├── README.md ├── main.exe ├── main.go └── xray.go /README.md: -------------------------------------------------------------------------------- 1 | # fxr 2 | 使用fscan联动Xray 3 | ## 简介 4 | 一款可以提取fscan扫描后的url,将url和xray进行联动扫描的工具,先提取fscan的http开头的url,然后进行去重,再利用xray进行批量扫描 5 | ## 用法 6 | * 将fscan扫描完后的result.txt放在工具的同一级目录下 7 | * 将xray_windows_amd64.exe工具也放在同级目录下 8 | * 将xray的poc放在本地目录下(pocs的地址:https://github.com/chaitin/xray/tree/master/pocs) 9 | 10 | ![image](https://user-images.githubusercontent.com/82979945/127308592-bb4adcce-740c-4ab5-83b9-0b8b8781a72a.png) 11 | 12 | ## 运行截图 13 | 14 | **在运行的同时,会产生一个test.txt文件,该文件是从fscan提取出来去重后的文件,以及运行结束会产生一个xray的html文件** 15 | 16 | ![image](https://user-images.githubusercontent.com/82979945/127308469-f28fb824-3497-4b6d-bf39-f9268cf6008d.png) 17 | 18 | ![image](https://user-images.githubusercontent.com/82979945/127308766-cab3c9fb-9f8b-48d4-bb5d-8658daf8e88a.png) 19 | -------------------------------------------------------------------------------- /main.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dqcostin/fxr/a5b548ef494ae3cb437681fdce13d62144b19a2e/main.exe -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "io" 6 | "io/ioutil" 7 | "os" 8 | "regexp" 9 | ) 10 | 11 | func main() { 12 | content := getContent("./result.txt") 13 | //removeDuplicate(content) 14 | str := CutValue(content) 15 | //fmt.Println(str) 16 | remove := removeDuplicate(str) 17 | //fmt.Println(remove) 18 | var filename = "./test.txt" 19 | var f *os.File 20 | for _, in := range remove { 21 | // fmt.Println(in) 22 | if checkFileIsExist(filename) { //如果文件存在 23 | f, _ = os.OpenFile(filename, os.O_APPEND, 0666) //打开文件 24 | fmt.Println("文件存在") 25 | } else { 26 | f, _ = os.Create(filename) //创建文件 27 | fmt.Println("文件不存在") 28 | } 29 | defer f.Close() 30 | n, err1 := io.WriteString(f, in+"\r\n") //写入文件(字符串) 31 | if err1 != nil { 32 | panic(err1) 33 | } 34 | 35 | fmt.Printf("写入 %d 个字节n", n) 36 | } 37 | xray() 38 | } 39 | 40 | func getContent(filename string) string { 41 | f, err := os.Open(filename) 42 | if err != nil { 43 | fmt.Println("read file fail", err) 44 | return "" 45 | } 46 | defer f.Close() 47 | 48 | fd, err := ioutil.ReadAll(f) 49 | if err != nil { 50 | fmt.Println("read to fd fail", err) 51 | return "" 52 | } 53 | 54 | return string(fd) 55 | 56 | } 57 | 58 | func CutValue(a string) []string { 59 | regexp, _ := regexp.Compile("[a-z]*://[0-9]*[.][0-9]*[.][0-9]*[.][0-9]*:[0-9]*") 60 | str1 := regexp.FindAllString(a, -1) 61 | return str1 62 | } 63 | 64 | func removeDuplicate(a []string) (ret []string) { 65 | 66 | len1 := len(a) 67 | for i := 0; i < len1; i++ { 68 | if (i > 0 && a[i-1] == a[i]) || len(a[i]) == 0 { 69 | continue 70 | } 71 | ret = append(ret, a[i]) 72 | } 73 | return 74 | } 75 | 76 | func checkFileIsExist(filename string) bool { 77 | if _, err := os.Stat(filename); os.IsNotExist(err) { 78 | return false 79 | } 80 | return true 81 | } 82 | -------------------------------------------------------------------------------- /xray.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "bufio" 5 | "bytes" 6 | "fmt" 7 | "io" 8 | "os" 9 | "os/exec" 10 | "syscall" 11 | "time" 12 | ) 13 | 14 | func xray() { 15 | 16 | fi, err := os.Open("./test.txt") 17 | if err != nil { 18 | fmt.Printf("Error: %s\n", err) 19 | return 20 | } 21 | defer fi.Close() 22 | 23 | br := bufio.NewReader(fi) 24 | for { 25 | a, _, c := br.ReadLine() 26 | xray_scan(string(a)) 27 | fmt.Println(string(a)) 28 | if c == io.EOF { 29 | break 30 | } 31 | } 32 | } 33 | 34 | func xray_scan(url string) { 35 | outHtml := fmt.Sprintf("xray_scan_%d.html", time.Now().UnixNano()) 36 | command := exec.Command("./xray_windows_amd64.exe", "webscan", "--poc", "/pocs/*", "--basic-crawler", url, "--html-output", outHtml) 37 | outinfo := bytes.Buffer{} 38 | command.Stdout = &outinfo 39 | err := command.Start() 40 | if err != nil { 41 | fmt.Println(err.Error()) 42 | } 43 | if err = command.Wait(); err != nil { 44 | fmt.Println(err.Error()) 45 | } else { 46 | fmt.Println(command.ProcessState.Pid()) 47 | fmt.Println(command.ProcessState.Sys().(syscall.WaitStatus).ExitCode) 48 | fmt.Println(outinfo.String()) 49 | } 50 | } 51 | --------------------------------------------------------------------------------