = {
 2 |   title: "出网探测",
 3 |   success: "操作成功",
 4 |   error: "操作失败",
 5 |   tips: {
 6 |     init: '点击开始按钮检测',
 7 |     checking: '检测中...',
 8 |   },
 9 |   toolbar: {
10 |     start: "开始",
11 |     reset: "重置",
12 |   },
13 | }
14 | 


--------------------------------------------------------------------------------
/language/en.js:
--------------------------------------------------------------------------------
 1 | module.exports = {
 2 |   title: "Out-of-Network",
 3 |   success: "success",
 4 |   error: "fail",
 5 |   tips: {
 6 |     init: 'Press Start Checking',
 7 |     checking: 'Checking...',
 8 |   },
 9 |   toolbar: {
10 |     start: "Start",
11 |     reset: "Reset",
12 |   },
13 | }
14 | 


--------------------------------------------------------------------------------
/language/index.js:
--------------------------------------------------------------------------------
 1 | 'use strict';
 2 | 
 3 | const languages = {
 4 |   'en': 'English',
 5 |   'zh': '简体中文'
 6 | }
 7 | 
 8 | // 获取本地设置语言（如若没有，则获取浏览器语言
 9 | let lang = antSword['storage']('language',
10 |   false,
11 |   navigator.language.substr(0,2)
12 | );
13 | 
14 | // 判断本地设置语言是否符合语言模板
15 | lang = languages[lang] ? lang : 'en';
16 | 
17 | // 返回语言模板
18 | let langModule = require(`./${lang}`);
19 | langModule.__languages__ = languages;
20 | 
21 | module.exports = langModule;
22 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "出网探测",
 3 |   "name_en": "Out-of-Network",
 4 |   "main": "index.js",
 5 |   "icon": "soundcloud",
 6 |   "version": "0.2",
 7 |   "description": "检测目标访问外网情况",
 8 |   "description_en": "Detect the target's access to the external network.",
 9 |   "author": {
10 |     "name": "user",
11 |     "email": "user@u0u.us"
12 |   },
13 |   "category": "信息获取",
14 |   "category_en": "information",
15 |   "multiple": false,
16 |   "scripts": [
17 |     "php",
18 |     "php4",
19 |     "phpraw",
20 |     "jsp",
21 |     "jspjs",
22 |     "aspx"
23 |   ]
24 | }


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # AntSword Out-of-Network
 2 | 
 3 | > AntSword 检测目标访问外网情况插件
 4 | 
 5 | 快速探测目标出外网情况
 6 | 
 7 | * HTTP(TCP)
 8 | * DNS
 9 | * UDP
10 | 
11 | ## 演示
12 | 
13 | 点击开始按纽后，输出如下:
14 | 
15 | ```
16 | [*][HTTP] Try to send HTTP request
17 | [+][HTTP][Success][http://220.181.38.148]
18 | [*][UDP] Try to send UDP request
19 | [+][UDP][Success][8.8.8.8:53]
20 | [*][DNS] Try to resolve qq.com with system nameserver
21 | [+][DNS][Success][qq.com]
22 | 	qq.com: 61.129.7.47
23 | 	qq.com: 123.151.137.18
24 | 	qq.com: 183.3.226.35
25 | 
26 | ```
27 | 
28 | 
29 | ## 安装
30 | 
31 | ### 商店安装
32 | 
33 | 进入 AntSword 插件中心，选择 Out-of-Network，点击安装
34 | 
35 | ### 手动安装
36 | 
37 | 1. 获取源代码
38 | 
39 | 	```
40 | 	git clone https://github.com/Medicean/as_Out-of-Network.git
41 | 	```
42 | 	
43 | 	或者
44 | 	
45 | 	点击 [这里](https://github.com/Medicean/as_Out-of-Network/archive/master.zip) 下载源代码，并解压。
46 | 
47 | 2. 拷贝源代码至插件目录
48 | 
49 |     将插件目录拷贝至 `antSword/antData/plugins/` 目录下即安装成功
50 | 
51 | ## 相关链接
52 | 
53 | * [AntSword 文档](http://doc.u0u.us)
54 | * [dhtmlx 文档](http://docs.dhtmlx.com/)
55 | 


--------------------------------------------------------------------------------
/payload.js:
--------------------------------------------------------------------------------
1 | 'use strict'
2 | 
3 | module.exports = {
4 |   jsp: 'yv66vgAAADEBjgoAcgCyCQCPALMJAI8AtAgAtQkAjwC2CAC3CQCPALgIALkJAI8AugoAjwC7BwC8CgALALIIAL0IAL4IAL8IAMALAGwAwQsAawDCCwBsAMILAGsAwwoAjwDECQCPAMUKAI8AxgoACwDHBwDIBwDJCgAaALIIAMoKABoAywoAGQDMCgAaAMwLAGwAzQoACwDMCgCPAM4KAM8A0AoA0QDSCgAnANMKACcA1AcA1QoAjwDWCgAnANcIANgKAAsA2QoAJwDaCgALANsKAI8A3AoAjwDdCADeCgCPAN8IAOAIAOEIAOIIAOMIAOQIAOUIAOYKAI8A5wgA6AoAJwDpCADqCADrCADsCADtCADuCgAZAO8IAPAHAPEKAEMA2QoAQwDyCgDzAPQHAPUKAEcA9goARwD3CgBDAPgKAEMA+QoAQwD6CgBHAPsKAI8A/AgA/QgA/ggA/wgBAAgBAQcBAgoAVAEDCgBUAQQHAQUKAFcBBgoAVwEHCgBXAQgKAFcBCQgBCgoAVwELCAEMCAENCAEOCgDzAQ8IARAIAREKABoBEggBEwgBFAgBFQoAcgEWCgBwARcHARgHARkHARoIARsKAHABHAgBHQcBHgoAcAEfBwEgCgEhASIIASMIAJAKAHABJAoBJQEmCgElAScIAJIHASgIASkHASoJANEBKwoBIQEmCgBwASwKANEBLQoAcAEuCgEvATAKAHIAzAgBMQoBMgEzCAE0CgAnATUIATYIATcKAHABOAgAnwgBOQgBOgoAcAE7BwE8AQAHcmVxdWVzdAEAJ0xqYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0OwEACHJlc3BvbnNlAQAoTGphdmF4L3NlcnZsZXQvaHR0cC9IdHRwU2VydmxldFJlc3BvbnNlOwEAB2VuY29kZXIBABJMamF2YS9sYW5nL1N0cmluZzsBAAJjcwEADHJhbmRvbVByZWZpeAEAEGRlY29kZXJDbGFzc2RhdGEBAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQAGZXF1YWxzAQAVKExqYXZhL2xhbmcvT2JqZWN0OylaAQAGZGVjb2RlAQAmKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZzsBAApFeGNlcHRpb25zAQAKYnl0ZXNUb0hleAEAFihbQilMamF2YS9sYW5nL1N0cmluZzsBAAVDaGVjawEAFCgpTGphdmEvbGFuZy9TdHJpbmc7AQAIY2hlY2tVRFABAAZ1ZHBHZXQBADkoTGphdmEvbGFuZy9TdHJpbmc7TGphdmEvbGFuZy9TdHJpbmc7SSlMamF2YS9sYW5nL1N0cmluZzsBAAljaGVja0hUVFABAAhjaGVja0ROUwEACHBhcnNlT2JqAQAVKExqYXZhL2xhbmcvT2JqZWN0OylWAQAIYXNvdXRwdXQBABJCYXNlNjREZWNvZGVUb0J5dGUBABYoTGphdmEvbGFuZy9TdHJpbmc7KVtCAQAKU291cmNlRmlsZQEAEU91dE9mTmV0d29yay5qYXZhDACZAJoMAJAAkQwAkgCTAQAGYmFzZTY0DACUAJUBAA9hbnRzd29yZENoYXJzZXQMAJYAlQEAFGFudHN3b3JkcmFuZG9tUHJlZml4DACXAJUMAKsArAEAFmphdmEvbGFuZy9TdHJpbmdCdWZmZXIBAAMtPnwBAAN8PC0BABJhbnRzd29yZGFyZ2RlY29kZXIBAAl0ZXh0L2h0bWwMAT0BPgwBPwE+DAFAAKAMAJ8AoAwAmACVDACkAKUMAUEBQgEAE2phdmEvbGFuZy9FeGNlcHRpb24BABdqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcgEACUVSUk9SOi8vIAwBQQFDDAFEAKUMAUUBRgwArQCgBwFHDAFIAT4HAUkMAUoBSwwBTAFNDACdAJ4BABBqYXZhL2xhbmcvU3RyaW5nDACuAK8MAJkBTgEAEDAxMjM0NTY3ODlBQkNERUYMAJkBTwwBUAFRDAFBAVIMAKkApQwApgClAQAGcXEuY29tDACqAKABACFbKl1bVURQXSBUcnkgdG8gc2VuZCBVRFAgcmVxdWVzdAoBACBtMVFCQUFBQkFBQUFBQUFBQW5GeEEyTnZiUUFBQVFBQgEADzExNC4xMTQuMTE0LjExNAEACTIyMy41LjUuNQEABzguOC44LjgBAAc5LjkuOS45AQAADACnAKgBAAw3MTcxMDM2MzZGNkQMAVMBSwEAElsrXVtVRFBdW1N1Y2Nlc3NdWwEABTo1M10KAQAPWy1dW1VEUF1bRmFpbF1bAQAQWy1dW1VEUF1bRVJST1JdWwEABTo1M11bDAFUAKUBAAJdCgEAF2phdmEvbmV0L0RhdGFncmFtU29ja2V0DAFVAU8HAVYMAVcBWAEAF2phdmEvbmV0L0RhdGFncmFtUGFja2V0DACZAVkMAJkBWgwBWwFcDAFdAVwMAV4AmgwBXwFgDACiAKMBACNbKl1bSFRUUF0gVHJ5IHRvIHNlbmQgSFRUUCByZXF1ZXN0CgEADjIyMC4xODEuMzguMTQ4AQAMMzkuMTU2LjY5Ljc5AQANd3d3LmJhaWR1LmNvbQEAB2h0dHA6Ly8BAAxqYXZhL25ldC9VUkwMAJkBPgwBYQFiAQAaamF2YS9uZXQvSHR0cFVSTENvbm5lY3Rpb24MAWMBTwwBZAFPDAFlAJoMAWYBZwEAE1srXVtIVFRQXVtTdWNjZXNzXVsMAWgAmgEAEVstXVtIVFRQXVtFcnJvcl1bAQAYWypdW0ROU10gVHJ5IHRvIHJlc29sdmUgAQAYIHdpdGggc3lzdGVtIG5hbWVzZXJ2ZXIKDAFpAWoBABJbK11bRE5TXVtTdWNjZXNzXVsBAAEJDAFBAWsBAAEKAQAQWy1dW0ROU11bRVJST1JdWwEAAl1bDAFsAW0MAW4BbwEAE1tMamF2YS9sYW5nL09iamVjdDsBACVqYXZheC9zZXJ2bGV0L2h0dHAvSHR0cFNlcnZsZXRSZXF1ZXN0AQAmamF2YXgvc2VydmxldC9odHRwL0h0dHBTZXJ2bGV0UmVzcG9uc2UBAB1qYXZheC5zZXJ2bGV0LmpzcC5QYWdlQ29udGV4dAwBcAFxAQAKZ2V0UmVxdWVzdAEAD2phdmEvbGFuZy9DbGFzcwwBcgFzAQAQamF2YS9sYW5nL09iamVjdAcBdAwBdQF2AQALZ2V0UmVzcG9uc2UMAXcBeAcBeQwBegF7DAF8AX0BABVqYXZhL2xhbmcvQ2xhc3NMb2FkZXIBAAtkZWZpbmVDbGFzcwEAAltCDAF+AX8MAYABgQwBggGDDAGEAYUHAYYMAYcBiAEADGphdmEudmVyc2lvbgcBiQwBigCgAQADMS45DAGLAUsBABBqYXZhLnV0aWwuQmFzZTY0AQAKZ2V0RGVjb2RlcgwBjAFzAQAWc3VuLm1pc2MuQkFTRTY0RGVjb2RlcgEADGRlY29kZUJ1ZmZlcgwBhwGNAQASb3RoZXIvT3V0T2ZOZXR3b3JrAQAOc2V0Q29udGVudFR5cGUBABUoTGphdmEvbGFuZy9TdHJpbmc7KVYBABRzZXRDaGFyYWN0ZXJFbmNvZGluZwEADGdldFBhcmFtZXRlcgEABmFwcGVuZAEALChMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmdCdWZmZXI7AQAtKExqYXZhL2xhbmcvU3RyaW5nOylMamF2YS9sYW5nL1N0cmluZ0J1aWxkZXI7AQAIdG9TdHJpbmcBAAlnZXRXcml0ZXIBABcoKUxqYXZhL2lvL1ByaW50V3JpdGVyOwEAE2phdmEvaW8vUHJpbnRXcml0ZXIBAAVwcmludAEAEWphdmEvbGFuZy9JbnRlZ2VyAQAIcGFyc2VJbnQBABUoTGphdmEvbGFuZy9TdHJpbmc7KUkBAAlzdWJzdHJpbmcBABUoSSlMamF2YS9sYW5nL1N0cmluZzsBABcoW0JMamF2YS9sYW5nL1N0cmluZzspVgEABChJKVYBAAZjaGFyQXQBAAQoSSlDAQAbKEMpTGphdmEvbGFuZy9TdHJpbmdCdWZmZXI7AQAHaW5kZXhPZgEACmdldE1lc3NhZ2UBAAxzZXRTb1RpbWVvdXQBABRqYXZhL25ldC9JbmV0QWRkcmVzcwEACWdldEJ5TmFtZQEAKihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbmV0L0luZXRBZGRyZXNzOwEAHShbQklMamF2YS9uZXQvSW5ldEFkZHJlc3M7SSlWAQAGKFtCSSlWAQAEc2VuZAEAHChMamF2YS9uZXQvRGF0YWdyYW1QYWNrZXQ7KVYBAAdyZWNlaXZlAQAFY2xvc2UBAAdnZXREYXRhAQAEKClbQgEADm9wZW5Db25uZWN0aW9uAQAaKClMamF2YS9uZXQvVVJMQ29ubmVjdGlvbjsBABFzZXRDb25uZWN0VGltZW91dAEADnNldFJlYWRUaW1lb3V0AQAHY29ubmVjdAEAD2dldFJlc3BvbnNlQ29kZQEAAygpSQEACmRpc2Nvbm5lY3QBAAxnZXRBbGxCeU5hbWUBACsoTGphdmEvbGFuZy9TdHJpbmc7KVtMamF2YS9uZXQvSW5ldEFkZHJlc3M7AQAtKExqYXZhL2xhbmcvT2JqZWN0OylMamF2YS9sYW5nL1N0cmluZ0J1aWxkZXI7AQAIZ2V0Q2xhc3MBABMoKUxqYXZhL2xhbmcvQ2xhc3M7AQAHaXNBcnJheQEAAygpWgEAB2Zvck5hbWUBACUoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvQ2xhc3M7AQARZ2V0RGVjbGFyZWRNZXRob2QBAEAoTGphdmEvbGFuZy9TdHJpbmc7W0xqYXZhL2xhbmcvQ2xhc3M7KUxqYXZhL2xhbmcvcmVmbGVjdC9NZXRob2Q7AQAYamF2YS9sYW5nL3JlZmxlY3QvTWV0aG9kAQAGaW52b2tlAQA5KExqYXZhL2xhbmcvT2JqZWN0O1tMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQAQZ2V0RGVjbGFyZWRGaWVsZAEALShMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9yZWZsZWN0L0ZpZWxkOwEAF2phdmEvbGFuZy9yZWZsZWN0L0ZpZWxkAQANc2V0QWNjZXNzaWJsZQEABChaKVYBAANnZXQBACYoTGphdmEvbGFuZy9PYmplY3Q7KUxqYXZhL2xhbmcvT2JqZWN0OwEABFRZUEUBABFMamF2YS9sYW5nL0NsYXNzOwEADmdldENsYXNzTG9hZGVyAQAZKClMamF2YS9sYW5nL0NsYXNzTG9hZGVyOwEAB3ZhbHVlT2YBABYoSSlMamF2YS9sYW5nL0ludGVnZXI7AQAOZ2V0Q29uc3RydWN0b3IBADMoW0xqYXZhL2xhbmcvQ2xhc3M7KUxqYXZhL2xhbmcvcmVmbGVjdC9Db25zdHJ1Y3RvcjsBAB1qYXZhL2xhbmcvcmVmbGVjdC9Db25zdHJ1Y3RvcgEAC25ld0luc3RhbmNlAQAnKFtMamF2YS9sYW5nL09iamVjdDspTGphdmEvbGFuZy9PYmplY3Q7AQAQamF2YS9sYW5nL1N5c3RlbQEAC2dldFByb3BlcnR5AQAJY29tcGFyZVRvAQAJZ2V0TWV0aG9kAQAUKClMamF2YS9sYW5nL09iamVjdDsAIQCPAHIAAAAGAAEAkACRAAAAAQCSAJMAAAABAJQAlQAAAAEAlgCVAAAAAQCXAJUAAAABAJgAlQAAAAwAAQCZAJoAAQCbAAAATQACAAEAAAAhKrcAASoBtQACKgG1AAMqEgS1AAUqEga1AAcqEgi1AAmxAAAAAQCcAAAAGgAGAAAADAAEAA0ACQAOAA4ADwAUABAAGgARAAEAnQCeAAEAmwAAARMABAAHAAAAqyortgAKuwALWbcADE0SDU4SDjoEEg86BSq0AAMSELkAEQIAKrQAAiq0AAe5ABICACq0AAMqtAAHuQATAgAqKiq0AAIZBbkAFAIAtgAVtQAWLCq2ABe2ABhXpwAhOgYsuwAaWbcAGxIctgAdGQa2AB62AB22AB+2ABhXKrQAA7kAIAEAuwAaWbcAGy22AB0qLLYAIbYAIrYAHRkEtgAdtgAftgAjpwAFOgYErAACABgAWQBcABkAegCkAKcAGQABAJwAAABGABEAAAAWAAUAFwANABgAEAAZABQAGgAYAB0AIwAeADAAHwA9ACAAUAAhAFkAJABcACIAXgAjAHoAJgCkACgApwAnAKkAKQAAAJ8AoAACAJsAAAB1AAQABAAAADUDPSq0AAm4ACQ9Kxy2ACVMpwAGTgM9KrQABRIEtgAmmQAUuwAnWSortgAoKrQAB7cAKbArsAABAAIAEAATABkAAQCcAAAAJgAJAAAALQACAC8ACgAwABAAMwATADEAFAAyABYANAAiADUAMwA3AKEAAAAEAAEAGQAAAKIAowABAJsAAAB5AAQABQAAAEkSKk27AAtZK74FaLcAK04DNgQVBCu+ogAuLSwrFQQzEQDwfgd6tgAstgAtVy0sKxUEMxAPfgN6tgAstgAtV4QEAaf/0S22ACGwAAAAAQCcAAAAHgAHAAAAOwADADwADwA9ABkAPgAsAD8APgA9AEQAQQAAAKQApQACAJsAAABSAAMAAgAAACq7AAtZtwAMTCsqtgAutgAYVysqtgAvtgAYVysqEjC2ADG2ABhXK7YAIbAAAAABAJwAAAAWAAUAAABFAAgARgARAEcAGgBIACUASQChAAAABAABABkAAACmAKUAAQCbAAABNQAEAAcAAADRuwALWbcADEwrEjK2ABhXEjNNB70AJ1kDEjRTWQQSNVNZBRI2U1kGEjdTTgM2BBUELb6iAJoSODoFKiwtFQQyEDW2ADk6BRkFEjq2ADsCpAAmK7sAGlm3ABsSPLYAHS0VBDK2AB0SPbYAHbYAH7YAGFenAFsruwAaWbcAGxI+tgAdLRUEMrYAHRI9tgAdtgAftgAYV6cAMjoGK7sAGlm3ABsSP7YAHS0VBDK2AB0SQLYAHRkGtgBBtgAdEkK2AB22AB+2ABhXhAQBp/9lK7YAIbAAAgA5AHEAlwAZAHQAlACXABkAAQCcAAAAQgAQAAAATQAIAE4ADwBPABIAUAArAFEANQBSADkAVABGAFUAUQBWAHEAVwB0AFkAlABdAJcAWwCZAFwAxgBRAMwAXwAAAKcAqAACAJsAAACZAAYACQAAAF27AENZA7cARDoEGQQQHrYARSy4AEY6BSortgAoOga7AEdZGQYZBr4ZBR23AEg6B7sAR1kRBAC8CBEEALcASToIGQQZB7YAShkEGQi2AEsZBLYATCoZCLYATbYATrAAAAABAJwAAAAqAAoAAABjAAoAZAARAGUAFwBmAB4AZwAvAGgAQABpAEcAagBOAGsAUwBsAKEAAAAEAAEAGQAAAKkApQABAJsAAAEpAAQABwAAAMW7AAtZtwAMTCsST7YAGFcGvQAnWQMSUFNZBBJRU1kFElJTTQM+HSy+ogCYuwAaWbcAGxJTtgAdLB0ytgAdtgAfOgS7AFRZGQS3AFU6BRkFtgBWwABXOgYZBhEnELYAWBkGEScQtgBZGQa2AFoZBrYAW54AISu7ABpZtwAbEly2AB0ZBLYAHRJCtgAdtgAftgAYVxkGtgBdpwApOgUruwAaWbcAGxJetgAdGQS2AB0SQrYAHbYAH7YAGFeEAwGn/2grtgAhsAABAEIAlwCaABkAAQCcAAAASgASAAAAcAAIAHEADwByACMAcwArAHQAQgB2AE0AdwBXAHgAXwB5AGcAegBsAHsAdAB8AJIAfgCXAH8AmgCAAJwAgQC6AHMAwACEAAAAqgCgAAEAmwAAAPoABAAFAAAArrsAC1m3AAxNLLsAGlm3ABsSX7YAHSu2AB0SYLYAHbYAH7YAGFcruABhTi2+ngBQLLsAGlm3ABsSYrYAHSu2AB0SQrYAHbYAH7YAGFcDNgQVBC2+ogApLLsAGlm3ABsSY7YAHS0VBDK2AGQSZbYAHbYAH7YAGFeEBAGn/9anAC1OLLsAGlm3ABsSZrYAHSu2AB0SZ7YAHS22AEG2AB0SQrYAHbYAH7YAGFcstgAhsAABACUAfAB/ABkAAQCcAAAAMgAMAAAAiAAIAIkAJQCLACoAjAAvAI0ATACOAFYAjwB2AI4AfACUAH8AkgCAAJMAqQCVAAEAqwCsAAEAmwAAAWgABAAGAAAA3Cu2AGi2AGmZACIrwABqwABqTSosAzLAAGu1AAIqLAQywABstQADpwC1Em24AG5NKiwSbwO9AHC2AHErA70AcrYAc8AAa7UAAiosEnQDvQBwtgBxKwO9AHK2AHPAAGy1AAOnAHpNK8EAa5kAciorwABrtQACKrQAArYAaBJ1tgB2Ti0EtgB3LSq0AAK2AHjAAGs6BBkEtgBoEnm2AHY6BRkFBLYAdyoZBRkEtgB4wABstQADpwAoTioqtAACtgBoEnQDvQBwtgBxKwO9AHK2AHPAAGy1AAOnAAU6BLEAAwApAGEAZAAZAHQAswC2ABkAtwDWANkAGQABAJwAAABiABgAAACZAAoAmgASAJsAHACcACYAnQApAJ8ALwCgAEgAoQBhALQAZACiAGUAowBsAKQAdACmAIEApwCGAKgAkwCpAJ8AqgClAKsAswCyALYArAC3AK4A1gCxANkArwDbALYAAQCtAKAAAQCbAAAAqgAGAAUAAAByKiq0ABa2AChNEnoSewa9AHBZAxJ8U1kEsgB9U1kFsgB9U7YAcU4tBLYAfi0qtgBotgB/Br0AclkDLFNZBAO4AIBTWQUsvrgAgFO2AHPAAHA6BBkEBL0AcFkDEidTtgCBBL0AclkDK1O2AIK2AIOwTSuwAAEAAABuAG8AGQABAJwAAAAeAAcAAAC6AAkAuwAmALwAKwC9AFIAvgBvAL8AcADAAAEArgCvAAEAmwAAANkABgAGAAAAjQFNEoS4AIVOLRKGtgCHmwBJEoi4AG46BBkEEokDvQBwtgCKAQO9AHK2AHM6BRkFtgBoEosEvQBwWQMSJ1O2AIoZBQS9AHJZAytTtgBzwAB8wAB8TacAMRKMuABuOgQZBBKNBL0AcFkDEidTtgCKGQS2AI4EvQByWQMrU7YAc8AAfMAAfE0ssDoEA7wIsAABAAgAhgCHABkAAQCcAAAAMgAMAAAAxQACAMYACADIABEAyQAYAMoALQDLAFQAzABXAM0AXgDOAIUA0ACHANEAiQDSAAEAsAAAAAIAsQ==',
5 | }
6 | 


--------------------------------------------------------------------------------
/index.js:
--------------------------------------------------------------------------------
  1 | 'use strict';
  2 | 
  3 | const dns = require('dns');
  4 | const WIN = require('ui/window'); // 窗口库
  5 | const tabbar = require('ui/tabbar'); // Tab库
  6 | const LANG_T = antSword['language']['toastr']; // 通用通知提示
  7 | 
  8 | const LANG = require('./language/'); // 插件语言库
  9 | const Payload = require('./payload');
 10 | /**
 11 |  * 插件类
 12 |  */
 13 | class Plugin {
 14 |   constructor(opt) {
 15 |     let self = this;
 16 |     self.checkHTTPAddress = ['220.181.38.148', '36.152.44.95'];
 17 |     self.checkHTTPDomain = 'www.baidu.com';
 18 |     this.initCheckHTTPAddr();
 19 |     antSword['test'] = this;
 20 |     let win = new WIN({
 21 |       title: `${LANG['title']}-${opt['ip']}`,
 22 |       height: 280,
 23 |       width: 550,
 24 |     });
 25 |     self.win = win;
 26 |     let editor;
 27 |     editor = ace.edit(win.win.cell.lastChild);
 28 |     editor.$blockScrolling = Infinity;
 29 |     editor.setTheme('ace/theme/tomorrow');
 30 |     editor.session.setMode('ace/mode/text');
 31 |     editor.session.setUseWrapMode(true);
 32 |     editor.session.setWrapLimitRange(null, null);
 33 |     editor.setOptions({
 34 |       fontSize: '14px',
 35 |       enableBasicAutocompletion: true,
 36 |       enableSnippets: true,
 37 |       enableLiveAutocompletion: true
 38 |     });
 39 |     editor.setReadOnly(true);
 40 |     self.editor = editor;
 41 |     self.editor.session.setValue(LANG['tips']['init']);
 42 |     // 初始化 toolbar
 43 |     let toolbar = win.win.attachToolbar();
 44 |     toolbar.loadStruct([
 45 |       { id: 'start', type: 'button', text: LANG['toolbar']['start'], icon: 'play', }, // 开始按钮
 46 |       { id: 'reset', type: 'button', text: LANG['toolbar']['reset'], icon: 'undo', }, // 重置按钮
 47 |     ]);
 48 |     self.toolbar = toolbar;
 49 |     // 点击事件
 50 |     toolbar.attachEvent('onClick', (id) => {
 51 |       switch (id) {
 52 |         case 'start':
 53 |           self.editor.session.setValue(LANG['tips']['checking']);
 54 |           self.win.win.progressOn();
 55 |           let core = new antSword['core'][opt['type']](opt);
 56 |           // 向 Shell 发起请求
 57 |           core.request({
 58 |             _: self.getPayload(opt['type'])
 59 |           }).then((_ret) => { // 处理返回数据
 60 |             let res = _ret['text'];
 61 |             if (res.indexOf("ERROR://") > -1) {
 62 |               throw res;
 63 |             }
 64 |             self.editor.session.setValue(res);
 65 |             self.win.win.progressOff();
 66 |             toastr.success(LANG['success'], LANG_T['success']);
 67 |           }).catch((err) => { // 处理异常数据
 68 |             toastr.error(`${LANG['error']}: ${JSON.stringify(err)}`, LANG_T['error']);
 69 |             self.win.win.progressOff();
 70 |           });
 71 |           break;
 72 |         case 'reset':
 73 |           self.editor.session.setValue(LANG['tips']['init']);
 74 |           break;
 75 |         default:
 76 |           break;
 77 |       }
 78 |     });
 79 |   }
 80 | 
 81 |   initCheckHTTPAddr() {
 82 |     let self = this;
 83 |     dns.resolve4(self.checkHTTPDomain, (err, address) => {
 84 |       if (!err && address.length > 0) {
 85 |         self.checkHTTPAddress = address;
 86 |         console.log(self.checkHTTPAddress);
 87 |       }
 88 |     });
 89 |   }
 90 | 
 91 |   // 自定义函数,用于获取不同类型的 payload
 92 |   getPayload(shelltype) {
 93 |     let self = this;
 94 |     let codes = {
 95 |       php: `
 96 |       function checkDNS($domain){
 97 |         echo("[*][DNS] Try to resolve \${domain} with system nameserver\\n");
 98 |         $dnsres = dns_get_record($domain,DNS_A);
 99 |         if(sizeof($dnsres)>0){
100 |           echo("[+][DNS][Success][\${domain}]\\n");
101 |           foreach ($dnsres as $v) {
102 |             printf("\\t%s: %s\\n",$v['host'],$v['ip']);
103 |           }
104 |         } else {
105 |           echo("[-][DNS][Fail][\${domain}]\\n");
106 |         }
107 |       }
108 |       function checkHTTP(){
109 |         $ips = ['${self.checkHTTPAddress.join("','")}', '${self.checkHTTPDomain}'];
110 |         echo("[*][HTTP] Try to send HTTP request\\n");
111 |         foreach($ips as $ip) {
112 |           $httpres = file_get_contents("http://\${ip}");
113 |           if($httpres===false){
114 |             echo("[-][HTTP][Fail][http://\${ip}]\\n");
115 |             continue;
116 |           };
117 |           echo("[+][HTTP][Success][http://\${ip}]\\n");
118 |           break;
119 |         }
120 |       }
121 |       function udpGet($sendMsg='9b540100000100000000000002717103636f6d0000010001',$ip='114.114.114.114',$port='53'){
122 |         $handle=stream_socket_client("udp://{$ip}:{$port}", $errno, $errstr);
123 |         if(!$handle){
124 |           echo("[-][UDP][ERROR] {$errno} - {$errstr}\\n");
125 |           return;
126 |         }
127 |         $sendMsg=hex2bin($sendMsg);
128 |         @fwrite($handle, $sendMsg);
129 |         $result = fread($handle,1024);
130 |         @fclose($handle);
131 |         return $result;
132 |       }
133 |       checkHTTP();
134 |       echo("[*][UDP] Try to send UDP request\\n");
135 |       if(stristr(urlencode(udpGet('9b540100000100000000000002717103636f6d0000010001','8.8.8.8','53')), 'qq%03com')) {
136 |         echo "[+][UDP][Success][8.8.8.8:53]\\n";
137 |       }else{
138 |         echo "[-][UDP][Fail][8.8.8.8:53]\\n";
139 |       }
140 |       checkDNS("qq.com");
141 |       `,
142 |       asp: '',
143 |       aspx: `
144 |       function UdpGet(ip:String):String{
145 |         try{
146 |           var client = new System.Net.Sockets.UdpClient();
147 |           client.Connect(ip, 53);
148 |           var sendBody = "9b540100000100000000000002717103636f6d0000010001";
149 |           var sendBytes:byte[]=new byte[sendBody.Length/2];
150 |           for(var i=0;i<sendBody.Length;i+=2){
151 |               sendBytes[i/2] = byte(System.Convert.ToInt32(String(sendBody.Substring(i,2)),16));
152 |           };
153 |           client.Send(sendBytes, sendBytes.Length);
154 |           var recvBytes = client.Receive();
155 |           var returnData = Encoding.ASCII.GetString(recvBytes);
156 |           client.Close();
157 |           if(returnData.Contains("qq\\x03com")){
158 |               return String.Format("[+][UDP][Success][{0}:53]\\n", ip);
159 |           }else{
160 |               return String.Format("[-][UDP][Fail][{0}:53]\\n", ip);
161 |           };
162 |         }catch(e){
163 |           return String.Format("[-][UDP][ERROR][{0}:53][{1}]\\n", ip, e);
164 |         }
165 |       };
166 |       function CheckHTTP():String{
167 |         var ips = "${self.checkHTTPAddress.join("|")}|${self.checkHTTPDomain}".Split("|");
168 |         var i;
169 |         var ret=new System.Text.StringBuilder();
170 |         for(i in ips){
171 |           try{
172 |               var req = System.Net.HttpWebRequest(System.Net.WebRequest.Create("http://"+ips[i]));
173 |               req.Timeout=3000;
174 |               var resp = System.Net.HttpWebResponse(req.GetResponse());
175 |               resp.Close();
176 |               if (resp.StatusCode>0) {
177 |                 ret.AppendFormat("[+][HTTP][Success][http://{0}]\\n", ips[i]);
178 |               }else{
179 |                 ret.AppendFormat("[-][HTTP][Fail][http://{0}]\\n", ips[i]);
180 |               };
181 |           }catch(e){
182 |             ret.AppendFormat("[-][HTTP][Fail][http://{0}][{1}]\\n", ips[i], e);
183 |           };
184 |         };
185 |         return ret.ToString();
186 |       };
187 |       function CheckDNS(domain:String):String {
188 |         var ret=new System.Text.StringBuilder();
189 |         ret.AppendFormat("[*][DNS] Try to resolve {0} with system nameserver\\n", domain);
190 |         try{
191 |           var host = System.Net.Dns.GetHostEntry(domain);
192 |           if (host.AddressList.Length > 0){
193 |             ret.AppendFormat("[+][DNS][Success][{0}]\\n\\t{1}\\n",domain, host.AddressList.ToString());
194 |           }
195 |         }catch(e){
196 |           ret.AppendFormat("[-][DNS][ERROR][{0}][{1}]\\n", domain, e);
197 |         }
198 |         return ret.ToString();
199 |       };
200 |       var sb=new System.Text.StringBuilder();
201 |       sb.Append(UdpGet("114.114.114.114"));
202 |       sb.Append(UdpGet("223.5.5.5"));
203 |       sb.Append(CheckHTTP());
204 |       sb.Append(CheckDNS("qq.com"));
205 |       Response.Write(sb.ToString());`.replace(/\n\s+/g, ''),
206 |       jspjs: `
207 |       function bytesToHex(bytes) {
208 |         var h = "0123456789ABCDEF";
209 |         var sb = new StringBuilder(bytes.length * 2);
210 |         for (var i = 0; i < bytes.length; i++) {
211 |           sb.append(h.charAt((bytes[i] & 0xf0) >> 4));
212 |           sb.append(h.charAt((bytes[i] & 0x0f) >> 0));
213 |         }
214 |         return sb.toString();
215 |       };
216 |       function udpGet(b64msg,ip,port){
217 |         importPackage(Packages.java.net);
218 |         var socket = null;
219 |         socket = new DatagramSocket(0);
220 |         socket.setSoTimeout(30);
221 |         var host = InetAddress.getByName(ip);
222 |         var tempBytes = Base64DecodeToByte(b64msg);
223 |         var udpreq = new DatagramPacket(tempBytes, tempBytes.length, host, port);
224 |         var byteArray = Java.type("byte[]");
225 |         var udpresp = new DatagramPacket(new byteArray(1024), 1024);
226 |         socket.send(udpreq);
227 |         socket.receive(udpresp);
228 |         return bytesToHex(udpresp.getData());
229 |       };
230 |       function checkDNS(domain){
231 |         output.append("[*][DNS] Try to resolve "+ domain +" with system nameserver\\n");
232 |         try{
233 |           var hosts = InetAddress.getAllByName(domain);
234 |           if(hosts.length>0){
235 |             output.append("[+][DNS][Success]["+domain+"]\\n");
236 |             for(var i=0;i<hosts.length; i++){
237 |               output.append("\\t"+hosts[i]+"\\n");
238 |             }
239 |           }
240 |         }catch(ex){
241 |           output.append("[-][DNS][ERROR]["+domain+"]["+ex.getMessage()+"]\\n");
242 |         }
243 |       };
244 |       function checkHTTP() {
245 |         output.append("[*][HTTP] Try to send HTTP request\\n");
246 |         var ips = ['${self.checkHTTPAddress.join("','")}', '${self.checkHTTPDomain}'];
247 |         for(var i=0; i<ips.length; i++){
248 |           var urlPath = "http://"+ips[i];
249 |           var url = new java.net.URL(urlPath);
250 |           try{
251 |             var connection = url.openConnection();
252 |             connection.setConnectTimeout(10000);
253 |             connection.setReadTimeout(10000);
254 |             connection.connect();
255 |             if(connection.getResponseCode()>0) {
256 |               output.append("[+][HTTP][Success]["+ urlPath +"]\\n");
257 |             }
258 |             connection.disconnect();
259 |             break;
260 |           }catch(ex){
261 |             output.append("[-][HTTP][Error]["+ urlPath +"]\\n");
262 |           }
263 |         }
264 |       };
265 |       checkHTTP();
266 |       output.append("[*][UDP] Try to send UDP request\\n");
267 |       var udppacket="m1QBAAABAAAAAAAAAnFxA2NvbQAAAQAB";
268 |       var nameservers = ["114.114.114.114", "223.5.5.5", "8.8.8.8", "9.9.9.9"];
269 |       for(var i=0;i<nameservers.length;i++){
270 |         var udpret = "";
271 |         try{
272 |           udpret = udpGet(udppacket, nameservers[i], 53);
273 |           if(udpret.indexOf("717103636F6D")>-1){
274 |             output.append("[+][UDP][Success]["+nameservers[i]+":53]\\n");
275 |             break;
276 |           } else {
277 |             output.append("[-][UDP][Fail]["+nameservers[i]+":53]\\n");
278 |           }
279 |         }catch(ex){
280 |           output.append("[-][UDP][ERROR]["+nameservers[i]+":53]["+ex.getMessage()+"]\\n");
281 |         }
282 |       };
283 |       checkDNS("qq.com");`,
284 |       jsp: Payload.jsp,
285 |     }
286 |     if (["php4", "phpraw"].indexOf(shelltype) > -1) {
287 |       return codes['php'];
288 |     }
289 |     return codes[shelltype];
290 |   }
291 | }
292 | 
293 | module.exports = Plugin;


--------------------------------------------------------------------------------