├── .gitignore ├── Makefile ├── README.md ├── cmd └── netouter │ └── main.go ├── go.mod ├── go.sum └── pkg ├── checkdns └── checkdns.go ├── checkhttp └── checkhttp.go ├── checkicmp └── checkicmp.go ├── checkntp └── checkntp.go ├── checksnmp └── checksnmp.go ├── checktcp ├── checktcp.go └── checktcpP.go └── checktftp └── checktftp.go /.gitignore: -------------------------------------------------------------------------------- 1 | # If you prefer the allow list template instead of the deny list, see community template: 2 | # https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore 3 | # 4 | # Binaries for programs and plugins 5 | *.exe 6 | *.exe~ 7 | *.dll 8 | *.so 9 | *.dylib 10 | 11 | # Test binary, built with `go test -c` 12 | *.test 13 | 14 | # Output of the go coverage tool, specifically when used with LiteIDE 15 | *.out 16 | 17 | # Dependency directories (remove the comment below to include it) 18 | # vendor/ 19 | 20 | # Go workspace file 21 | go.work 22 | 23 | # build Output 24 | target/ 25 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | LD_FLAGS := -s -w 2 | BIN_DIR := target/release 3 | BIN_NAME := NetOuter 4 | 5 | default: clean darwin linux windows integrity 6 | 7 | clean: 8 | $(RM) $(BIN_DIR)/$(BIN_NAME)* 9 | go clean -x 10 | 11 | install: 12 | go install 13 | 14 | darwin: 15 | GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="$(LD_FLAGS)" -o '$(BIN_DIR)/$(BIN_NAME)-darwin-amd64' ./cmd/netouter/main.go 16 | 17 | linux: 18 | GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="$(LD_FLAGS)" -o '$(BIN_DIR)/$(BIN_NAME)-linux-amd64' ./cmd/netouter/main.go 19 | 20 | windows: 21 | GOOS=windows GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="$(LD_FLAGS)" -o '$(BIN_DIR)/$(BIN_NAME)-windows-amd64.exe' ./cmd/netouter/main.go 22 | 23 | integrity: 24 | cd $(BIN_DIR) && shasum * 25 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # NetOuter 2 | 3 | ## 目的 4 | 5 | 一个无依赖可执行文件,能快速测试受害者端口出网情况,为后续建立代理隧道收集必要信息。 6 | 7 | ## 原理 8 | 9 | ### tcp出网探测 10 | 11 | 根据tcp的特性,程序尝试对指定外网的ip:port建立tcp全连接,若连接建立,则认为该端口出网。 12 | 13 | ### udp出网探测 14 | 15 | 根据udp的特性,基本无法从连接的角度确认出网情况。程序内置了一些常用udp端口的客户端库,针对不同的端口构造不同的基于udp的应用层协议的数据包并发送,如果接受到服务端的回复,则认为该端口出网。 16 | 17 | ### dns隧道建立可能性探测 18 | 19 | 除了53端口直接出网,dns可以通过递归或者迭代查询间接出网构造dns隧道。程序会尝试本地dns解析,若解析成功,则可能构造dns隧道。 20 | 21 | ## 使用 22 | 23 | target目录下文件 24 | 25 | ### 编译 26 | 27 | ``` 28 | make 29 | ``` 30 | 31 | 最终文件在`target/release`目录下 32 | 33 | ### 命令行用法 34 | 35 | #### 测试常规出网可能性 - 推荐 36 | 37 | 直接运行无需任何参数,默认会检测常见的几百个tcp端口,发现3个以上就不再检测了 38 | 39 | ```bash 40 | NetOuter 41 | ``` 42 | 43 | 在一个不出网的环境下完成这个测试大约需要2分钟 44 | 45 | #### 快速测试 46 | 47 | 要是你认为在的内网里基本不可能出网,懒得浪费时间就做一个快速check 48 | 49 | ```bash 50 | NetOuter -quick 51 | ``` 52 | 53 | 不做几百个默认tcp端口的测试会快不少,完全不出网环境大约40秒 54 | 55 | #### tcp全端口探测 56 | 57 | 端口太多可能比较慢 58 | 当发现超过3个可出网端口就停止 59 | 60 | 全端口 61 | 62 | ``` 63 | NetOuter -tcp all 64 | ``` 65 | 66 | 不出网环境下要将近7、8分钟 67 | 68 | ### 结果显示 69 | 70 | 在命令行打印结果的同时,结果也会同步到当前可执行文件的目录下`output.log`文件里面 71 | 72 | #### TODO 73 | 74 | 1. UDP 162,623,520,10161,10162 75 | 3. ipv6出网探测和逻辑 76 | 77 | 78 | #### 还有其他的出网方式就是基于代理出网 sock/http/https 79 | 80 | 这个需要信息收集,针对不同的机器收集路由和配置的代理ip端口用户密码 81 | 82 | 83 | 84 | 85 | -------------------------------------------------------------------------------- /cmd/netouter/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "NetOuter/pkg/checkdns" 5 | "NetOuter/pkg/checkhttp" 6 | "NetOuter/pkg/checkicmp" 7 | "NetOuter/pkg/checkntp" 8 | "NetOuter/pkg/checksnmp" 9 | "NetOuter/pkg/checktcp" 10 | "NetOuter/pkg/checktftp" 11 | "flag" 12 | "io" 13 | "log" 14 | "os" 15 | "path/filepath" 16 | "sync" 17 | ) 18 | 19 | var version = "0.1.0" 20 | 21 | // flag pointers 22 | var ( 23 | tcpCheckPtr *string 24 | snmpCheckPtr *bool 25 | tftpCheckPtr *bool 26 | customip *string 27 | tcpport *int 28 | ) 29 | 30 | var wg sync.WaitGroup 31 | 32 | func main() { 33 | 34 | tcpCheckPtr = flag.String("tcp", "", "Check egress for all tcp ports. Example: ./netout -tcp all") 35 | snmpCheckPtr = flag.Bool("snmp", false, "snmp custom ip check") 36 | tftpCheckPtr = flag.Bool("tftp", false, "tftp custom ip check") 37 | customip = flag.String("ip", "1.1.1.1", "custom ip for snmp or tftp") 38 | tcpport = flag.Int("port", 9999999, "custom tcp port") 39 | quick := flag.Bool("quick", false, "quick check") 40 | 41 | flag.Parse() 42 | 43 | ex, err := os.Executable() 44 | if err != nil { 45 | panic(err) 46 | } 47 | 48 | exPath := filepath.Dir(ex) 49 | 50 | f, err := os.OpenFile(exPath+"/output.log", os.O_CREATE|os.O_APPEND|os.O_RDWR, os.ModePerm) 51 | if err != nil { 52 | return 53 | } 54 | 55 | defer func() { 56 | f.Close() 57 | }() 58 | 59 | if *tcpport != 9999999 { 60 | os.Exit(0) 61 | } 62 | 63 | if *snmpCheckPtr { 64 | os.Exit(0) 65 | } 66 | if *tftpCheckPtr { 67 | os.Exit(0) 68 | } 69 | 70 | multiWriter := io.MultiWriter(os.Stdout, f) 71 | log.SetOutput(multiWriter) 72 | 73 | if *tcpCheckPtr == "all" { 74 | log.Println("[!] All check may take a few minutes to be done, consider using default checking first.") 75 | log.Println("[!] No output means all tcp ports was blocked") 76 | checktcp.CheckALLtcp() 77 | 78 | } else if *tcpCheckPtr == "test" { 79 | 80 | checktcp.CheckDTCP() 81 | 82 | } else { 83 | 84 | resp := checkdns.CheckLocalDNS() 85 | if resp { 86 | checkhttp.Checkhttp() 87 | } 88 | wg.Add(7) 89 | 90 | go checkntp.Checkntp(&wg) 91 | go checksnmp.Checksnmp("116.162.120.19", &wg) 92 | go checktftp.Checktftp("183.62.177.78", &wg) 93 | go checkdns.CheckDirectDNS(&wg) 94 | go checkicmp.Checkicmp(&wg) 95 | go checktcp.Checktcp("220.181.38.148", "80", &wg) 96 | go checktcp.Checktcp("220.181.38.148", "443", &wg) 97 | wg.Wait() 98 | log.Println("[!] Starting default TCP egress check, may take a few minutes to be done.Please Wait patiently.") 99 | if !*quick { 100 | checktcp.CheckDTCP() 101 | } 102 | log.Println("[!] finished! No tcp output means all tcp ports was blocked") 103 | } 104 | 105 | } 106 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module NetOuter 2 | 3 | go 1.18 4 | 5 | require github.com/beevik/ntp v0.3.0 6 | 7 | require ( 8 | github.com/davecgh/go-spew v1.1.1 // indirect 9 | github.com/stretchr/testify v1.7.0 // indirect 10 | golang.org/x/net v0.7.0 // indirect 11 | golang.org/x/sys v0.5.0 // indirect 12 | ) 13 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/beevik/ntp v0.3.0 h1:xzVrPrE4ziasFXgBVBZJDP0Wg/KpMwk2KHJ4Ba8GrDw= 2 | github.com/beevik/ntp v0.3.0/go.mod h1:hIHWr+l3+/clUnF44zdK+CWW7fO8dR5cIylAQ76NRpg= 3 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 4 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 5 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 6 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 7 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 8 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 9 | github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= 10 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 11 | golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= 12 | golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= 13 | golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= 14 | golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 15 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 16 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= 17 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 18 | -------------------------------------------------------------------------------- /pkg/checkdns/checkdns.go: -------------------------------------------------------------------------------- 1 | package checkdns 2 | 3 | import ( 4 | "context" 5 | "log" 6 | "net" 7 | "sync" 8 | "time" 9 | ) 10 | 11 | func CheckDirectDNS(wg *sync.WaitGroup) bool { 12 | defer func() { 13 | wg.Done() 14 | }() 15 | r := &net.Resolver{ 16 | PreferGo: true, 17 | Dial: func(ctx context.Context, network, address string) (net.Conn, error) { 18 | d := net.Dialer{ 19 | Timeout: time.Second * 1, 20 | } 21 | return d.DialContext(ctx, "udp", "114.114.114.114:53") 22 | }, 23 | } 24 | _, err := r.LookupHost(context.Background(), "www.baidu.com") 25 | if err != nil { 26 | log.Println("[-] UDP 53 is blocked") 27 | return false 28 | } else { 29 | log.Println("[*] UDP 53 can access the internet") 30 | return true 31 | } 32 | 33 | } 34 | 35 | func CheckLocalDNS() bool { 36 | const timeout = 1 * time.Second 37 | ctx, cancel := context.WithTimeout(context.TODO(), timeout) 38 | defer cancel() 39 | var r net.Resolver 40 | resp, err := r.LookupHost(ctx, "www.baidu.com") 41 | 42 | if err != nil { 43 | log.Println("[-] DNS resolve is blocked") 44 | return false 45 | } 46 | if len(resp) > 0 { 47 | log.Println("[*] DNS tunnel is allowed") 48 | return true 49 | } else { 50 | log.Println("[-] DNS resolve is blocked") 51 | return false 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /pkg/checkhttp/checkhttp.go: -------------------------------------------------------------------------------- 1 | package checkhttp 2 | 3 | import ( 4 | "fmt" 5 | "net/http" 6 | "time" 7 | ) 8 | 9 | var white_domainname [4]string = [...]string{ 10 | "www.baidu.com", 11 | "www.qq.com", 12 | "www.gov.cn", 13 | "mp.weixin.qq.com", 14 | } 15 | 16 | func Checkhttp() { 17 | 18 | for _, domain := range white_domainname { 19 | transport := &http.Transport{} 20 | 21 | timeout := 1 * time.Second 22 | 23 | client := http.Client{ 24 | Timeout: timeout, 25 | Transport: transport, 26 | } 27 | 28 | resp, err := client.Get("http://" + domain + "/") 29 | if err != nil { 30 | fmt.Println("[-] http " + domain + " was blocked") 31 | } 32 | if resp != nil { 33 | fmt.Println("[*]", domain+" http protocol is allowed") 34 | } 35 | } 36 | return 37 | } 38 | -------------------------------------------------------------------------------- /pkg/checkicmp/checkicmp.go: -------------------------------------------------------------------------------- 1 | package checkicmp 2 | 3 | import ( 4 | "log" 5 | "os/exec" 6 | "runtime" 7 | "strings" 8 | "sync" 9 | ) 10 | 11 | func Checkicmp(wg *sync.WaitGroup) { 12 | defer wg.Done() 13 | switch runtime.GOOS { 14 | case "windows": 15 | cmd := exec.Command("ping.exe", "-n", "1", "114.114.114.114") 16 | out, err := cmd.CombinedOutput() 17 | if err != nil { 18 | log.Println("[-] ICMP blocked") 19 | } 20 | if strings.Contains(string(out), "TTL") { 21 | log.Println("[*] ICMP allowed") 22 | } else { 23 | log.Println("[-] ICMP blocked") 24 | } 25 | default: 26 | cmd := exec.Command("ping", "-c", "1", "114.114.114.114") 27 | out, err := cmd.CombinedOutput() 28 | if err != nil { 29 | log.Println("[-] ICMP blocked") 30 | } 31 | if strings.Contains(string(out), "ttl") { 32 | log.Println("[*] ICMP allowed") 33 | } else { 34 | log.Println("[-] ICMP blocked") 35 | } 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /pkg/checkntp/checkntp.go: -------------------------------------------------------------------------------- 1 | package checkntp 2 | 3 | import ( 4 | "log" 5 | "sync" 6 | 7 | "github.com/beevik/ntp" 8 | ) 9 | 10 | func Checkntp(wg *sync.WaitGroup) { 11 | defer wg.Done() 12 | _, err := ntp.Time("52.231.114.183") 13 | if err != nil { 14 | log.Println("[-] NTP protocol(UDP 123) blocked") 15 | return 16 | } 17 | log.Println("[*] UDP 123 can access the internet") 18 | } 19 | -------------------------------------------------------------------------------- /pkg/checksnmp/checksnmp.go: -------------------------------------------------------------------------------- 1 | package checksnmp 2 | 3 | import ( 4 | "bufio" 5 | "fmt" 6 | "log" 7 | "net" 8 | "sync" 9 | "time" 10 | ) 11 | 12 | func Checksnmp(ip string, wg *sync.WaitGroup) { 13 | defer wg.Done() 14 | p := make([]byte, 2048) 15 | to_sent := []byte{0x30, 0x37, 0x02, 0x01, 0x01, 0x04, 0x06, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0xa0, 0x2a, 0x02, 0x04, 0x60, 0x32, 0x86, 0x48, 0x02, 0x01, 0x00, 0x02, 0x01, 0x00, 0x30, 0x1c, 0x30, 0x0c, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x01, 0x04, 0x00, 0x05, 0x00, 0x30, 0x0c, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x02, 0x01, 0x01, 0x07, 0x00, 0x05, 0x00} 16 | conn, err := net.Dial("udp", ip+":161") 17 | conn.SetDeadline(time.Now().Add(1 * time.Second)) 18 | if err != nil { 19 | log.Printf("Some error %v", err) 20 | return 21 | } 22 | fmt.Fprintf(conn, string(to_sent)) 23 | 24 | _, err = bufio.NewReader(conn).Read(p) 25 | if p[3] != 0 { 26 | log.Println("[*] UDP 161 can access the internet") 27 | return 28 | } 29 | log.Println("[-] UDP 161 May blocked") 30 | conn.Close() 31 | return 32 | } 33 | -------------------------------------------------------------------------------- /pkg/checktcp/checktcp.go: -------------------------------------------------------------------------------- 1 | package checktcp 2 | 3 | import ( 4 | "log" 5 | "net" 6 | "sync" 7 | "time" 8 | ) 9 | 10 | func ChecktcpN(address string, port string, checknumPtr *int) { 11 | conn, err := net.DialTimeout("tcp", address+":"+port, 2*time.Second) 12 | if err != nil { 13 | //log.Println("[-] tcp", port, "blocked") 14 | return 15 | } 16 | conn.Close() 17 | log.Println("[*] tcp", port, "can access internet") 18 | *checknumPtr++ 19 | return 20 | } 21 | 22 | func Checktcp(address string, port string, wg *sync.WaitGroup) { 23 | defer wg.Done() 24 | conn, err := net.DialTimeout("tcp", address+":"+port, 1*time.Second) 25 | if err != nil { 26 | log.Println("[-] tcp", port, "blocked") 27 | return 28 | } 29 | conn.Close() 30 | log.Println("[*] tcp", port, "can access internet") 31 | return 32 | } 33 | -------------------------------------------------------------------------------- /pkg/checktcp/checktcpP.go: -------------------------------------------------------------------------------- 1 | package checktcp 2 | 3 | import ( 4 | "log" 5 | "math/rand" 6 | "net/http" 7 | "strconv" 8 | "sync" 9 | "time" 10 | ) 11 | 12 | func CheckALLtcp() { 13 | var slice = make([]int, 65535) 14 | for i := 1; i <= 65535; i++ { 15 | slice[i-1] = i 16 | } 17 | CheckTCP_port_range(slice) 18 | 19 | } 20 | 21 | func testHTTPEgress(port int) bool { 22 | 23 | var scheme string 24 | scheme = "http://" 25 | 26 | url := scheme + "45.79.204.144" + ":" + strconv.Itoa(port) 27 | 28 | transport := &http.Transport{} 29 | 30 | timeout := time.Duration(1000) * time.Second 31 | 32 | client := http.Client{ 33 | Timeout: timeout, 34 | Transport: transport, 35 | } 36 | 37 | resp, err := client.Get(url) 38 | if err != nil { 39 | return false 40 | } 41 | if resp != nil { 42 | log.Printf("[*] tcp %s can access the internet\n", strconv.Itoa(port)) 43 | return true 44 | } 45 | return false 46 | } 47 | 48 | type maxedWaitGroup struct { 49 | current chan int 50 | wg sync.WaitGroup 51 | } 52 | 53 | func (m *maxedWaitGroup) Add() { 54 | m.current <- 1 55 | m.wg.Add(1) 56 | } 57 | 58 | func (m *maxedWaitGroup) Done() { 59 | <-m.current 60 | m.wg.Done() 61 | } 62 | 63 | func (m *maxedWaitGroup) Wait() { 64 | m.wg.Wait() 65 | } 66 | 67 | func CheckDTCP() { 68 | var ports []int = []int{ 69 | 22, 8080, 21, 23, 53, 111, 3389, 4000, 7000, 8000, 8001, 8002, 8003, 8004, 8005, 8006, 8007, 8008, 8009, 8010, 8011, 8012, 8013, 8014, 8015, 8016, 8017, 8018, 8019, 8020, 8021, 8022, 8023, 8024, 8025, 8026, 8027, 8028, 8029, 8030, 8031, 8032, 8033, 8034, 8035, 8036, 8037, 8038, 8039, 8040, 8041, 8042, 8043, 8044, 8045, 8046, 8047, 8048, 8049, 8050, 8051, 8052, 8053, 8054, 8055, 8056, 8057, 8058, 8059, 8060, 8061, 8062, 8063, 8064, 8065, 8066, 8067, 8068, 8069, 8070, 8071, 8072, 8073, 8074, 8075, 8076, 8077, 8078, 8079, 8080, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8092, 8093, 8094, 8095, 8096, 8097, 8098, 8099, 8100, 7, 11, 13, 15, 17, 19, 25, 26, 37, 38, 43, 49, 51, 67, 70, 79, 81, 82, 83, 84, 85, 86, 87, 88, 89, 102, 104, 110, 111, 113, 119, 121, 135, 138, 139, 143, 175, 179, 199, 211, 264, 311, 389, 444, 445, 465, 500, 502, 503, 505, 512, 515, 548, 554, 564, 587, 631, 636, 646, 666, 771, 777, 789, 800, 801, 873, 880, 902, 992, 993, 995, 1000, 1022, 1023, 1024, 1025, 1026, 1027, 1080, 1099, 1177, 1194, 1200, 1201, 1234, 1241, 1248, 1260, 1290, 1311, 1344, 1400, 1433, 1471, 1494, 1505, 1515, 1521, 1588, 1720, 1723, 1741, 1777, 1863, 1883, 1911, 1935, 1962, 1967, 1991, 2000, 2001, 2002, 2020, 2022, 2030, 2049, 2080, 2082, 2083, 2086, 2087, 2096, 2121, 2181, 2222, 2223, 2252, 2323, 2332, 2375, 2376, 2379, 2401, 2404, 2424, 2455, 2480, 2501, 2601, 2628, 3000, 3128, 3260, 3288, 3299, 3306, 3307, 3310, 3333, 3388, 3389, 3390, 3460, 3541, 3542, 3689, 3690, 3749, 3780, 4000, 4022, 4040, 4063, 4064, 4369, 4443, 4444, 4505, 4506, 4567, 4664, 4712, 4730, 4782, 4786, 4840, 4848, 4880, 4911, 4949, 5000, 5001, 5002, 5006, 5007, 5009, 5050, 5084, 5222, 5269, 5357, 5400, 5432, 5555, 5560, 5577, 5601, 5631, 5672, 5678, 5800, 5801, 5900, 5901, 5902, 5903, 5938, 5984, 5985, 5986, 6000, 6001, 6068, 6379, 6488, 6560, 6565, 6581, 6588, 6590, 6664, 6665, 6666, 6667, 6668, 6669, 6998, 7000, 7001, 7005, 7014, 7071, 7077, 7080, 7288, 7401, 7443, 7474, 7493, 7537, 7547, 7548, 7634, 7657, 7777, 7779, 7911, 8112, 8123, 8125, 8126, 8139, 8161, 8200, 8291, 8333, 8334, 8377, 8378, 8443, 8500, 8545, 8554, 8649, 8686, 8800, 8834, 8880, 8883, 8888, 8889, 8983, 9000, 9001, 9002, 9003, 9009, 9010, 9042, 9051, 9080, 9090, 9100, 9151, 9191, 9200, 9295, 9333, 9418, 9443, 9527, 9530, 9595, 9653, 9700, 9711, 9869, 9944, 9981, 9999, 10000, 10001, 10162, 10243, 10333, 11001, 11211, 11300, 11310, 12300, 12345, 13579, 14000, 14147, 14265, 16010, 16030, 16992, 16993, 17000, 18001, 18081, 18245, 18246, 19999, 20000, 20547, 22105, 22222, 23023, 23424, 25000, 25105, 25565, 27015, 27017, 28017, 32400, 33338, 33890, 37215, 37777, 41795, 42873, 45554, 49151, 49152, 49153, 49154, 49155, 50000, 50050, 50070, 50100, 51106, 52869, 55442, 55553, 60001, 60010, 60030, 61613, 61616, 62078, 64738, 70 | } 71 | CheckTCP_port_range(ports) 72 | } 73 | 74 | func CheckTCP_port_range(ports []int) { 75 | //exit checker 76 | quit := false 77 | 78 | allowed_ports_number := 0 79 | 80 | mwg := maxedWaitGroup{ 81 | current: make(chan int, 100), 82 | wg: sync.WaitGroup{}, 83 | } 84 | 85 | for _, port := range ports { 86 | 87 | //check the quit variable and terminate the checking. 88 | //have some bugs I may fix it in the future. 89 | if quit == true { 90 | log.Println("[*] Found more than 3 ports can access the Internet. Stop further testing.") 91 | return 92 | } 93 | 94 | mwg.Add() 95 | 96 | switch { 97 | case (quit == true): 98 | log.Println("[*] Found more than 3 ports can access the Internet. Stop further testing.") 99 | return 100 | default: 101 | go func(p int) { 102 | defer mwg.Done() 103 | time.Sleep(time.Second * time.Duration(rand.Intn(1))) 104 | resp := testHTTPEgress(p) 105 | if resp { 106 | allowed_ports_number++ 107 | } 108 | return 109 | }(port) 110 | } 111 | if allowed_ports_number > 3 { 112 | quit = true 113 | } 114 | 115 | } 116 | // Wait for the work to complete 117 | mwg.Wait() 118 | 119 | } 120 | -------------------------------------------------------------------------------- /pkg/checktftp/checktftp.go: -------------------------------------------------------------------------------- 1 | package checktftp 2 | 3 | import ( 4 | "bufio" 5 | "fmt" 6 | "log" 7 | "net" 8 | "sync" 9 | "time" 10 | ) 11 | 12 | func Checktftp(target string, wg *sync.WaitGroup) { 13 | 14 | defer wg.Done() 15 | 16 | p := make([]byte, 2048) 17 | to_sent := []byte{0x00, 0x01, 0x31, 0x2e, 0x74, 0x78, 0x74, 0x00, 0x6e, 0x65, 0x74, 0x61, 0x73, 0x63, 0x69, 0x69} 18 | conn, err := net.Dial("udp", target+":69") 19 | conn.SetDeadline(time.Now().Add(1 * time.Second)) 20 | if err != nil { 21 | log.Printf("Some error %v", err) 22 | return 23 | } 24 | fmt.Fprintf(conn, string(to_sent)) 25 | 26 | _, err = bufio.NewReader(conn).Read(p) 27 | if p[3] != 0 { 28 | log.Println("[*] UDP 69 can access the internet") 29 | return 30 | } 31 | log.Println("[-] UDP 69 May blocked") 32 | conn.Close() 33 | return 34 | } 35 | --------------------------------------------------------------------------------