├── EHole_darwin.zip ├── Ehole-linux.zip ├── Ehole-win.zip ├── README.md └── images ├── Xnip2020-12-04_14-46-46.png └── Xnip2020-12-04_14-50-38.png /EHole_darwin.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snrt7/EHole/6a7876b902dbc916199c0ec19a06e864233083f4/EHole_darwin.zip -------------------------------------------------------------------------------- /Ehole-linux.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snrt7/EHole/6a7876b902dbc916199c0ec19a06e864233083f4/Ehole-linux.zip -------------------------------------------------------------------------------- /Ehole-win.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snrt7/EHole/6a7876b902dbc916199c0ec19a06e864233083f4/Ehole-win.zip -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # EHole(棱洞)-红队重点攻击系统指纹探测工具 2 | 3 | ## 一、简介: 4 | 5 | ```bash 6 | ______ __ ______ 7 | / ____/___/ /___ ____/_ __/__ ____ _____ ___ 8 | / __/ / __ / __ `/ _ \/ / / _ \/ __ `/ __ `__ \ 9 | / /___/ /_/ / /_/ / __/ / / __/ /_/ / / / / / / 10 | /_____/\__,_/\__, /\___/_/ \___/\__,_/_/ /_/ /_/ 11 | /____/ https://forum.ywhack.com By:shihuang 12 | ``` 13 | 14 | EHole是一款对资产中重点系统指纹识别的工具,在红队作战中,信息收集是必不可少的环节,如何才能从大量的资产中提取有用的系统(如OA、VPN、Weblogic...)。EHole旨在帮助红队人员在信息收集期间能够快速从C段、大量杂乱的资产中精准定位到易被攻击的系统,从而实施进一步攻击。 15 | 16 | ## 二、使用: 17 | 18 | 配合[红队中易被攻击的一些重点系统漏洞整理]食用效果更佳:https://forum.ywhack.com/thread-114777-1-1.html 19 | 20 | ```bash 21 | EHole version: 0.0.1 22 | Usage: nginx [-f|-l] [parameter] 23 | 24 | Options: 25 | -f string 26 | Fofa searches for assets , supports IP and IP segments。(192.168.1.1 | 192.168.1.0/24) 27 | -h this help 28 | -l string 29 | Probe based on local file 30 | ``` 31 | 32 | EHole提供了**两种**指纹识别方式,可从本地读取识别,也可以从FOFA进行批量调用API识别(需要FOFA密钥)。 33 | 34 | **1.本地识别:** 35 | 36 | ```bash 37 | EHole -l url.txt 38 | ``` 39 | 40 | PS:URL.txt内每行一个地址,需带上协议。 41 | 42 | **2.FOFA识别:** 43 | 44 | 注意:从FOFA识别需要配置FOFA 密钥以及邮箱,在config.ini内配置好密钥以及邮箱即可使用。 45 | 46 | ```bash 47 | Email=webmaster@chinacrack.com 48 | Fofa_token=xxx 49 | ``` 50 | 51 | ```bash 52 | EHole -f 192.168.1.1/24 //支持单IP或IP段 53 | ``` 54 | 55 | ## 三、效果: 56 | 57 | **1.本地识别:** 58 | 59 | ![Xnip2020-12-04_14-46-46](images/Xnip2020-12-04_14-46-46.png) 60 | 61 | **2.fofa识别:** 62 | 63 | ![Xnip2020-12-04_14-50-38](images/Xnip2020-12-04_14-50-38.png) 64 | 65 | 66 | 67 | 68 | -------------------------------------------------------------------------------- /images/Xnip2020-12-04_14-46-46.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snrt7/EHole/6a7876b902dbc916199c0ec19a06e864233083f4/images/Xnip2020-12-04_14-46-46.png -------------------------------------------------------------------------------- /images/Xnip2020-12-04_14-50-38.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Snrt7/EHole/6a7876b902dbc916199c0ec19a06e864233083f4/images/Xnip2020-12-04_14-50-38.png --------------------------------------------------------------------------------