├── LICENSE ├── README.md ├── core ├── cli │ ├── completer.go │ └── executor.go ├── enum │ ├── brute.go │ ├── ftp.go │ ├── goftp │ │ ├── ftp.go │ │ └── status.go │ ├── javadebug.go │ ├── mongodb.go │ ├── mssql.go │ ├── mysql.go │ ├── plugins.go │ ├── postgres.go │ ├── rdp.go │ ├── redis.go │ ├── smb.go │ ├── snmp.go │ └── ssh.go ├── model │ ├── model.go │ └── model_scans.go ├── scan │ ├── port.go │ ├── proberbyte │ │ └── proberbyte.go │ ├── rewg.go │ └── vscan.go └── utils │ ├── dic.go │ ├── logger.go │ ├── net.go │ ├── utils.go │ └── var.go ├── demo.png ├── go.mod ├── go.sum ├── main.go ├── nworld.jpg ├── pass.txt ├── pocversion ├── res.txt ├── taichi-pocs.zip ├── taichiversion ├── test ├── livescan.png ├── poc.gif └── port.gif ├── url.txt ├── user.txt ├── version └── webchat.png /LICENSE: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc., 5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Lesser General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License along 307 | with this program; if not, write to the Free Software Foundation, Inc., 308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 309 | 310 | Also add information on how to contact you by electronic and paper mail. 311 | 312 | If the program is interactive, make it output a short notice like this 313 | when it starts in an interactive mode: 314 | 315 | Gnomovision version 69, Copyright (C) year name of author 316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 317 | This is free software, and you are welcome to redistribute it 318 | under certain conditions; type `show c' for details. 319 | 320 | The hypothetical commands `show w' and `show c' should show the appropriate 321 | parts of the General Public License. Of course, the commands you use may 322 | be called something other than `show w' and `show c'; they could even be 323 | mouse-clicks or menu items--whatever suits your program. 324 | 325 | You should also get your employer (if you work as a programmer) or your 326 | school, if any, to sign a "copyright disclaimer" for the program, if 327 | necessary. Here is a sample; alter the names: 328 | 329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 330 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 331 | 332 | , 1 April 1989 333 | Ty Coon, President of Vice 334 | 335 | This General Public License does not permit incorporating your program into 336 | proprietary programs. If your program is a subroutine library, you may 337 | consider it more useful to permit linking proprietary applications with the 338 | library. If this is what you want to do, use the GNU Lesser General 339 | Public License instead of this License. 340 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # TAICHISUITE 2 | ## 簡介 3 | 基於go語言實現的高交互滲透測試框架,已實現如下功能: 4 | 1、"RDP","JAVADEBUG","REDIS", "FTP", "SNMP", "POSTGRESQL", "SSH", "MONGO", "SMB", "MSSQL", "MYSQL", "ELASTICSEARCH"服務的弱口令掃描; 5 | 2、敏感路徑掃描(基於字典) 6 | 3、子域名掃描(基於字典) 7 | 4、增加poc模塊(已更新700+poc) 8 | 5、url存活檢測 9 | 6、端口掃描&服務識別 10 | ![TAIJI](https://github.com/sulab999/Taichi/raw/main/demo.png "demo") 11 | ## 編譯運行 12 | 1、安裝第三方庫(命令:go get xxx) 13 | 2、go run main.go 14 | 3、編譯 15 | go build 16 | 17 | ## 基本使用 18 | 1.加載模塊 19 | load <模塊> <協議> 20 | e.g: 21 | load portscan 22 | load burt ftp 23 | 2.設置參數 24 | set ip/file xxx 25 | 3.展示參數 26 | show 27 | 4.運行 28 | go 29 | 30 | ## 端口掃描 31 | 1.load portscan 32 | 2.set ip 127.0.0.1 33 | 可設置文件 set file xxx.txt 34 | c段 set ip 192.168.1.1-255 35 | 3.go 36 | 37 | ## 敏感路徑掃描(需要本地有urldic.txt) 38 | 1.load urlscan 39 | 2.set ip/domain xxx 40 | 3.go 41 | 42 | ## 子域名掃描(需要本地有subdic.txt) 43 | 1.load subscan 44 | 2.set domain http://xxx.cn 45 | 3.go 46 | 47 | ## url存活掃描 48 | ![TAICHI](https://github.com/sulab999/Taichi/blob/main/test/livescan.png) 49 | 1.load urlscan live 50 | 2.set file url.txt 51 | 3.go 52 | 53 | ## poc功能 54 | 本地創建taichi-pocs文件夾,用於存放yml文件 55 | 1.poc 56 | 2.init(首次使用或新增poc時) 57 | 3.show 58 | 4.use xxx 或set xxx(poc) 59 | 5.set ip/url xxx 60 | 6.go 61 | 掃描結束後,生成的報告在reports文件夾中 62 | 63 | ## 更新: 64 | 後期更新見realse 65 | v0.1 66 | 1、已實現端口掃描和爆破模塊 67 | ## 交流一下啊 68 | ![TAICHI](https://github.com/sulab999/Taichi/blob/main/webchat.png) 69 | 70 | # 免責聲明 71 | 該程序及其相關技術僅用於安全自查檢測。 72 | 73 | 由於傳播、利用此程序所提供的信息而造成的任何直接或者間接的後果及損失,均由使用者本人負責,作者不為此承擔任何責任。 74 | 75 | 本人擁有對此程序的修改和解釋權。未經網絡安全部門及相關部門允許,不得善自使用本程序進行任何攻擊活動,不得以任何方式將其用於商業目的。 76 | 77 | 下載地址:https://github.com/sulab999/Taichi/releases/tag/v0.5 78 | -------------------------------------------------------------------------------- /core/cli/completer.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import ( 4 | "strings" 5 | 6 | "github.com/c-bata/go-prompt" 7 | ) 8 | 9 | func excludeOptions(args []string) []string { 10 | ret := make([]string, 0, len(args)) 11 | for i := range args { 12 | if !strings.HasPrefix(args[i], "-") { 13 | ret = append(ret, args[i]) 14 | } 15 | } 16 | return ret 17 | } 18 | 19 | func Completer2(d prompt.Document) []prompt.Suggest { 20 | if d.TextBeforeCursor() == "" { 21 | return []prompt.Suggest{} 22 | } 23 | args := strings.Split(d.TextBeforeCursor(), " ") 24 | 25 | for i := range args { 26 | if args[i] == "|" { 27 | return []prompt.Suggest{} 28 | } 29 | } 30 | return argumentsCompleter2(d, excludeOptions(args)) 31 | 32 | } 33 | 34 | func Completer3(d prompt.Document) []prompt.Suggest { 35 | if d.TextBeforeCursor() == "" { 36 | return []prompt.Suggest{} 37 | } 38 | args := strings.Split(d.TextBeforeCursor(), " ") 39 | 40 | for i := range args { 41 | if args[i] == "|" { 42 | return []prompt.Suggest{} 43 | } 44 | } 45 | return argumentsCompleter3(d, excludeOptions(args)) 46 | 47 | } 48 | 49 | func Completer(d prompt.Document) []prompt.Suggest { 50 | if d.TextBeforeCursor() == "" { 51 | return []prompt.Suggest{} 52 | } 53 | args := strings.Split(d.TextBeforeCursor(), " ") 54 | 55 | for i := range args { 56 | if args[i] == "|" { 57 | return []prompt.Suggest{} 58 | } 59 | } 60 | return argumentsCompleter2(d, excludeOptions(args)) 61 | } 62 | 63 | var commands = []prompt.Suggest{ 64 | 65 | {Text: "load", Description: "加載模塊."}, 66 | {Text: "portscan", Description: "端口掃描."}, 67 | {Text: "show", Description: "顯示設置信息"}, 68 | {Text: "set", Description: "設置參數"}, 69 | {Text: "help", Description: "幫助"}, 70 | {Text: "exit", Description: "退出"}, 71 | } 72 | 73 | func argumentsCompleter3(d prompt.Document, args []string) []prompt.Suggest { 74 | s := []prompt.Suggest{ 75 | {Text: "load", Description: "加載模塊"}, 76 | {Text: "show", Description: "顯示設置信息"}, 77 | {Text: "set", Description: "設置參數"}, 78 | {Text: "go", Description: "執行"}, 79 | {Text: "help", Description: "幫助"}, 80 | } 81 | if len(args) <= 1 { 82 | return prompt.FilterHasPrefix(s, args[0], true) 83 | } 84 | 85 | first := args[0] 86 | switch first { 87 | 88 | case "set": 89 | if len(args) == 2 { 90 | subcommands := setParse2() 91 | return prompt.FilterHasPrefix(subcommands, args[1], true) 92 | } 93 | case "load": 94 | if len(args) == 2 { 95 | subcommands := loadParse() 96 | return prompt.FilterHasPrefix(subcommands, args[1], true) 97 | } 98 | 99 | if len(args) == 3 { 100 | switch args[1] { 101 | case "burst": 102 | subcommands := loadParse2() 103 | return prompt.FilterHasPrefix(subcommands, args[2], true) 104 | } 105 | } 106 | default: 107 | return []prompt.Suggest{} 108 | } 109 | 110 | return []prompt.Suggest{} 111 | } 112 | 113 | func argumentsCompleter2(d prompt.Document, args []string) []prompt.Suggest { 114 | s := []prompt.Suggest{ 115 | {Text: "load", Description: "加載模塊"}, 116 | {Text: "show", Description: "顯示設置信息"}, 117 | {Text: "set", Description: "設置參數"}, 118 | {Text: "go", Description: "執行"}, 119 | {Text: "help", Description: "幫助"}, 120 | } 121 | if len(args) <= 1 { 122 | return prompt.FilterHasPrefix(s, args[0], true) 123 | } 124 | 125 | first := args[0] 126 | switch first { 127 | 128 | case "set": 129 | if len(args) == 2 { 130 | subcommands := setParse() 131 | return prompt.FilterHasPrefix(subcommands, args[1], true) 132 | } 133 | case "load": 134 | if len(args) == 2 { 135 | subcommands := loadParse() 136 | return prompt.FilterHasPrefix(subcommands, args[1], true) 137 | } 138 | 139 | if len(args) == 3 { 140 | switch args[1] { 141 | case "burst": 142 | subcommands := loadParse2() 143 | return prompt.FilterHasPrefix(subcommands, args[2], true) 144 | } 145 | } 146 | default: 147 | return []prompt.Suggest{} 148 | } 149 | 150 | return []prompt.Suggest{} 151 | } 152 | 153 | func loadParse() []prompt.Suggest { 154 | subcommands := []prompt.Suggest{ 155 | {Text: "portscan", Description: "端口掃描"}, 156 | {Text: "urlscan", Description: "路径扫描"}, 157 | {Text: "subscan", Description: "子域名扫描"}, 158 | {Text: "burst", Description: "爆破"}, 159 | {Text: "new", Description: "..."}, 160 | } 161 | return subcommands 162 | } 163 | 164 | func loadParse2() []prompt.Suggest { 165 | subcommands := []prompt.Suggest{ 166 | {Text: "ftp", Description: "ftp爆破"}, 167 | {Text: "ssh", Description: "ssh爆破"}, 168 | {Text: "mysql", Description: "mysql爆破"}, 169 | {Text: "3389", Description: "3389爆破"}, 170 | {Text: "new", Description: "..."}, 171 | } 172 | return subcommands 173 | } 174 | 175 | func setParse() []prompt.Suggest { 176 | subcommands := []prompt.Suggest{ 177 | {Text: "ip", Description: "設置ip"}, 178 | {Text: "file", Description: "設置文件"}, 179 | } 180 | return subcommands 181 | } 182 | 183 | func setParse2() []prompt.Suggest { 184 | subcommands := []prompt.Suggest{ 185 | {Text: "ip", Description: "設置ip"}, 186 | {Text: "file", Description: "設置文件"}, 187 | {Text: "port", Description: "設置端口(不設置就使用默認端口)"}, 188 | } 189 | return subcommands 190 | } 191 | -------------------------------------------------------------------------------- /core/cli/executor.go: -------------------------------------------------------------------------------- 1 | package cli 2 | 3 | import ( 4 | "fmt" 5 | "io/ioutil" 6 | "os" 7 | "regexp" 8 | "strconv" 9 | "strings" 10 | "sulab/core/enum" 11 | "sulab/core/model" 12 | "sulab/core/scan" 13 | "sulab/core/utils" 14 | "time" 15 | 16 | "github.com/c-bata/go-prompt" 17 | "github.com/olekukonko/tablewriter" 18 | ) 19 | 20 | var LivePrefixState struct { 21 | LivePrefix string 22 | IsEnable bool 23 | } 24 | var Kindstring struct { 25 | SetKind string 26 | } 27 | 28 | func ChangeLivePrefix() (string, bool) { 29 | return LivePrefixState.LivePrefix, LivePrefixState.IsEnable 30 | } 31 | func Executor(s string) { 32 | 33 | if s == "" { 34 | LivePrefixState.IsEnable = false 35 | LivePrefixState.LivePrefix = s 36 | return 37 | } 38 | 39 | cmd, args := utils.ParseCmd(s) 40 | 41 | switch cmd { 42 | case "load": 43 | cmdLoad(args) 44 | 45 | case "help": 46 | cmdHelp() 47 | case "exit", "quit": 48 | os.Exit(0) 49 | return 50 | case "": 51 | default: 52 | return 53 | } 54 | 55 | } 56 | 57 | func Executor2(s string) { 58 | 59 | cmd, args := utils.ParseCmd(s) 60 | 61 | switch cmd { 62 | case "load": 63 | cmdLoad(args) 64 | case "show": 65 | cmdShow2(args) 66 | case "set": 67 | cmdSet2(args) 68 | case "help": 69 | cmdHelp2() 70 | case "go": 71 | cmdPortscan2() 72 | 73 | case "exit", "quit": 74 | os.Exit(0) 75 | return 76 | case "": 77 | default: 78 | return 79 | } 80 | 81 | } 82 | 83 | func Executor3(s string) { 84 | 85 | cmd, args := utils.ParseCmd(s) 86 | 87 | switch cmd { 88 | case "load": 89 | cmdLoad(args) 90 | case "show": 91 | cmdShow3(args) 92 | case "set": 93 | cmdSet3(args) 94 | case "help": 95 | cmdHelp2() 96 | case "go": 97 | 98 | switch Kindstring.SetKind { 99 | case "ftp": 100 | cmdFtpburst() 101 | case "ssh": 102 | cmdSshburst() 103 | case "mongodb": 104 | cmdMongodbburst() 105 | case "mssql": 106 | cmdMssqlburst() 107 | case "mysql": 108 | cmdMysqlburst() 109 | case "postgres": 110 | cmdPostgresburst() 111 | case "redis": 112 | cmdRedisburst() 113 | case "smb": 114 | cmdSmbburst() 115 | case "javadebug": 116 | cmdJavadebugburst() 117 | case "rdp": 118 | cmdRdpburst() 119 | case "snmp": 120 | cmdSnmpburst() 121 | } 122 | 123 | case "exit", "quit": 124 | os.Exit(0) 125 | return 126 | case "": 127 | default: 128 | return 129 | } 130 | 131 | } 132 | 133 | func cmdHelp2() { 134 | 135 | data := [][]string{ 136 | []string{"load moudel", "加載模塊", "load "}, 137 | []string{"set ip", "設置ip", "set ip xxx.xxx.xxx.xxx"}, 138 | 139 | []string{"set file", "設置文件", "set file url.txt"}, 140 | []string{"show", "顯示參數", "show"}, 141 | []string{"go", "開始執行", "go"}, 142 | []string{"exit", "退出", "exit"}, 143 | } 144 | 145 | table := tablewriter.NewWriter(os.Stdout) 146 | table.SetHeader([]string{"command", "description", "example"}) 147 | table.SetAlignment(3) 148 | table.SetAutoWrapText(true) 149 | table.AppendBulk(data) 150 | table.Render() 151 | } 152 | func cmdHelp() { 153 | utils.Config.Log.LogInfo("Taiji Penetration Test Framework") 154 | utils.Config.Log.LogInfo("Available commands:") 155 | 156 | data := [][]string{ 157 | []string{"Load", "加載模塊", "load <模塊>"}, 158 | []string{"Set", "設置參數", "set "}, 159 | 160 | []string{"Show", "顯示設置信息", "show"}, 161 | []string{"Go", "執行", "go"}, 162 | []string{"Help", "幫助", "help"}, 163 | 164 | []string{"Exit", "退出", "exit"}, 165 | } 166 | 167 | table := tablewriter.NewWriter(os.Stdout) 168 | table.SetHeader([]string{"Area", "Command", "Syntax"}) 169 | table.SetAlignment(3) 170 | table.SetAutoWrapText(true) 171 | table.AppendBulk(data) 172 | table.Render() 173 | } 174 | 175 | func cmdLoad(args []string) bool { 176 | 177 | kind, args := utils.ParseNextArg(args) 178 | 179 | switch kind { 180 | 181 | case "portscan": 182 | 183 | p := prompt.New( 184 | Executor2, 185 | Completer2, 186 | prompt.OptionPrefix("[Taiji] > portscan > "), 187 | prompt.OptionInputTextColor(prompt.White), 188 | ) 189 | p.Run() 190 | return true 191 | case "burst": 192 | switch args[0] { 193 | 194 | case "ftp": 195 | Kindstring.SetKind = "ftp" 196 | p := prompt.New( 197 | Executor3, 198 | Completer3, 199 | prompt.OptionPrefix("[Taiji] > ftpburst > "), 200 | prompt.OptionInputTextColor(prompt.White), 201 | ) 202 | p.Run() 203 | return true 204 | case "ssh": 205 | Kindstring.SetKind = "ssh" 206 | p := prompt.New( 207 | Executor3, 208 | Completer3, 209 | prompt.OptionPrefix("[Taiji] > sshburst > "), 210 | prompt.OptionInputTextColor(prompt.White), 211 | ) 212 | p.Run() 213 | return true 214 | } 215 | 216 | case "urlscan": 217 | 218 | p := prompt.New( 219 | Executor2, 220 | Completer2, 221 | prompt.OptionPrefix("[Taiji] > urlscan > "), 222 | prompt.OptionInputTextColor(prompt.White), 223 | ) 224 | p.Run() 225 | return true 226 | 227 | case "subscan": 228 | 229 | return true 230 | 231 | } 232 | 233 | return true 234 | } 235 | 236 | func cmdPortscan2() { 237 | filename := "portresult.txt" 238 | 239 | _, err := os.Stat(filename) 240 | if err == nil { 241 | os.Remove(filename) 242 | } 243 | 244 | var ips []string 245 | hosts := model.GetAllHosts(utils.Config.DB) 246 | 247 | start := time.Now() 248 | for _, h := range hosts { 249 | if h.Step == model.NEW.String() || h.Address != "" { 250 | 251 | ips = scan.ScanAllPort(h.Address) 252 | } 253 | } 254 | 255 | scan.GetProbes(ips) 256 | elapsed := time.Since(start) 257 | fmt.Println("該函數執行完成耗時:", elapsed) 258 | model.DelHosts(utils.Config.DB) 259 | model.DelPorts(utils.Config.DB) 260 | } 261 | 262 | func cmdFtpburst() { 263 | filename := "res.txt" 264 | 265 | _, err := os.Stat(filename) 266 | if err == nil { 267 | os.Remove(filename) 268 | } 269 | 270 | hosts := model.GetAllHosts(utils.Config.DB) 271 | 272 | var ips []string 273 | start := time.Now() 274 | for _, h := range hosts { 275 | if h.Step == model.NEW.String() || h.Address != "" { 276 | 277 | ips = append(ips, h.Address) 278 | } 279 | } 280 | 281 | enum.FtpScan("FTP", ips) 282 | 283 | elapsed := time.Since(start) 284 | fmt.Println("該函數執行完成耗時:", elapsed) 285 | model.DelHosts(utils.Config.DB) 286 | model.DelPorts(utils.Config.DB) 287 | 288 | } 289 | 290 | func cmdSshburst() { 291 | filename := "res.txt" 292 | 293 | _, err := os.Stat(filename) 294 | if err == nil { 295 | os.Remove(filename) 296 | } 297 | 298 | hosts := model.GetAllHosts(utils.Config.DB) 299 | var ips []string 300 | start := time.Now() 301 | for _, h := range hosts { 302 | if h.Step == model.NEW.String() || h.Address != "" { 303 | 304 | ips = append(ips, h.Address) 305 | } 306 | } 307 | enum.SshScan("SSH", ips) 308 | 309 | elapsed := time.Since(start) 310 | fmt.Println("該函數執行完成耗時:", elapsed) 311 | model.DelHosts(utils.Config.DB) 312 | model.DelPorts(utils.Config.DB) 313 | 314 | } 315 | 316 | func cmdMongodbburst() { 317 | filename := "res.txt" 318 | 319 | _, err := os.Stat(filename) 320 | if err == nil { 321 | os.Remove(filename) 322 | } 323 | 324 | hosts := model.GetAllHosts(utils.Config.DB) 325 | var ips []string 326 | start := time.Now() 327 | for _, h := range hosts { 328 | if h.Step == model.NEW.String() || h.Address != "" { 329 | ips = append(ips, h.Address) 330 | } 331 | } 332 | enum.MongodbScan("MONGO", ips) 333 | 334 | elapsed := time.Since(start) 335 | fmt.Println("該函數執行完成耗時:", elapsed) 336 | model.DelHosts(utils.Config.DB) 337 | model.DelPorts(utils.Config.DB) 338 | 339 | } 340 | 341 | func cmdMssqlburst() { 342 | filename := "res.txt" 343 | 344 | _, err := os.Stat(filename) 345 | if err == nil { 346 | os.Remove(filename) 347 | } 348 | 349 | hosts := model.GetAllHosts(utils.Config.DB) 350 | var ips []string 351 | start := time.Now() 352 | for _, h := range hosts { 353 | if h.Step == model.NEW.String() || h.Address != "" { 354 | ips = append(ips, h.Address) 355 | } 356 | } 357 | enum.MssqlScan("MSSQL", ips) 358 | 359 | elapsed := time.Since(start) 360 | fmt.Println("該函數執行完成耗時:", elapsed) 361 | model.DelHosts(utils.Config.DB) 362 | model.DelPorts(utils.Config.DB) 363 | 364 | } 365 | 366 | func cmdSmbburst() { 367 | filename := "res.txt" 368 | 369 | _, err := os.Stat(filename) 370 | if err == nil { 371 | os.Remove(filename) 372 | } 373 | 374 | hosts := model.GetAllHosts(utils.Config.DB) 375 | var ips []string 376 | start := time.Now() 377 | for _, h := range hosts { 378 | if h.Step == model.NEW.String() || h.Address != "" { 379 | ips = append(ips, h.Address) 380 | } 381 | } 382 | enum.SmbScan("SMB", ips) 383 | 384 | elapsed := time.Since(start) 385 | fmt.Println("該函數執行完成耗時:", elapsed) 386 | model.DelHosts(utils.Config.DB) 387 | model.DelPorts(utils.Config.DB) 388 | 389 | } 390 | 391 | func cmdMysqlburst() { 392 | filename := "res.txt" 393 | 394 | _, err := os.Stat(filename) 395 | if err == nil { 396 | os.Remove(filename) 397 | } 398 | 399 | hosts := model.GetAllHosts(utils.Config.DB) 400 | var ips []string 401 | start := time.Now() 402 | for _, h := range hosts { 403 | if h.Step == model.NEW.String() || h.Address != "" { 404 | ips = append(ips, h.Address) 405 | } 406 | } 407 | enum.MysqlScan("MYSQL", ips) 408 | 409 | elapsed := time.Since(start) 410 | fmt.Println("該函數執行完成耗時:", elapsed) 411 | model.DelHosts(utils.Config.DB) 412 | model.DelPorts(utils.Config.DB) 413 | 414 | } 415 | 416 | func cmdPostgresburst() { 417 | filename := "res.txt" 418 | 419 | _, err := os.Stat(filename) 420 | if err == nil { 421 | os.Remove(filename) 422 | } 423 | 424 | hosts := model.GetAllHosts(utils.Config.DB) 425 | var ips []string 426 | start := time.Now() 427 | for _, h := range hosts { 428 | if h.Step == model.NEW.String() || h.Address != "" { 429 | ips = append(ips, h.Address) 430 | } 431 | } 432 | enum.PostgresScan("POSTGRESQL", ips) 433 | 434 | elapsed := time.Since(start) 435 | fmt.Println("該函數執行完成耗時:", elapsed) 436 | model.DelHosts(utils.Config.DB) 437 | model.DelPorts(utils.Config.DB) 438 | 439 | } 440 | 441 | func cmdRedisburst() { 442 | filename := "res.txt" 443 | 444 | _, err := os.Stat(filename) 445 | if err == nil { 446 | os.Remove(filename) 447 | } 448 | 449 | hosts := model.GetAllHosts(utils.Config.DB) 450 | var ips []string 451 | start := time.Now() 452 | for _, h := range hosts { 453 | if h.Step == model.NEW.String() || h.Address != "" { 454 | ips = append(ips, h.Address) 455 | } 456 | } 457 | enum.RedisScan("REDIS", ips) 458 | 459 | elapsed := time.Since(start) 460 | fmt.Println("該函數執行完成耗時:", elapsed) 461 | model.DelHosts(utils.Config.DB) 462 | model.DelPorts(utils.Config.DB) 463 | 464 | } 465 | 466 | func cmdJavadebugburst() { 467 | filename := "res.txt" 468 | 469 | _, err := os.Stat(filename) 470 | if err == nil { 471 | os.Remove(filename) 472 | } 473 | 474 | hosts := model.GetAllHosts(utils.Config.DB) 475 | var ips []string 476 | start := time.Now() 477 | for _, h := range hosts { 478 | if h.Step == model.NEW.String() || h.Address != "" { 479 | ips = append(ips, h.Address) 480 | } 481 | } 482 | enum.JavadebugScan("JAVADEBUG", ips) 483 | 484 | elapsed := time.Since(start) 485 | fmt.Println("該函數執行完成耗時:", elapsed) 486 | model.DelHosts(utils.Config.DB) 487 | model.DelPorts(utils.Config.DB) 488 | 489 | } 490 | 491 | func cmdRdpburst() { 492 | filename := "res.txt" 493 | 494 | _, err := os.Stat(filename) 495 | if err == nil { 496 | os.Remove(filename) 497 | } 498 | 499 | hosts := model.GetAllHosts(utils.Config.DB) 500 | var ips []string 501 | start := time.Now() 502 | for _, h := range hosts { 503 | if h.Step == model.NEW.String() || h.Address != "" { 504 | ips = append(ips, h.Address) 505 | } 506 | } 507 | enum.RdpScan("RDP", ips) 508 | 509 | elapsed := time.Since(start) 510 | fmt.Println("該函數執行完成耗時:", elapsed) 511 | model.DelHosts(utils.Config.DB) 512 | model.DelPorts(utils.Config.DB) 513 | 514 | } 515 | 516 | func cmdSnmpburst() { 517 | filename := "res.txt" 518 | 519 | _, err := os.Stat(filename) 520 | if err == nil { 521 | os.Remove(filename) 522 | } 523 | 524 | hosts := model.GetAllHosts(utils.Config.DB) 525 | var ips []string 526 | start := time.Now() 527 | for _, h := range hosts { 528 | if h.Step == model.NEW.String() || h.Address != "" { 529 | ips = append(ips, h.Address) 530 | } 531 | } 532 | enum.SnmpScan("SNMP", ips) 533 | 534 | elapsed := time.Since(start) 535 | fmt.Println("該函數執行完成耗時:", elapsed) 536 | model.DelHosts(utils.Config.DB) 537 | model.DelPorts(utils.Config.DB) 538 | 539 | } 540 | 541 | func cmdShow2(args []string) { 542 | 543 | ShowHosts() 544 | 545 | } 546 | 547 | func cmdShow3(args []string) { 548 | 549 | ShowHosts() 550 | ShowPorts2() 551 | } 552 | 553 | func ShowHosts() { 554 | hosts := model.GetAllHosts(utils.Config.DB) 555 | if len(hosts) == 0 { 556 | utils.Config.Log.LogError("No hosts are up!") 557 | return 558 | } 559 | 560 | table := tablewriter.NewWriter(os.Stdout) 561 | table.SetHeader([]string{"Address", "Status", "OS", "Info", "Ports"}) 562 | table.SetRowLine(true) 563 | table.SetAlignment(1) 564 | table.SetAutoWrapText(true) 565 | 566 | for _, h := range hosts { 567 | rAddress := h.Address 568 | rStatus := h.Status 569 | rOS := h.OS 570 | rInfo := h.Info 571 | rPorts := "" 572 | v := []string{rAddress, rStatus, rOS, rInfo, rPorts} 573 | table.Append(v) 574 | } 575 | table.Render() 576 | } 577 | 578 | func ShowPorts2() { 579 | ports := model.GetAllPorts(utils.Config.DB) 580 | 581 | if len(ports) == 0 { 582 | utils.Config.Log.LogError("No ports are up!") 583 | return 584 | } 585 | 586 | table := tablewriter.NewWriter(os.Stdout) 587 | table.SetHeader([]string{"Number", "Port", "Status"}) 588 | table.SetRowLine(true) 589 | 590 | table.SetAlignment(3) 591 | table.SetAutoWrapText(false) 592 | 593 | for _, h := range ports { 594 | rNumber := strconv.Itoa(h.Number) 595 | rPort := h.Protocol 596 | rStatus := h.Status 597 | v := []string{rNumber, rPort, rStatus} 598 | table.Append(v) 599 | } 600 | 601 | table.Render() 602 | } 603 | 604 | func SetUrlFile(fname string) { 605 | 606 | if _, err := os.Stat(fname); os.IsNotExist(err) { 607 | return 608 | } 609 | file, err := ioutil.ReadFile(fname) 610 | if err != nil { 611 | fmt.Println("File reading error", err) 612 | return 613 | } else { 614 | contents := string(file) 615 | 616 | re := regexp.MustCompile(`(?m)^\s*$[\r\n]*|[\r\n]+\s+\z`) 617 | in := re.ReplaceAllString(contents, "") 618 | 619 | in = strings.Replace(in, " ", "", -1) 620 | 621 | lines := strings.Split(in, "\r\n") 622 | fmt.Println(lines) 623 | for _, line := range lines { 624 | model.AddHost(utils.Config.DB, line, "up", model.NEW.String()) 625 | } 626 | } 627 | 628 | } 629 | 630 | func cmdSet3(args []string) { 631 | 632 | if len(args) != 2 { 633 | utils.Config.Log.LogError("Invalid command provided") 634 | return 635 | } 636 | 637 | kind, args := utils.ParseNextArg(args) 638 | src, args := utils.ParseNextArg(args) 639 | 640 | switch kind { 641 | case "file": 642 | 643 | SetUrlFile(src) 644 | case "ip": 645 | ip, parsed := utils.ParseAddress(src) 646 | if parsed == false { 647 | utils.Config.Log.LogError("Invalid address provided") 648 | return 649 | } 650 | utils.Config.Log.LogInfo(fmt.Sprintf("Imported target: %s", ip)) 651 | model.AddHost(utils.Config.DB, ip, "up", model.NEW.String()) 652 | case "port": 653 | port := src 654 | model.AddPort(utils.Config.DB, 1, port, "up") 655 | } 656 | } 657 | 658 | func cmdSet2(args []string) { 659 | 660 | if len(args) != 2 { 661 | utils.Config.Log.LogError("Invalid command provided") 662 | return 663 | } 664 | 665 | kind, args := utils.ParseNextArg(args) 666 | src, args := utils.ParseNextArg(args) 667 | 668 | switch kind { 669 | case "file": 670 | 671 | SetUrlFile(src) 672 | case "ip": 673 | ip, parsed := utils.ParseAddress(src) 674 | if parsed == false { 675 | utils.Config.Log.LogError("Invalid address provided") 676 | return 677 | } 678 | utils.Config.Log.LogInfo(fmt.Sprintf("Imported target: %s", ip)) 679 | model.AddHost(utils.Config.DB, ip, "up", model.NEW.String()) 680 | case "port": 681 | port := src 682 | model.AddPort(utils.Config.DB, 1, port, "up") 683 | } 684 | } 685 | -------------------------------------------------------------------------------- /core/enum/brute.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "sort" 7 | "strconv" 8 | "strings" 9 | "sulab/core/model" 10 | "sulab/core/utils" 11 | "sync" 12 | "time" 13 | 14 | "github.com/cheggaaa/pb/v3" 15 | "github.com/fatih/color" 16 | ) 17 | 18 | var ( 19 | mutex sync.Mutex 20 | successHash map[string]bool 21 | bruteResult map[string]model.Service2 22 | ) 23 | 24 | func saveRes(target model.Service2, h string) { 25 | setTaskHask(h) 26 | _, ok := bruteResult[h] 27 | if !ok { 28 | mutex.Lock() 29 | 30 | color.Cyan("[+] %s %d %s %s \n", target.Ip, target.Port, target.UserName, target.PassWord) 31 | s := fmt.Sprintf("[+] %s %d %s %s \n", target.Ip, target.Port, target.UserName, target.PassWord) 32 | WriteToFile(s, "res.txt") 33 | bruteResult[h] = model.Service2{Ip: target.Ip, Port: target.Port, Protocol: target.Protocol, UserName: target.UserName, PassWord: target.PassWord} 34 | mutex.Unlock() 35 | } 36 | } 37 | func in(target string, str_array []string) bool { 38 | 39 | sort.Strings(str_array) 40 | 41 | index := sort.SearchStrings(str_array, target) 42 | 43 | if index < len(str_array) && str_array[index] == target { 44 | 45 | return true 46 | 47 | } 48 | 49 | return false 50 | 51 | } 52 | 53 | func runBrute(taskChan chan model.Service2, wg *sync.WaitGroup) { 54 | for target := range taskChan { 55 | 56 | protocol := strings.ToUpper(target.Protocol) 57 | 58 | var k string 59 | protocol_list := []string{"RDP", "JAVADEBUG", "REDIS", "FTP", "SNMP", "POSTGRESQL", "SSH", "MONGO", "SMB", "MSSQL", "MYSQL", "ELASTICSEARCH"} 60 | result := in(protocol, protocol_list) 61 | if result { 62 | k = fmt.Sprintf("%v-%v-%v", target.Ip, target.Port, target.Protocol) 63 | } else { 64 | k = fmt.Sprintf("%v-%v-%v", target.Ip, target.Port, target.UserName) 65 | } 66 | 67 | h := utils.MakeTaskHash(k) 68 | if checkTashHash(h) { 69 | wg.Done() 70 | continue 71 | } 72 | 73 | res, err := ScanFuncMap[protocol](target.Ip, strconv.Itoa(target.Port), target.UserName, target.PassWord) 74 | if err == nil && res == true { 75 | saveRes(target, h) 76 | } else { 77 | 78 | } 79 | wg.Done() 80 | } 81 | 82 | } 83 | 84 | func RunTask(scanTasks []model.Service2, thread int) { 85 | 86 | wg := &sync.WaitGroup{} 87 | 88 | successHash = make(map[string]bool) 89 | bruteResult = make(map[string]model.Service2) 90 | 91 | taskChan := make(chan model.Service2, thread*2) 92 | 93 | for i := 0; i < thread; i++ { 94 | go runBrute(taskChan, wg) 95 | 96 | } 97 | 98 | bar := pb.StartNew(len(scanTasks)) 99 | 100 | for _, task := range scanTasks { 101 | wg.Add(1) 102 | taskChan <- task 103 | bar.Increment() 104 | } 105 | 106 | close(taskChan) 107 | 108 | bar.Finish() 109 | 110 | wg.Wait() 111 | 112 | WriteToFile("全部掃描完成\n", "res.txt") 113 | 114 | color.Red("Scan complete. %d vulnerabilities found! \n", len(bruteResult)) 115 | 116 | } 117 | 118 | func WriteToFile(wireteString, filename string) { 119 | 120 | fd, _ := os.OpenFile(filename, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0644) 121 | buf := []byte(wireteString) 122 | fd.Write(buf) 123 | 124 | } 125 | 126 | func waitTimeout(wg *sync.WaitGroup, timeout time.Duration) bool { 127 | c := make(chan struct{}) 128 | go func() { 129 | defer close(c) 130 | wg.Wait() 131 | }() 132 | select { 133 | case <-c: 134 | return false 135 | case <-time.After(timeout): 136 | return true 137 | } 138 | } 139 | 140 | func GenerateTaskUserPass(addr []model.IpAddr, userList []string) (scanTasks []model.Service2) { 141 | for _, u := range userList { 142 | uk := strings.Split(u, ":") 143 | for _, ip := range addr { 144 | scanTask := model.Service2{Ip: ip.Ip, Port: ip.Port, Protocol: ip.Protocol, UserName: uk[0], PassWord: uk[1]} 145 | scanTasks = append(scanTasks, scanTask) 146 | } 147 | } 148 | return 149 | } 150 | 151 | func GenerateTask(addr []model.IpAddr, userList []string, passList []string) (scanTasks []model.Service2) { 152 | 153 | scanTasks = make([]model.Service2, 0) 154 | 155 | protocol_list := []string{"RDP", "JAVADEBUG", "REDIS", "FTP", "SNMP", "POSTGRESQL", "SSH", "MONGO", "SMB", "MSSQL", "MYSQL", "ELASTICSEARCH"} 156 | 157 | for _, ip := range addr { 158 | result := in(ip.Protocol, protocol_list) 159 | if result { 160 | scanTask := model.Service2{Ip: ip.Ip, Port: ip.Port, Protocol: ip.Protocol, UserName: "", PassWord: ""} 161 | scanTasks = append(scanTasks, scanTask) 162 | } 163 | } 164 | 165 | for _, u := range userList { 166 | for _, p := range passList { 167 | for _, ip := range addr { 168 | scanTask := model.Service2{Ip: ip.Ip, Port: ip.Port, Protocol: ip.Protocol, UserName: u, PassWord: p} 169 | scanTasks = append(scanTasks, scanTask) 170 | } 171 | } 172 | } 173 | 174 | return 175 | } 176 | 177 | func checkTashHash(hash string) bool { 178 | _, ok := successHash[hash] 179 | return ok 180 | } 181 | 182 | func setTaskHask(hash string) { 183 | mutex.Lock() 184 | successHash[hash] = true 185 | mutex.Unlock() 186 | } 187 | -------------------------------------------------------------------------------- /core/enum/ftp.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "sulab/core/utils" 6 | "time" 7 | 8 | "github.com/fatih/color" 9 | "github.com/jlaffaye/ftp" 10 | ) 11 | 12 | func FtpScan(ScanType string, Target []string) { 13 | 14 | ipList := utils.ReadIps(ScanType, Target) 15 | 16 | thread := 1000 17 | userDict, uErr := utils.ReadUserDict("user.txt") 18 | passDict, pErr := utils.ReadUserDict("pass.txt") 19 | if utils.UserPassIsExist() { 20 | 21 | userDict, _ := utils.ReadUserDict("userpass.txt") 22 | scanTasks := GenerateTaskUserPass(ipList, userDict) 23 | color.Cyan("Number of all task : %d", len(scanTasks)) 24 | RunTask(scanTasks, thread) 25 | } else { 26 | if uErr == nil && pErr == nil { 27 | scanTasks := GenerateTask(ipList, userDict, passDict) 28 | color.Cyan("Number of all task : %d", len(scanTasks)) 29 | 30 | RunTask(scanTasks, thread) 31 | } else { 32 | fmt.Println("Read File Err!") 33 | } 34 | } 35 | } 36 | 37 | func ScanFtp(ip string, port string, username string, password string) (result bool, err error) { 38 | conn, err := ftp.DialTimeout(ip+":"+port, time.Second*1) 39 | 40 | if err == nil { 41 | err = conn.Login(username, password) 42 | if err == nil { 43 | result = true 44 | conn.Logout() 45 | } 46 | } 47 | return result, err 48 | } 49 | -------------------------------------------------------------------------------- /core/enum/goftp/ftp.go: -------------------------------------------------------------------------------- 1 | package goftp 2 | 3 | import ( 4 | "bufio" 5 | "crypto/tls" 6 | "errors" 7 | "fmt" 8 | "io" 9 | "log" 10 | "net" 11 | "os" 12 | "regexp" 13 | "strconv" 14 | "strings" 15 | "time" 16 | ) 17 | 18 | var RePwdPath = regexp.MustCompile(`\"(.*)\"`) 19 | 20 | type FTP struct { 21 | conn net.Conn 22 | 23 | addr string 24 | 25 | debug bool 26 | tlsconfig *tls.Config 27 | 28 | reader *bufio.Reader 29 | writer *bufio.Writer 30 | } 31 | 32 | func (ftp *FTP) Close() error { 33 | return ftp.conn.Close() 34 | } 35 | 36 | type ( 37 | WalkFunc func(path string, info os.FileMode, err error) error 38 | 39 | RetrFunc func(r io.Reader) error 40 | ) 41 | 42 | func parseLine(line string) (perm string, t string, filename string) { 43 | for _, v := range strings.Split(line, ";") { 44 | v2 := strings.Split(v, "=") 45 | 46 | switch v2[0] { 47 | case "perm": 48 | perm = v2[1] 49 | case "type": 50 | t = v2[1] 51 | default: 52 | filename = v[1 : len(v)-2] 53 | } 54 | } 55 | return 56 | } 57 | 58 | func (ftp *FTP) Walk(path string, walkFn WalkFunc) (err error) { 59 | /* 60 | if err = walkFn(path, os.ModeDir, nil); err != nil { 61 | if err == filepath.SkipDir { 62 | return nil 63 | } 64 | } 65 | */ 66 | if ftp.debug { 67 | log.Printf("Walking: '%s'\n", path) 68 | } 69 | 70 | var lines []string 71 | 72 | if lines, err = ftp.List(path); err != nil { 73 | return 74 | } 75 | 76 | for _, line := range lines { 77 | _, t, subpath := parseLine(line) 78 | 79 | switch t { 80 | case "dir": 81 | if subpath == "." { 82 | } else if subpath == ".." { 83 | } else { 84 | if err = ftp.Walk(path+subpath+"/", walkFn); err != nil { 85 | return 86 | } 87 | } 88 | case "file": 89 | if err = walkFn(path+subpath, os.FileMode(0), nil); err != nil { 90 | return 91 | } 92 | } 93 | } 94 | 95 | return 96 | } 97 | 98 | func (ftp *FTP) Quit() (err error) { 99 | if _, err := ftp.cmd(StatusConnectionClosing, "QUIT"); err != nil { 100 | return err 101 | } 102 | 103 | ftp.conn.Close() 104 | ftp.conn = nil 105 | 106 | return nil 107 | } 108 | 109 | func (ftp *FTP) Noop() (err error) { 110 | _, err = ftp.cmd(StatusOK, "NOOP") 111 | return 112 | } 113 | 114 | func (ftp *FTP) RawCmd(command string, args ...interface{}) (code int, line string) { 115 | if ftp.debug { 116 | log.Printf("Raw-> %s\n", fmt.Sprintf(command, args...)) 117 | } 118 | 119 | code = -1 120 | var err error 121 | if err = ftp.send(command, args...); err != nil { 122 | return code, "" 123 | } 124 | if line, err = ftp.receive(); err != nil { 125 | return code, "" 126 | } 127 | code, err = strconv.Atoi(line[:3]) 128 | if ftp.debug { 129 | log.Printf("Raw<- <- %d \n", code) 130 | } 131 | return code, line 132 | } 133 | 134 | func (ftp *FTP) cmd(expects string, command string, args ...interface{}) (line string, err error) { 135 | if err = ftp.send(command, args...); err != nil { 136 | return 137 | } 138 | 139 | if line, err = ftp.receive(); err != nil { 140 | return 141 | } 142 | 143 | if !strings.HasPrefix(line, expects) { 144 | err = errors.New(line) 145 | return 146 | } 147 | 148 | return 149 | } 150 | 151 | func (ftp *FTP) Rename(from string, to string) (err error) { 152 | if _, err = ftp.cmd(StatusActionPending, "RNFR %s", from); err != nil { 153 | return 154 | } 155 | 156 | if _, err = ftp.cmd(StatusActionOK, "RNTO %s", to); err != nil { 157 | return 158 | } 159 | 160 | return 161 | } 162 | 163 | func (ftp *FTP) Mkd(path string) error { 164 | _, err := ftp.cmd(StatusPathCreated, "MKD %s", path) 165 | return err 166 | } 167 | 168 | func (ftp *FTP) Rmd(path string) (err error) { 169 | _, err = ftp.cmd(StatusActionOK, "RMD %s", path) 170 | return 171 | } 172 | 173 | func (ftp *FTP) Pwd() (path string, err error) { 174 | var line string 175 | if line, err = ftp.cmd(StatusPathCreated, "PWD"); err != nil { 176 | return 177 | } 178 | 179 | res := RePwdPath.FindAllStringSubmatch(line[4:], -1) 180 | 181 | path = res[0][1] 182 | return 183 | } 184 | 185 | func (ftp *FTP) Cwd(path string) (err error) { 186 | _, err = ftp.cmd(StatusActionOK, "CWD %s", path) 187 | return 188 | } 189 | 190 | func (ftp *FTP) Dele(path string) (err error) { 191 | if err = ftp.send("DELE %s", path); err != nil { 192 | return 193 | } 194 | 195 | var line string 196 | if line, err = ftp.receive(); err != nil { 197 | return 198 | } 199 | 200 | if !strings.HasPrefix(line, StatusActionOK) { 201 | return errors.New(line) 202 | } 203 | 204 | return 205 | } 206 | 207 | func (ftp *FTP) AuthTLS(config *tls.Config) error { 208 | if _, err := ftp.cmd("234", "AUTH TLS"); err != nil { 209 | return err 210 | } 211 | 212 | ftp.tlsconfig = config 213 | 214 | ftp.conn = tls.Client(ftp.conn, config) 215 | ftp.writer = bufio.NewWriter(ftp.conn) 216 | ftp.reader = bufio.NewReader(ftp.conn) 217 | 218 | if _, err := ftp.cmd(StatusOK, "PBSZ 0"); err != nil { 219 | return err 220 | } 221 | 222 | if _, err := ftp.cmd(StatusOK, "PROT P"); err != nil { 223 | return err 224 | } 225 | 226 | return nil 227 | } 228 | 229 | func (ftp *FTP) ReadAndDiscard() (int, error) { 230 | var i int 231 | bufferSize := ftp.reader.Buffered() 232 | for i = 0; i < bufferSize; i++ { 233 | if _, err := ftp.reader.ReadByte(); err != nil { 234 | return i, err 235 | } 236 | } 237 | return i, nil 238 | } 239 | 240 | func (ftp *FTP) Type(t TypeCode) error { 241 | _, err := ftp.cmd(StatusOK, "TYPE %s", t) 242 | return err 243 | } 244 | 245 | type TypeCode string 246 | 247 | const ( 248 | TypeASCII = "A" 249 | 250 | TypeEBCDIC = "E" 251 | 252 | TypeImage = "I" 253 | 254 | TypeLocal = "L" 255 | ) 256 | 257 | func (ftp *FTP) receiveLine() (string, error) { 258 | line, err := ftp.reader.ReadString('\n') 259 | 260 | if ftp.debug { 261 | log.Printf("< %s", line) 262 | } 263 | 264 | return line, err 265 | } 266 | 267 | func (ftp *FTP) receive() (string, error) { 268 | line, err := ftp.receiveLine() 269 | 270 | if err != nil { 271 | return line, err 272 | } 273 | 274 | if (len(line) >= 4) && (line[3] == '-') { 275 | 276 | closingCode := line[:3] + " " 277 | for { 278 | str, err := ftp.receiveLine() 279 | line = line + str 280 | if err != nil { 281 | return line, err 282 | } 283 | if len(str) < 4 { 284 | if ftp.debug { 285 | log.Println("Uncorrectly terminated response") 286 | } 287 | break 288 | } else { 289 | if str[:4] == closingCode { 290 | break 291 | } 292 | } 293 | } 294 | } 295 | ftp.ReadAndDiscard() 296 | 297 | return line, err 298 | } 299 | 300 | func (ftp *FTP) receiveNoDiscard() (string, error) { 301 | line, err := ftp.receiveLine() 302 | 303 | if err != nil { 304 | return line, err 305 | } 306 | 307 | if (len(line) >= 4) && (line[3] == '-') { 308 | 309 | closingCode := line[:3] + " " 310 | for { 311 | str, err := ftp.receiveLine() 312 | line = line + str 313 | if err != nil { 314 | return line, err 315 | } 316 | if len(str) < 4 { 317 | if ftp.debug { 318 | log.Println("Uncorrectly terminated response") 319 | } 320 | break 321 | } else { 322 | if str[:4] == closingCode { 323 | break 324 | } 325 | } 326 | } 327 | } 328 | 329 | return line, err 330 | } 331 | 332 | func (ftp *FTP) send(command string, arguments ...interface{}) error { 333 | if ftp.debug { 334 | log.Printf("> %s", fmt.Sprintf(command, arguments...)) 335 | } 336 | 337 | command = fmt.Sprintf(command, arguments...) 338 | command += "\r\n" 339 | 340 | if _, err := ftp.writer.WriteString(command); err != nil { 341 | return err 342 | } 343 | 344 | if err := ftp.writer.Flush(); err != nil { 345 | return err 346 | } 347 | 348 | return nil 349 | } 350 | 351 | func (ftp *FTP) Pasv() (port int, err error) { 352 | doneChan := make(chan int, 1) 353 | go func() { 354 | defer func() { 355 | doneChan <- 1 356 | }() 357 | var line string 358 | if line, err = ftp.cmd("227", "PASV"); err != nil { 359 | return 360 | } 361 | re := regexp.MustCompile(`\((.*)\)`) 362 | res := re.FindAllStringSubmatch(line, -1) 363 | if len(res) == 0 || len(res[0]) < 2 { 364 | err = errors.New("PasvBadAnswer") 365 | return 366 | } 367 | s := strings.Split(res[0][1], ",") 368 | if len(s) < 2 { 369 | err = errors.New("PasvBadAnswer") 370 | return 371 | } 372 | l1, _ := strconv.Atoi(s[len(s)-2]) 373 | l2, _ := strconv.Atoi(s[len(s)-1]) 374 | 375 | port = l1<<8 + l2 376 | 377 | return 378 | }() 379 | 380 | select { 381 | case _ = <-doneChan: 382 | 383 | case <-time.After(time.Second * 10): 384 | err = errors.New("PasvTimeout") 385 | ftp.Close() 386 | } 387 | 388 | return 389 | } 390 | 391 | func (ftp *FTP) newConnection(port int) (conn net.Conn, err error) { 392 | addr := fmt.Sprintf("%s:%d", strings.Split(ftp.addr, ":")[0], port) 393 | 394 | if ftp.debug { 395 | log.Printf("Connecting to %s\n", addr) 396 | } 397 | 398 | if conn, err = net.Dial("tcp", addr); err != nil { 399 | return 400 | } 401 | 402 | if ftp.tlsconfig != nil { 403 | conn = tls.Client(conn, ftp.tlsconfig) 404 | } 405 | 406 | return 407 | } 408 | 409 | func (ftp *FTP) Stor(path string, r io.Reader) (err error) { 410 | if err = ftp.Type(TypeImage); err != nil { 411 | return 412 | } 413 | 414 | var port int 415 | if port, err = ftp.Pasv(); err != nil { 416 | return 417 | } 418 | 419 | if err = ftp.send("STOR %s", path); err != nil { 420 | return 421 | } 422 | 423 | var pconn net.Conn 424 | if pconn, err = ftp.newConnection(port); err != nil { 425 | return 426 | } 427 | defer pconn.Close() 428 | 429 | var line string 430 | if line, err = ftp.receive(); err != nil { 431 | return 432 | } 433 | 434 | if !strings.HasPrefix(line, StatusFileOK) { 435 | err = errors.New(line) 436 | return 437 | } 438 | 439 | if _, err = io.Copy(pconn, r); err != nil { 440 | return 441 | } 442 | pconn.Close() 443 | 444 | if line, err = ftp.receive(); err != nil { 445 | return 446 | } 447 | 448 | if !strings.HasPrefix(line, StatusClosingDataConnection) { 449 | err = errors.New(line) 450 | return 451 | } 452 | 453 | return 454 | 455 | } 456 | 457 | func (ftp *FTP) Syst() (line string, err error) { 458 | if err := ftp.send("SYST"); err != nil { 459 | return "", err 460 | } 461 | if line, err = ftp.receive(); err != nil { 462 | return 463 | } 464 | if !strings.HasPrefix(line, StatusSystemType) { 465 | err = errors.New(line) 466 | return 467 | } 468 | 469 | return strings.SplitN(strings.TrimSpace(line), " ", 2)[1], nil 470 | } 471 | 472 | var ( 473 | SystemTypeUnixL8 = "UNIX Type: L8" 474 | SystemTypeWindowsNT = "Windows_NT" 475 | ) 476 | 477 | var reSystStatus = map[string]*regexp.Regexp{ 478 | SystemTypeUnixL8: regexp.MustCompile(""), 479 | SystemTypeWindowsNT: regexp.MustCompile(""), 480 | } 481 | 482 | func (ftp *FTP) Stat(path string) ([]string, error) { 483 | if err := ftp.send("STAT %s", path); err != nil { 484 | return nil, err 485 | } 486 | 487 | stat, err := ftp.receive() 488 | if err != nil { 489 | return nil, err 490 | } 491 | if !strings.HasPrefix(stat, StatusFileStatus) && 492 | !strings.HasPrefix(stat, StatusDirectoryStatus) && 493 | !strings.HasPrefix(stat, StatusSystemStatus) { 494 | return nil, errors.New(stat) 495 | } 496 | if strings.HasPrefix(stat, StatusSystemStatus) { 497 | return strings.Split(stat, "\n"), nil 498 | } 499 | lines := []string{} 500 | for _, line := range strings.Split(stat, "\n") { 501 | if strings.HasPrefix(line, StatusFileStatus) { 502 | continue 503 | } 504 | 505 | lines = append(lines, strings.TrimSpace(line)) 506 | 507 | } 508 | 509 | return lines, nil 510 | } 511 | 512 | func (ftp *FTP) Retr(path string, retrFn RetrFunc) (s string, err error) { 513 | if err = ftp.Type(TypeImage); err != nil { 514 | return 515 | } 516 | 517 | var port int 518 | if port, err = ftp.Pasv(); err != nil { 519 | return 520 | } 521 | 522 | if err = ftp.send("RETR %s", path); err != nil { 523 | return 524 | } 525 | 526 | var pconn net.Conn 527 | if pconn, err = ftp.newConnection(port); err != nil { 528 | return 529 | } 530 | defer pconn.Close() 531 | 532 | var line string 533 | if line, err = ftp.receiveNoDiscard(); err != nil { 534 | return 535 | } 536 | 537 | if !strings.HasPrefix(line, StatusFileOK) { 538 | err = errors.New(line) 539 | return 540 | } 541 | 542 | if err = retrFn(pconn); err != nil { 543 | return 544 | } 545 | 546 | pconn.Close() 547 | 548 | if line, err = ftp.receive(); err != nil { 549 | return 550 | } 551 | 552 | if !strings.HasPrefix(line, StatusClosingDataConnection) { 553 | err = errors.New(line) 554 | return 555 | } 556 | 557 | return 558 | } 559 | 560 | /*func GetFilesList(path string) (files []string, err error) { 561 | 562 | }*/ 563 | 564 | func (ftp *FTP) List(path string) (files []string, err error) { 565 | if err = ftp.Type(TypeASCII); err != nil { 566 | return 567 | } 568 | 569 | var port int 570 | if port, err = ftp.Pasv(); err != nil { 571 | return 572 | } 573 | 574 | if err = ftp.send("MLSD %s", path); err != nil { 575 | } 576 | 577 | var pconn net.Conn 578 | if pconn, err = ftp.newConnection(port); err != nil { 579 | return 580 | } 581 | defer pconn.Close() 582 | 583 | var line string 584 | if line, err = ftp.receiveNoDiscard(); err != nil { 585 | return 586 | } 587 | 588 | if !strings.HasPrefix(line, StatusFileOK) { 589 | 590 | if err = ftp.send("LIST %s", path); err != nil { 591 | return 592 | } 593 | 594 | if line, err = ftp.receiveNoDiscard(); err != nil { 595 | return 596 | } 597 | 598 | if !strings.HasPrefix(line, StatusFileOK) { 599 | 600 | err = errors.New(line) 601 | return 602 | } 603 | } 604 | 605 | reader := bufio.NewReader(pconn) 606 | 607 | for { 608 | line, err = reader.ReadString('\n') 609 | if err == io.EOF { 610 | break 611 | } else if err != nil { 612 | return 613 | } 614 | 615 | files = append(files, string(line)) 616 | } 617 | 618 | pconn.Close() 619 | 620 | if line, err = ftp.receive(); err != nil { 621 | return 622 | } 623 | 624 | if !strings.HasPrefix(line, StatusClosingDataConnection) { 625 | err = errors.New(line) 626 | return 627 | } 628 | 629 | return 630 | } 631 | 632 | /* 633 | 634 | 635 | 636 | func (ftp *FTP) SmartLogin(username string, password string) (err error) { 637 | var code int 638 | 639 | code, _ = ftp.RawCmd("NOOP") 640 | 641 | if code == 220 || code == 530 { 642 | 643 | code, _ = ftp.RawCmd("NOOP") 644 | if code == 530 { 645 | 646 | code, _ = ftp.RawCmd("USER %s", username) 647 | code, _ = ftp.RawCmd("NOOP") 648 | if code == 331 { 649 | 650 | code, _ = ftp.RawCmd("PASS %s", password) 651 | code, _ = ftp.RawCmd("PASS %s", password) 652 | if code == 230 { 653 | code, _ = ftp.RawCmd("NOOP") 654 | return 655 | } 656 | } 657 | } 658 | 659 | } 660 | 661 | return ftp.Login(username, password) 662 | } 663 | 664 | */ 665 | 666 | func (ftp *FTP) Login(username string, password string) (err error) { 667 | if _, err = ftp.cmd("331", "USER %s", username); err != nil { 668 | if strings.HasPrefix(err.Error(), "230") { 669 | 670 | err = nil 671 | } else { 672 | return 673 | } 674 | } 675 | 676 | if _, err = ftp.cmd("230", "PASS %s", password); err != nil { 677 | return 678 | } 679 | 680 | return 681 | } 682 | 683 | func Connect(addr string) (*FTP, error) { 684 | var err error 685 | var conn net.Conn 686 | 687 | if conn, err = net.Dial("tcp", addr); err != nil { 688 | return nil, err 689 | } 690 | 691 | writer := bufio.NewWriter(conn) 692 | reader := bufio.NewReader(conn) 693 | 694 | object := &FTP{conn: conn, addr: addr, reader: reader, writer: writer, debug: false} 695 | object.receive() 696 | 697 | return object, nil 698 | } 699 | 700 | func ConnectDbg(addr string) (*FTP, error) { 701 | var err error 702 | var conn net.Conn 703 | 704 | if conn, err = net.Dial("tcp", addr); err != nil { 705 | return nil, err 706 | } 707 | 708 | writer := bufio.NewWriter(conn) 709 | reader := bufio.NewReader(conn) 710 | 711 | var line string 712 | 713 | object := &FTP{conn: conn, addr: addr, reader: reader, writer: writer, debug: true} 714 | line, _ = object.receive() 715 | 716 | log.Print(line) 717 | 718 | return object, nil 719 | } 720 | 721 | func (ftp *FTP) Size(path string) (size int, err error) { 722 | line, err := ftp.cmd("213", "SIZE %s", path) 723 | 724 | if err != nil { 725 | return 0, err 726 | } 727 | 728 | return strconv.Atoi(line[4 : len(line)-2]) 729 | } 730 | -------------------------------------------------------------------------------- /core/enum/goftp/status.go: -------------------------------------------------------------------------------- 1 | package goftp 2 | 3 | const ( 4 | StatusFileOK = "150" 5 | StatusOK = "200" 6 | StatusSystemStatus = "211" 7 | StatusDirectoryStatus = "212" 8 | StatusFileStatus = "213" 9 | StatusConnectionClosing = "221" 10 | StatusSystemType = "215" 11 | StatusClosingDataConnection = "226" 12 | StatusActionOK = "250" 13 | StatusPathCreated = "257" 14 | StatusActionPending = "350" 15 | ) 16 | 17 | var statusText = map[string]string{ 18 | StatusFileOK: "File status okay; about to open data connection", 19 | StatusOK: "Command okay", 20 | StatusSystemStatus: "System status, or system help reply", 21 | StatusDirectoryStatus: "Directory status", 22 | StatusFileStatus: "File status", 23 | StatusConnectionClosing: "Service closing control connection", 24 | StatusSystemType: "System Type", 25 | StatusClosingDataConnection: "Closing data connection. Requested file action successful.", 26 | StatusActionOK: "Requested file action okay, completed", 27 | StatusPathCreated: "Pathname Created", 28 | StatusActionPending: "Requested file action pending further information", 29 | } 30 | 31 | func StatusText(code string) string { 32 | return statusText[code] 33 | } 34 | -------------------------------------------------------------------------------- /core/enum/javadebug.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "net" 6 | "sulab/core/utils" 7 | 8 | "github.com/fatih/color" 9 | ) 10 | 11 | func JavadebugScan(ScanType string, Target []string) { 12 | 13 | ipList := utils.ReadSshIps(ScanType, Target) 14 | thread := 1000 15 | userDict, uErr := utils.ReadUserDict("user.txt") 16 | passDict, pErr := utils.ReadUserDict("pass.txt") 17 | if utils.UserPassIsExist() { 18 | userDict, _ := utils.ReadUserDict("userpass.txt") 19 | scanTasks := GenerateTaskUserPass(ipList, userDict) 20 | color.Cyan("Number of all task : %d", len(scanTasks)) 21 | RunTask(scanTasks, thread) 22 | } else { 23 | if uErr == nil && pErr == nil { 24 | scanTasks := GenerateTask(ipList, userDict, passDict) 25 | color.Cyan("Number of all task : %d", len(scanTasks)) 26 | 27 | RunTask(scanTasks, thread) 28 | } else { 29 | fmt.Println("Read File Err!") 30 | } 31 | } 32 | 33 | } 34 | 35 | func JavaDebug(ip string, port string, username string, password string) (result bool, err error) { 36 | defer func() { 37 | if err := recover(); err != nil { 38 | 39 | return 40 | } 41 | }() 42 | 43 | conn, _ := net.Dial("tcp", ip+":"+port) 44 | 45 | conn.Write([]byte{0x4a, 0x44, 0x57, 0x50, 0x2d, 0x48, 0x61, 0x6e, 0x64, 0x73, 0x68, 0x61, 0x6b, 0x65}) 46 | defer conn.Close() 47 | buffer := make([]byte, 32) 48 | 49 | res, _ := conn.Read(buffer) 50 | 51 | if res == 14 { 52 | result = true 53 | } 54 | return result, err 55 | } 56 | -------------------------------------------------------------------------------- /core/enum/mongodb.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "gopkg.in/mgo.v2" 7 | "sulab/core/utils" 8 | "time" 9 | ) 10 | 11 | func MongodbScan(ScanType string, Target []string) { 12 | 13 | ipList := utils.ReadSshIps(ScanType, Target) 14 | thread := 1000 15 | userDict, uErr := utils.ReadUserDict("user.txt") 16 | passDict, pErr := utils.ReadUserDict("pass.txt") 17 | if utils.UserPassIsExist() { 18 | userDict, _ := utils.ReadUserDict("userpass.txt") 19 | scanTasks := GenerateTaskUserPass(ipList, userDict) 20 | color.Cyan("Number of all task : %d", len(scanTasks)) 21 | RunTask(scanTasks, thread) 22 | } else { 23 | if uErr == nil && pErr == nil { 24 | scanTasks := GenerateTask(ipList, userDict, passDict) 25 | color.Cyan("Number of all task : %d", len(scanTasks)) 26 | 27 | RunTask(scanTasks, thread) 28 | } else { 29 | fmt.Println("Read File Err!") 30 | } 31 | } 32 | 33 | } 34 | 35 | func ScanMongodb(ip string, port string, username string, password string) (result bool, err error) { 36 | timeout := 3 * time.Second 37 | // mongodb url: [mongodb://][user:pass@]host1[:port1][,host2[:port2],...][/database][?options] 38 | // mongodb://myuser:mypass@localhost:40001,otherhost:40001/mydb 39 | mgoUrl := fmt.Sprintf("mongodb://%s:%s@%s:%s/test", username, password, ip, port) 40 | session, err := mgo.DialWithTimeout(mgoUrl, timeout) 41 | if err == nil && session.Ping() == nil { 42 | defer session.Close() 43 | if err == nil && session.Run("serverStatus", nil) == nil { 44 | result = true 45 | } 46 | } 47 | return result, err 48 | } 49 | 50 | func MongoUnauth(ip string, port string) (err error, result bool) { 51 | timeout := 3 * time.Second 52 | session, err := mgo.DialWithTimeout(ip+":"+port, timeout) 53 | defer session.Close() 54 | if err == nil && session.Run("serverStatus", nil) == nil { 55 | result = true 56 | } 57 | return err, result 58 | } 59 | -------------------------------------------------------------------------------- /core/enum/mssql.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "database/sql" 5 | "fmt" 6 | "sulab/core/utils" 7 | 8 | _ "github.com/denisenkom/go-mssqldb" 9 | "github.com/fatih/color" 10 | ) 11 | 12 | func MssqlScan(ScanType string, Target []string) { 13 | 14 | ipList := utils.ReadSshIps(ScanType, Target) 15 | thread := 1000 16 | userDict, uErr := utils.ReadUserDict("user.txt") 17 | passDict, pErr := utils.ReadUserDict("pass.txt") 18 | if utils.UserPassIsExist() { 19 | userDict, _ := utils.ReadUserDict("userpass.txt") 20 | scanTasks := GenerateTaskUserPass(ipList, userDict) 21 | color.Cyan("Number of all task : %d", len(scanTasks)) 22 | RunTask(scanTasks, thread) 23 | } else { 24 | if uErr == nil && pErr == nil { 25 | scanTasks := GenerateTask(ipList, userDict, passDict) 26 | color.Cyan("Number of all task : %d", len(scanTasks)) 27 | 28 | RunTask(scanTasks, thread) 29 | } else { 30 | fmt.Println("Read File Err!") 31 | } 32 | } 33 | 34 | } 35 | func ScanMssql(ip string, port string, username string, password string) (result bool, err error) { 36 | db, err := sql.Open("mssql", "server="+ip+";port="+port+";user id="+username+";password="+password+";database=master") 37 | if err == nil { 38 | defer db.Close() 39 | err = db.Ping() 40 | if err == nil { 41 | result = true 42 | } 43 | } 44 | return result, err 45 | } 46 | -------------------------------------------------------------------------------- /core/enum/mysql.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "database/sql" 5 | "fmt" 6 | "sulab/core/utils" 7 | 8 | "github.com/fatih/color" 9 | 10 | "time" 11 | ) 12 | 13 | func MysqlScan(ScanType string, Target []string) { 14 | 15 | ipList := utils.ReadSshIps(ScanType, Target) 16 | thread := 1000 17 | userDict, uErr := utils.ReadUserDict("user.txt") 18 | passDict, pErr := utils.ReadUserDict("pass.txt") 19 | if utils.UserPassIsExist() { 20 | userDict, _ := utils.ReadUserDict("userpass.txt") 21 | scanTasks := GenerateTaskUserPass(ipList, userDict) 22 | color.Cyan("Number of all task : %d", len(scanTasks)) 23 | RunTask(scanTasks, thread) 24 | } else { 25 | if uErr == nil && pErr == nil { 26 | scanTasks := GenerateTask(ipList, userDict, passDict) 27 | color.Cyan("Number of all task : %d", len(scanTasks)) 28 | 29 | RunTask(scanTasks, thread) 30 | } else { 31 | fmt.Println("Read File Err!") 32 | } 33 | } 34 | 35 | } 36 | func ScanMysql(ip string, port string, username string, password string) (result bool, err error) { 37 | result = false 38 | connStr := fmt.Sprintf("%s:%s@tcp(%s)/?timeout=%ds", username, password, ip+":"+port, time.Second*3) 39 | db, err := sql.Open("mysql", connStr) 40 | if err == nil { 41 | defer db.Close() 42 | err = db.Ping() 43 | if err == nil { 44 | defer db.Close() 45 | result = true 46 | } 47 | } 48 | return result, err 49 | } 50 | -------------------------------------------------------------------------------- /core/enum/plugins.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | type ScanFunc func(ip string, port string, username string, password string) (result bool, err error) 4 | 5 | var ( 6 | ScanFuncMap map[string]ScanFunc 7 | ) 8 | 9 | func init() { 10 | ScanFuncMap = make(map[string]ScanFunc) 11 | ScanFuncMap["FTP"] = ScanFtp 12 | ScanFuncMap["SSH"] = ScanSsh 13 | ScanFuncMap["SMB"] = ScanSmb 14 | ScanFuncMap["MSSQL"] = ScanMssql 15 | ScanFuncMap["MYSQL"] = ScanMysql 16 | ScanFuncMap["POSTGRESQL"] = ScanPostgres 17 | ScanFuncMap["REDIS"] = ScanRedis 18 | 19 | ScanFuncMap["MONGO"] = ScanMongodb 20 | ScanFuncMap["JAVADEBUG"] = JavaDebug 21 | 22 | ScanFuncMap["RDP"] = ScanRdp 23 | 24 | ScanFuncMap["SNMP"] = ScanSnmp 25 | 26 | } 27 | -------------------------------------------------------------------------------- /core/enum/postgres.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "github.com/fatih/color" 5 | _ "github.com/lib/pq" 6 | "sulab/core/utils" 7 | 8 | "database/sql" 9 | "fmt" 10 | ) 11 | 12 | func PostgresScan(ScanType string, Target []string) { 13 | 14 | ipList := utils.ReadSshIps(ScanType, Target) 15 | thread := 1000 16 | userDict, uErr := utils.ReadUserDict("user.txt") 17 | passDict, pErr := utils.ReadUserDict("pass.txt") 18 | if utils.UserPassIsExist() { 19 | userDict, _ := utils.ReadUserDict("userpass.txt") 20 | scanTasks := GenerateTaskUserPass(ipList, userDict) 21 | color.Cyan("Number of all task : %d", len(scanTasks)) 22 | RunTask(scanTasks, thread) 23 | } else { 24 | if uErr == nil && pErr == nil { 25 | scanTasks := GenerateTask(ipList, userDict, passDict) 26 | color.Cyan("Number of all task : %d", len(scanTasks)) 27 | 28 | RunTask(scanTasks, thread) 29 | } else { 30 | fmt.Println("Read File Err!") 31 | } 32 | } 33 | 34 | } 35 | func ScanPostgres(ip string, port string, username string, password string) (result bool, err error) { 36 | // pgurl 37 | pgurl := fmt.Sprintf("postgres://%s:%s@%s:%s/postgres?sslmode=disable", username, password, ip, port) 38 | db, err := sql.Open("postgres", pgurl) 39 | if err != nil { 40 | return false, err 41 | } 42 | defer db.Close() 43 | err = db.Ping() 44 | if err != nil { 45 | return false, err 46 | } else { 47 | return true, err 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /core/enum/rdp.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "sulab/core/utils" 6 | 7 | "github.com/fatih/color" 8 | "github.com/icodeface/grdp" 9 | "github.com/icodeface/grdp/glog" 10 | ) 11 | 12 | func RdpScan(ScanType string, Target []string) { 13 | 14 | ipList := utils.ReadSshIps(ScanType, Target) 15 | thread := 1000 16 | userDict, uErr := utils.ReadUserDict("user.txt") 17 | passDict, pErr := utils.ReadUserDict("pass.txt") 18 | if utils.UserPassIsExist() { 19 | userDict, _ := utils.ReadUserDict("userpass.txt") 20 | scanTasks := GenerateTaskUserPass(ipList, userDict) 21 | color.Cyan("Number of all task : %d", len(scanTasks)) 22 | RunTask(scanTasks, thread) 23 | } else { 24 | if uErr == nil && pErr == nil { 25 | scanTasks := GenerateTask(ipList, userDict, passDict) 26 | color.Cyan("Number of all task : %d", len(scanTasks)) 27 | 28 | RunTask(scanTasks, thread) 29 | } else { 30 | fmt.Println("Read File Err!") 31 | } 32 | } 33 | 34 | } 35 | func ScanRdp(ip string, port string, username string, password string) (result bool, err error) { 36 | client := grdp.NewClient(fmt.Sprintf("%s:%d", ip, port), glog.DEBUG) 37 | err = client.Login(username, password) 38 | if err == nil { 39 | result = true 40 | 41 | } 42 | return result, err 43 | } 44 | -------------------------------------------------------------------------------- /core/enum/redis.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | "sulab/core/utils" 7 | "time" 8 | 9 | "github.com/fatih/color" 10 | redis "github.com/go-redis/redis/v8" 11 | ) 12 | 13 | func RedisScan(ScanType string, Target []string) { 14 | 15 | ipList := utils.ReadSshIps(ScanType, Target) 16 | thread := 1000 17 | userDict, uErr := utils.ReadUserDict("user.txt") 18 | passDict, pErr := utils.ReadUserDict("pass.txt") 19 | if utils.UserPassIsExist() { 20 | userDict, _ := utils.ReadUserDict("userpass.txt") 21 | scanTasks := GenerateTaskUserPass(ipList, userDict) 22 | color.Cyan("Number of all task : %d", len(scanTasks)) 23 | RunTask(scanTasks, thread) 24 | } else { 25 | if uErr == nil && pErr == nil { 26 | scanTasks := GenerateTask(ipList, userDict, passDict) 27 | color.Cyan("Number of all task : %d", len(scanTasks)) 28 | 29 | RunTask(scanTasks, thread) 30 | } else { 31 | fmt.Println("Read File Err!") 32 | } 33 | } 34 | 35 | } 36 | func ScanRedis(ip string, port string, username string, password string) (result bool, err error) { 37 | client := redis.NewClient(&redis.Options{Addr: ip + ":" + port, Password: password, DB: 0, DialTimeout: time.Second * 3}) 38 | var ctx = context.Background() 39 | defer client.Close() 40 | //_, err = client.Ping().Result() 41 | _, err = client.Ping(ctx).Result() 42 | if err == nil { 43 | result = true 44 | } 45 | return result, err 46 | } 47 | -------------------------------------------------------------------------------- /core/enum/smb.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "sulab/core/utils" 6 | 7 | "github.com/fatih/color" 8 | "github.com/stacktitan/smb/smb" 9 | ) 10 | 11 | func SmbScan(ScanType string, Target []string) { 12 | 13 | ipList := utils.ReadSshIps(ScanType, Target) 14 | thread := 1000 15 | userDict, uErr := utils.ReadUserDict("user.txt") 16 | passDict, pErr := utils.ReadUserDict("pass.txt") 17 | if utils.UserPassIsExist() { 18 | userDict, _ := utils.ReadUserDict("userpass.txt") 19 | scanTasks := GenerateTaskUserPass(ipList, userDict) 20 | color.Cyan("Number of all task : %d", len(scanTasks)) 21 | RunTask(scanTasks, thread) 22 | } else { 23 | if uErr == nil && pErr == nil { 24 | scanTasks := GenerateTask(ipList, userDict, passDict) 25 | color.Cyan("Number of all task : %d", len(scanTasks)) 26 | 27 | RunTask(scanTasks, thread) 28 | } else { 29 | fmt.Println("Read File Err!") 30 | } 31 | } 32 | 33 | } 34 | 35 | func ScanSmb(ip string, port string, username string, password string) (result bool, err error) { 36 | result = false 37 | 38 | options := smb.Options{ 39 | Host: ip, 40 | Port: 445, 41 | User: username, 42 | Password: password, 43 | Domain: "", 44 | Workstation: "", 45 | } 46 | 47 | session, err := smb.NewSession(options, false) 48 | if err == nil { 49 | session.Close() 50 | if session.IsAuthenticated { 51 | result = true 52 | } 53 | } 54 | return result, err 55 | } 56 | -------------------------------------------------------------------------------- /core/enum/snmp.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "strconv" 6 | "sulab/core/utils" 7 | "time" 8 | 9 | "github.com/fatih/color" 10 | "github.com/gosnmp/gosnmp" 11 | ) 12 | 13 | func SnmpScan(ScanType string, Target []string) { 14 | 15 | ipList := utils.ReadIps(ScanType, Target) 16 | 17 | thread := 1000 18 | userDict, uErr := utils.ReadUserDict("user.txt") 19 | passDict, pErr := utils.ReadUserDict("pass.txt") 20 | if utils.UserPassIsExist() { 21 | 22 | userDict, _ := utils.ReadUserDict("userpass.txt") 23 | scanTasks := GenerateTaskUserPass(ipList, userDict) 24 | color.Cyan("Number of all task : %d", len(scanTasks)) 25 | RunTask(scanTasks, thread) 26 | } else { 27 | if uErr == nil && pErr == nil { 28 | scanTasks := GenerateTask(ipList, userDict, passDict) 29 | color.Cyan("Number of all task : %d", len(scanTasks)) 30 | 31 | RunTask(scanTasks, thread) 32 | } else { 33 | fmt.Println("Read File Err!") 34 | } 35 | } 36 | } 37 | 38 | func ScanSnmp(ip string, port string, username string, password string) (result bool, err error) { 39 | 40 | p, err := strconv.Atoi(port) 41 | gosnmp.Default.Target = ip 42 | gosnmp.Default.Port = uint16(p) 43 | gosnmp.Default.Community = "public" 44 | gosnmp.Default.Timeout = 3 * time.Second 45 | 46 | err = gosnmp.Default.Connect() 47 | if err == nil { 48 | oids := []string{"1.3.6.1.2.1.1.4.0", "1.3.6.1.2.1.1.7.0"} 49 | _, err := gosnmp.Default.Get(oids) 50 | if err == nil { 51 | result = true 52 | } 53 | } 54 | 55 | return result, err 56 | } 57 | -------------------------------------------------------------------------------- /core/enum/ssh.go: -------------------------------------------------------------------------------- 1 | package enum 2 | 3 | import ( 4 | "fmt" 5 | "net" 6 | "sulab/core/utils" 7 | "time" 8 | 9 | "github.com/fatih/color" 10 | "golang.org/x/crypto/ssh" 11 | ) 12 | 13 | func ScanSsh(ip string, port string, username string, password string) (result bool, err error) { 14 | 15 | config := &ssh.ClientConfig{ 16 | User: username, 17 | Auth: []ssh.AuthMethod{ 18 | ssh.Password(password), 19 | }, 20 | HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error { 21 | return nil 22 | }, 23 | Timeout: time.Second * 1, 24 | } 25 | 26 | client, err := ssh.Dial("tcp", ip+":"+port, config) 27 | if err == nil { 28 | defer client.Close() 29 | session, err := client.NewSession() 30 | errRet := session.Run("echo ISOK") 31 | if err == nil && errRet == nil { 32 | defer session.Close() 33 | result = true 34 | } 35 | } 36 | return result, err 37 | } 38 | 39 | func SshScan(ScanType string, Target []string) { 40 | 41 | ipList := utils.ReadSshIps(ScanType, Target) 42 | thread := 1000 43 | userDict, uErr := utils.ReadUserDict("user.txt") 44 | passDict, pErr := utils.ReadUserDict("pass.txt") 45 | if utils.UserPassIsExist() { 46 | userDict, _ := utils.ReadUserDict("userpass.txt") 47 | scanTasks := GenerateTaskUserPass(ipList, userDict) 48 | color.Cyan("Number of all task : %d", len(scanTasks)) 49 | RunTask(scanTasks, thread) 50 | } else { 51 | if uErr == nil && pErr == nil { 52 | scanTasks := GenerateTask(ipList, userDict, passDict) 53 | color.Cyan("Number of all task : %d", len(scanTasks)) 54 | 55 | RunTask(scanTasks, thread) 56 | } else { 57 | fmt.Println("Read File Err!") 58 | } 59 | } 60 | 61 | } 62 | func SshScan2(ScanType string, Target string) { 63 | Loop: 64 | for _, u := range utils.UserDic() { 65 | for _, p := range utils.PassDic() { 66 | 67 | res, err := ScanSsh(Target, "22", u, p) 68 | 69 | if res == true && err == nil { 70 | 71 | fmt.Println(Target + " 22" + " 用户名: " + u + " 密码: " + p) 72 | break Loop 73 | } 74 | } 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /core/model/model.go: -------------------------------------------------------------------------------- 1 | package model 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "strings" 7 | "sync" 8 | 9 | "github.com/jinzhu/gorm" 10 | _ "github.com/jinzhu/gorm/dialects/sqlite" 11 | ) 12 | 13 | var ( 14 | lock sync.Mutex 15 | ) 16 | 17 | type Step int 18 | 19 | const ( 20 | NOT_DEFINED Step = iota 21 | IMPORTED 22 | SWEEPED 23 | NEW 24 | SCANNED 25 | ) 26 | 27 | func (s Step) String() string { 28 | return [...]string{"NOT_DEFINED", "IMPORTED", "SWEEPED", "NEW", "SCANNED"}[s] 29 | } 30 | 31 | func InitDB(dbpath string) *gorm.DB { 32 | 33 | db, err := gorm.Open("sqlite3", dbpath) 34 | if err != nil { 35 | fmt.Println(fmt.Sprintf("[DB ERROR] %s", err)) 36 | os.Exit(1) 37 | } 38 | 39 | if os.Getenv("DEBUG") == "1" { 40 | db.LogMode(true) 41 | } else { 42 | db.LogMode(false) 43 | } 44 | 45 | migrateDB(db) 46 | 47 | return db 48 | } 49 | 50 | func migrateDB(db *gorm.DB) { 51 | db.AutoMigrate(&Target{}) 52 | db.AutoMigrate(&Service{}) 53 | db.AutoMigrate(&Port{}) 54 | db.AutoMigrate(&Host{}) 55 | } 56 | 57 | type Target struct { 58 | ID uint `gorm:"primary_key"` 59 | Address string `gorm:"unique_index:idx_target_ip"` 60 | Step string 61 | } 62 | 63 | func (t *Target) String() string { 64 | return fmt.Sprintf("%s", t.Address) 65 | } 66 | 67 | func AddTarget(db *gorm.DB, address string, step string) *Target { 68 | lock.Lock() 69 | defer lock.Unlock() 70 | 71 | t := &Target{ 72 | Address: address, 73 | Step: step, 74 | } 75 | db.Create(t) 76 | return t 77 | } 78 | 79 | func GetAllTargets(db *gorm.DB) []Target { 80 | targets := []Target{} 81 | db.Find(&targets) 82 | return targets 83 | } 84 | 85 | func GetTargetByStep(db *gorm.DB, step string) []Target { 86 | targets := []Target{} 87 | db.Where("step = ?", step).Find(&targets) 88 | return targets 89 | } 90 | 91 | type Service struct { 92 | ID uint `gorm:"primary_key"` 93 | Name string `gorm:"unique_index:idx_service"` 94 | Version string 95 | Product string 96 | OsType string 97 | PortID uint `gorm:"unique_index:idx_service"` 98 | Port *Port 99 | } 100 | 101 | func (s *Service) String() string { 102 | out := s.Name 103 | if s.Product != "" { 104 | out = fmt.Sprintf("%s [%s %s]", out, s.Product, s.Version) 105 | } 106 | return out 107 | } 108 | 109 | func AddService(db *gorm.DB, name, version, product, osType string, p *Port, pID uint) *Service { 110 | lock.Lock() 111 | defer lock.Unlock() 112 | 113 | t := &Service{ 114 | Name: name, 115 | Version: version, 116 | Product: product, 117 | OsType: osType, 118 | Port: p, 119 | PortID: pID, 120 | } 121 | db.Create(t) 122 | return t 123 | } 124 | 125 | func GetServiceByName(db *gorm.DB, name string) []Service { 126 | services := []Service{} 127 | db.Where("name LIKE ?", name).Find(&services) 128 | return services 129 | } 130 | 131 | func (s *Service) GetPort(db *gorm.DB) *Port { 132 | port := &Port{} 133 | db.Where("id = ?", s.PortID).Find(&port) 134 | return port 135 | } 136 | 137 | type Port struct { 138 | ID uint `gorm:"primary_key"` 139 | Number int `gorm:"unique_index:idx_port"` 140 | Protocol string `gorm:"unique_index:idx_port"` 141 | Status string `gorm:"unique_index:idx_port"` 142 | Service Service 143 | HostID uint `gorm:"unique_index:idx_port"` 144 | Host *Host 145 | } 146 | 147 | func (p *Port) String() string { 148 | return fmt.Sprintf("%5d/%s %-8s", p.Number, p.Protocol, p.Status) 149 | } 150 | 151 | func AddPort(db *gorm.DB, number int, protocol, status string) (*Port, bool) { 152 | lock.Lock() 153 | defer lock.Unlock() 154 | 155 | duplicate := false 156 | t := &Port{ 157 | Number: number, 158 | Protocol: protocol, 159 | Status: status, 160 | } 161 | if err := db.Create(t).Error; err != nil { 162 | if strings.Contains(err.Error(), "UNIQUE constraint failed") { 163 | duplicate = true 164 | } 165 | } 166 | 167 | return t, duplicate 168 | } 169 | 170 | func (p *Port) GetService(db *gorm.DB) Service { 171 | srv := Service{} 172 | db.Where("port_id = ?", p.ID).Find(&srv) 173 | return srv 174 | } 175 | 176 | func (p *Port) GetHost(db *gorm.DB) *Host { 177 | host := &Host{} 178 | db.Where("id = ?", p.HostID).Find(&host) 179 | return host 180 | } 181 | 182 | type Host struct { 183 | ID uint `gorm:"primary_key"` 184 | Address string `gorm:"unique_index:idx_hostname_ip"` 185 | Status string 186 | OS string 187 | Info string 188 | Ports []Port 189 | Step string 190 | } 191 | 192 | func (h *Host) String() string { 193 | return fmt.Sprintf("%s", h.Address) 194 | } 195 | 196 | func AddHost(db *gorm.DB, address string, status string, step string) *Host { 197 | lock.Lock() 198 | defer lock.Unlock() 199 | 200 | t := &Host{ 201 | Address: address, 202 | Status: status, 203 | Step: step, 204 | } 205 | db.Create(t) 206 | return t 207 | } 208 | 209 | func GetAllHosts(db *gorm.DB) []Host { 210 | hosts := []Host{} 211 | db.Find(&hosts) 212 | return hosts 213 | } 214 | func GetAllPorts(db *gorm.DB) []Port { 215 | ports := []Port{} 216 | db.Find(&ports) 217 | return ports 218 | } 219 | 220 | func GetPorts(db *gorm.DB, status string) []Port { 221 | ports := []Port{} 222 | db.Where("status = ?", status).Find(&ports) 223 | 224 | return ports 225 | } 226 | func GetHostByStep(db *gorm.DB, step string) []Host { 227 | hosts := []Host{} 228 | db.Where("step = ?", step).Find(&hosts) 229 | return hosts 230 | } 231 | 232 | func GetHostByAddress(db *gorm.DB, address string) *Host { 233 | host := &Host{} 234 | db.Where("address = ?", address).First(&host) 235 | return host 236 | } 237 | 238 | func (h *Host) GetPorts(db *gorm.DB) []Port { 239 | ports := []Port{} 240 | db.Where("host_id = ?", h.ID).Find(&ports) 241 | return ports 242 | } 243 | 244 | func DelHosts(db *gorm.DB) { 245 | db.Where("id").Delete(Host{}) 246 | } 247 | func DelPorts(db *gorm.DB) { 248 | db.Where("id").Delete(Port{}) 249 | } 250 | 251 | type Service2 struct { 252 | Ip string 253 | Port int 254 | Protocol string 255 | UserName string 256 | PassWord string 257 | } 258 | 259 | type ScanResult struct { 260 | Service Service 261 | Result bool 262 | } 263 | 264 | type IpAddr struct { 265 | Ip string 266 | Port int 267 | Protocol string 268 | } 269 | -------------------------------------------------------------------------------- /core/model/model_scans.go: -------------------------------------------------------------------------------- 1 | package model 2 | 3 | import ( 4 | "fmt" 5 | "sync" 6 | ) 7 | 8 | var Mutex sync.Mutex 9 | 10 | const ( 11 | NULL = iota 12 | NOT_STARTED 13 | IN_PROGRESS 14 | FAILED 15 | DONE 16 | FINISHED 17 | ) 18 | 19 | type Scan struct { 20 | Name string 21 | Target string 22 | Status int 23 | Outfolder string 24 | Outfile string 25 | Cmd string 26 | } 27 | 28 | func (s *Scan) String() string { 29 | return fmt.Sprintf("Target: %s [%d]", s.Target, s.Status) 30 | } 31 | 32 | type Enumeration struct { 33 | Target *Host 34 | Outfolder string 35 | Kind string 36 | Status int 37 | Result []byte 38 | Polite string 39 | } 40 | 41 | func (e *Enumeration) String() string { 42 | return fmt.Sprintf("Enumeration [%s]: %s [%d]", e.Kind, e.Target.Address, e.Status) 43 | } 44 | -------------------------------------------------------------------------------- /core/scan/port.go: -------------------------------------------------------------------------------- 1 | package scan 2 | 3 | import ( 4 | "bufio" 5 | "fmt" 6 | "log" 7 | "net" 8 | "os" 9 | "runtime" 10 | "strconv" 11 | "strings" 12 | "sync" 13 | "time" 14 | ) 15 | 16 | func CheckPort(ip net.IP, port int) { 17 | tcpAddr := net.TCPAddr{ 18 | IP: ip, 19 | Port: port, 20 | } 21 | conn, err := net.DialTCP("tcp", nil, &tcpAddr) 22 | if conn != nil { 23 | fmt.Println(tcpAddr.IP, tcpAddr.Port, "Open") 24 | conn.Close() 25 | } 26 | if err != nil { 27 | 28 | } 29 | } 30 | 31 | func checkFileIsExist(filename string) bool { 32 | var exist = true 33 | if _, err := os.Stat(filename); os.IsNotExist(err) { 34 | exist = false 35 | } 36 | return exist 37 | } 38 | 39 | func WriteResult(host []string) { 40 | filename := "portresult.txt" 41 | 42 | fout, err := os.OpenFile(filename, os.O_CREATE|os.O_APPEND, 0666) 43 | if err != nil { 44 | 45 | fmt.Println(filename + " create error") 46 | } 47 | 48 | defer fout.Close() 49 | 50 | write := bufio.NewWriter(fout) 51 | 52 | for i := 0; i < len(host); i++ { 53 | write.WriteString(host[i] + "\r\n") 54 | } 55 | 56 | write.Flush() 57 | 58 | } 59 | 60 | func PortCheck(host string, port int) (result bool) { 61 | result = false 62 | ip := net.ParseIP(host) 63 | tcpAddr := net.TCPAddr{ 64 | IP: ip, 65 | Port: port, 66 | } 67 | conn, err := net.DialTCP("tcp", nil, &tcpAddr) 68 | if conn != nil { 69 | fmt.Println(tcpAddr.IP, tcpAddr.Port, "Open") 70 | 71 | conn.Close() 72 | result = true 73 | } 74 | if err != nil { 75 | 76 | } 77 | return result 78 | } 79 | 80 | func PortIsOpen(ip net.IP, port int) (result bool, err error) { 81 | tcpAddr := net.TCPAddr{ 82 | IP: ip, 83 | Port: port, 84 | } 85 | conn, err := net.DialTCP("tcp", nil, &tcpAddr) 86 | if conn != nil { 87 | 88 | conn.Close() 89 | result = true 90 | } 91 | if err != nil { 92 | 93 | } 94 | return result, err 95 | } 96 | 97 | type Workdist struct { 98 | Host string 99 | } 100 | 101 | const ( 102 | taskload = 255 103 | tasknum = 255 104 | ) 105 | 106 | var wg sync.WaitGroup 107 | 108 | func TaskPort(ip string, debugLog *log.Logger) { 109 | tasks := make(chan Workdist, taskload) 110 | wg.Add(tasknum) 111 | 112 | for gr := 1; gr <= tasknum; gr++ { 113 | go workerPort(tasks, debugLog) 114 | } 115 | 116 | for i := 1; i < 256; i++ { 117 | host := fmt.Sprintf("%s.%d", ip, i) 118 | task := Workdist{ 119 | Host: host, 120 | } 121 | tasks <- task 122 | } 123 | close(tasks) 124 | wg.Wait() 125 | } 126 | 127 | func workerPort(tasks chan Workdist, debugLog *log.Logger) { 128 | defer wg.Done() 129 | task, ok := <-tasks 130 | if !ok { 131 | return 132 | } 133 | host := task.Host 134 | 135 | ScanPort2(host) 136 | 137 | } 138 | 139 | var DefaultPorts = []int{21, 22, 23, 25, 80, 443, 8080, 110, 135, 139, 445, 389, 489, 587, 1433, 1434, 1521, 1522, 1723, 2121, 3000, 3306, 3389, 4899, 5631, 5632, 5800, 5900, 7071, 43958, 65500, 4444, 8888, 6789, 4848, 5985, 5986, 8081, 8089, 8443, 10000, 6379, 7001, 7002} 140 | 141 | func ScanPort2(host string) { 142 | 143 | var mutex sync.Mutex 144 | 145 | finish := make(chan int) 146 | 147 | channel := make(chan int, 100) 148 | var openPorts []int 149 | var timeoutPorts []int 150 | 151 | addOpenPorts := func(port int) { 152 | mutex.Lock() 153 | defer mutex.Unlock() 154 | openPorts = append(openPorts, port) 155 | } 156 | 157 | scan := func(ip string, port int) { 158 | 159 | address := ip + ":" + strconv.Itoa(port) 160 | _, err := net.DialTimeout("tcp", address, time.Second*2) 161 | if err != nil { 162 | 163 | if strings.Contains(err.Error(), "timeout") { 164 | 165 | timeoutPorts = append(timeoutPorts, port) 166 | } 167 | } else { 168 | fmt.Println(address + " open") 169 | addOpenPorts(port) 170 | } 171 | i := <-channel 172 | if i == 1 { 173 | finish <- 0 174 | } 175 | } 176 | num := len(DefaultPorts) 177 | for i := 0; i < num; i++ { 178 | if i == num-1 { 179 | channel <- 1 180 | } else { 181 | channel <- 0 182 | } 183 | 184 | go scan(host, DefaultPorts[i]) 185 | 186 | } 187 | <-finish 188 | 189 | } 190 | 191 | func ScanAllPort(host string) []string { 192 | 193 | runtime.GOMAXPROCS(runtime.NumCPU()) 194 | var mutex sync.Mutex 195 | 196 | finish := make(chan int) 197 | 198 | channel := make(chan int, 70000) 199 | var openPorts []string 200 | var openPorts2 []string 201 | var timeoutPorts []int 202 | var ports []int 203 | 204 | for i := 1; i <= 65535; i++ { 205 | ports = append(ports, i) 206 | } 207 | 208 | addOpenPorts := func(port string) { 209 | mutex.Lock() 210 | defer mutex.Unlock() 211 | openPorts = append(openPorts, port) 212 | } 213 | 214 | scan := func(ip string, port int) { 215 | 216 | address := ip + ":" + strconv.Itoa(port) 217 | conn, err := net.DialTimeout("tcp", address, time.Second*2) 218 | if err != nil { 219 | 220 | if strings.Contains(err.Error(), "timeout") { 221 | 222 | timeoutPorts = append(timeoutPorts, port) 223 | } 224 | } else { 225 | defer conn.Close() 226 | out := address + " open " 227 | fmt.Println(out) 228 | addOpenPorts(out) 229 | openPorts2 = append(openPorts2, address) 230 | } 231 | i := <-channel 232 | if i == 1 { 233 | finish <- 0 234 | } 235 | 236 | } 237 | num := len(ports) 238 | 239 | for i := 0; i < num; i++ { 240 | if i == num-1 { 241 | channel <- 1 242 | } else { 243 | channel <- 0 244 | } 245 | go scan(host, ports[i]) 246 | 247 | } 248 | <-finish 249 | 250 | return openPorts2 251 | } 252 | 253 | func Worker(tasksCh <-chan int, wg *sync.WaitGroup, ips string) { 254 | defer wg.Done() 255 | for { 256 | task, ok := <-tasksCh 257 | if !ok { 258 | return 259 | } 260 | ScanAllPort(ips) 261 | 262 | fmt.Println("processing task", task) 263 | } 264 | } 265 | 266 | func TcpPort(host string, port int) bool { 267 | p := strconv.Itoa(port) 268 | conn, err := net.DialTimeout("tcp", host+":"+p, time.Second*2) 269 | if err != nil { 270 | 271 | return false 272 | } else { 273 | 274 | fmt.Println(host, p, "Open") 275 | conn.Close() 276 | return true 277 | } 278 | } 279 | 280 | func Scan(host []string) { 281 | ips := host 282 | var ports []int 283 | 284 | for i := 1; i <= 65535; i++ { 285 | ports = append(ports, i) 286 | } 287 | 288 | wg := NewSizeWG(70000) 289 | if len(ips) != 0 && len(ports) != 0 { 290 | for _, ip := range ips { 291 | for _, port := range ports { 292 | wg.Add() 293 | go func(ip string, port int) { 294 | defer wg.Done() 295 | TcpPort(ip, port) 296 | 297 | }(ip, port) 298 | } 299 | } 300 | } 301 | wg.Wait() 302 | } 303 | -------------------------------------------------------------------------------- /core/scan/rewg.go: -------------------------------------------------------------------------------- 1 | package scan 2 | 3 | import ( 4 | "context" 5 | "math" 6 | "sync" 7 | ) 8 | 9 | type sizeWG struct { 10 | pool chan struct{} 11 | wg sync.WaitGroup 12 | } 13 | 14 | func NewSizeWG(size int) *sizeWG { 15 | t := math.MaxInt16 16 | if size > 0 && size < t { 17 | t = size 18 | } 19 | return &sizeWG{ 20 | pool: make(chan struct{}, t), 21 | wg: sync.WaitGroup{}, 22 | } 23 | 24 | } 25 | func (swg *sizeWG) addContext(ctx context.Context) { 26 | select { 27 | case <-ctx.Done(): 28 | 29 | case swg.pool <- struct{}{}: 30 | break 31 | } 32 | swg.wg.Add(1) 33 | } 34 | func (swg *sizeWG) Add() { 35 | swg.addContext(context.Background()) 36 | } 37 | func (swg *sizeWG) Done() { 38 | <-swg.pool 39 | swg.wg.Done() 40 | } 41 | func (swg *sizeWG) Wait() { 42 | swg.wg.Wait() 43 | } 44 | -------------------------------------------------------------------------------- /core/scan/vscan.go: -------------------------------------------------------------------------------- 1 | package scan 2 | 3 | import ( 4 | "bytes" 5 | "compress/gzip" 6 | "crypto/tls" 7 | "encoding/hex" 8 | "fmt" 9 | "github.com/axgle/mahonia" 10 | "io/ioutil" 11 | "net" 12 | "net/http" 13 | "regexp" 14 | "sort" 15 | "strconv" 16 | "strings" 17 | "sulab/core/scan/proberbyte" 18 | "sync" 19 | "time" 20 | ) 21 | //服務識別主程序 22 | type VScan struct { 23 | Exclude string 24 | 25 | Probes []Probe 26 | 27 | ProbesMapKName map[string]Probe 28 | } 29 | 30 | type Match struct { 31 | IsSoft bool 32 | 33 | Service string 34 | Pattern string 35 | VersionInfo string 36 | 37 | PatternCompiled *regexp.Regexp 38 | } 39 | 40 | type Probe struct { 41 | Name string 42 | Data string 43 | Protocol string 44 | 45 | Ports string 46 | SSLPorts string 47 | 48 | TotalWaitMS int 49 | TCPWrappedMS int 50 | Rarity int 51 | Fallback string 52 | 53 | Matchs *[]Match 54 | } 55 | 56 | type Directive struct { 57 | DirectiveName string 58 | Flag string 59 | Delimiter string 60 | DirectiveStr string 61 | } 62 | 63 | func (p *Probe) getDirectiveSyntax(data string) (directive Directive) { 64 | directive = Directive{} 65 | 66 | blankIndex := strings.Index(data, " ") 67 | directiveName := data[:blankIndex] 68 | Flag := data[blankIndex+1 : blankIndex+2] 69 | delimiter := data[blankIndex+2 : blankIndex+3] 70 | directiveStr := data[blankIndex+3:] 71 | 72 | directive.DirectiveName = directiveName 73 | directive.Flag = Flag 74 | directive.Delimiter = delimiter 75 | directive.DirectiveStr = directiveStr 76 | 77 | return directive 78 | } 79 | 80 | func (p *Probe) parseProbeInfo(probeStr string) { 81 | proto := probeStr[:4] 82 | other := probeStr[4:] 83 | 84 | if !(proto == "TCP " || proto == "UDP ") { 85 | panic("Probe must be either TCP or UDP.") 86 | } 87 | if len(other) == 0 { 88 | panic("nmap-service-probes - bad probe name") 89 | } 90 | 91 | directive := p.getDirectiveSyntax(other) 92 | 93 | p.Name = directive.DirectiveName 94 | p.Data = strings.Split(directive.DirectiveStr, directive.Delimiter)[0] 95 | p.Protocol = strings.ToLower(strings.TrimSpace(proto)) 96 | } 97 | 98 | func (p *Probe) fromString(data string) error { 99 | var err error 100 | 101 | data = strings.TrimSpace(data) 102 | lines := strings.Split(data, "\n") 103 | probeStr := lines[0] 104 | 105 | p.parseProbeInfo(probeStr) 106 | 107 | var matchs []Match 108 | for _, line := range lines { 109 | if strings.HasPrefix(line, "match ") { 110 | match, err := p.getMatch(line) 111 | if err != nil { 112 | continue 113 | } 114 | matchs = append(matchs, match) 115 | } else if strings.HasPrefix(line, "softmatch ") { 116 | softMatch, err := p.getSoftMatch(line) 117 | if err != nil { 118 | continue 119 | } 120 | matchs = append(matchs, softMatch) 121 | } else if strings.HasPrefix(line, "ports ") { 122 | p.parsePorts(line) 123 | } else if strings.HasPrefix(line, "sslports ") { 124 | p.parseSSLPorts(line) 125 | } else if strings.HasPrefix(line, "totalwaitms ") { 126 | p.parseTotalWaitMS(line) 127 | } else if strings.HasPrefix(line, "totalwaitms ") { 128 | p.parseTotalWaitMS(line) 129 | } else if strings.HasPrefix(line, "tcpwrappedms ") { 130 | p.parseTCPWrappedMS(line) 131 | } else if strings.HasPrefix(line, "rarity ") { 132 | p.parseRarity(line) 133 | } else if strings.HasPrefix(line, "fallback ") { 134 | p.parseFallback(line) 135 | } 136 | } 137 | p.Matchs = &matchs 138 | return err 139 | } 140 | 141 | func (p *Probe) parsePorts(data string) { 142 | p.Ports = data[len("ports")+1:] 143 | } 144 | 145 | func (p *Probe) parseSSLPorts(data string) { 146 | p.SSLPorts = data[len("sslports")+1:] 147 | } 148 | 149 | func (p *Probe) parseTotalWaitMS(data string) { 150 | p.TotalWaitMS, _ = strconv.Atoi(string(data[len("totalwaitms")+1:])) 151 | } 152 | 153 | func (p *Probe) parseTCPWrappedMS(data string) { 154 | p.TCPWrappedMS, _ = strconv.Atoi(string(data[len("tcpwrappedms")+1:])) 155 | } 156 | 157 | func (p *Probe) parseRarity(data string) { 158 | p.Rarity, _ = strconv.Atoi(string(data[len("rarity")+1:])) 159 | } 160 | 161 | func (p *Probe) parseFallback(data string) { 162 | p.Fallback = data[len("fallback")+1:] 163 | } 164 | 165 | func isHexCode(b []byte) bool { 166 | matchRe := regexp.MustCompile(`\\x[0-9a-fA-F]{2}`) 167 | return matchRe.Match(b) 168 | } 169 | 170 | func isOctalCode(b []byte) bool { 171 | matchRe := regexp.MustCompile(`\\[0-7]{1,3}`) 172 | return matchRe.Match(b) 173 | } 174 | 175 | func isStructCode(b []byte) bool { 176 | matchRe := regexp.MustCompile(`\\[aftnrv]`) 177 | return matchRe.Match(b) 178 | } 179 | 180 | func isReChar(n int64) bool { 181 | reChars := `.*?+{}()^$|\` 182 | for _, char := range reChars { 183 | if n == int64(char) { 184 | return true 185 | } 186 | } 187 | return false 188 | } 189 | 190 | func isOtherEscapeCode(b []byte) bool { 191 | matchRe := regexp.MustCompile(`\\[^\\]`) 192 | return matchRe.Match(b) 193 | } 194 | 195 | func (v *VScan) parseProbesFromContent(content string) { 196 | var probes []Probe 197 | 198 | var lines []string 199 | linesTemp := strings.Split(content, "\n") 200 | for _, lineTemp := range linesTemp { 201 | lineTemp = strings.TrimSpace(lineTemp) 202 | if lineTemp == "" || strings.HasPrefix(lineTemp, "#") { 203 | continue 204 | } 205 | lines = append(lines, lineTemp) 206 | } 207 | if len(lines) == 0 { 208 | panic("Failed to read nmap-service-probes file for probe data, 0 lines read.") 209 | } 210 | c := 0 211 | for _, line := range lines { 212 | if strings.HasPrefix(line, "Exclude ") { 213 | c += 1 214 | } 215 | if c > 1 { 216 | panic("Only 1 Exclude directive is allowed in the nmap-service-probes file") 217 | } 218 | } 219 | l := lines[0] 220 | if !(strings.HasPrefix(l, "Exclude ") || strings.HasPrefix(l, "Probe ")) { 221 | panic("Parse error on nmap-service-probes file: line was expected to begin with \"Probe \" or \"Exclude \"") 222 | } 223 | if c == 1 { 224 | v.Exclude = l[len("Exclude")+1:] 225 | lines = lines[1:] 226 | } 227 | content = strings.Join(lines, "\n") 228 | content = "\n" + content 229 | 230 | probeParts := strings.Split(content, "\nProbe") 231 | probeParts = probeParts[1:] 232 | 233 | for _, probePart := range probeParts { 234 | probe := Probe{} 235 | err := probe.fromString(probePart) 236 | if err != nil { 237 | continue 238 | } 239 | probes = append(probes, probe) 240 | } 241 | v.Probes = probes 242 | } 243 | 244 | func (v *VScan) parseProbesToMapKName(probes []Probe) { 245 | var probesMap = map[string]Probe{} 246 | for _, probe := range v.Probes { 247 | probesMap[probe.Name] = probe 248 | } 249 | v.ProbesMapKName = probesMap 250 | } 251 | 252 | func (p *Probe) getMatch(data string) (match Match, err error) { 253 | match = Match{} 254 | 255 | matchText := data[len("match")+1:] 256 | directive := p.getDirectiveSyntax(matchText) 257 | 258 | textSplited := strings.Split(directive.DirectiveStr, directive.Delimiter) 259 | 260 | pattern, versionInfo := textSplited[0], strings.Join(textSplited[1:], "") 261 | 262 | patternUnescaped, _ := DecodePattern(pattern) 263 | patternUnescapedStr := string([]rune(string(patternUnescaped))) 264 | patternCompiled, ok := regexp.Compile(patternUnescapedStr) 265 | if ok != nil { 266 | return match, ok 267 | } 268 | 269 | match.Service = directive.DirectiveName 270 | match.Pattern = pattern 271 | match.PatternCompiled = patternCompiled 272 | match.VersionInfo = versionInfo 273 | 274 | return match, nil 275 | } 276 | 277 | func (p *Probe) getSoftMatch(data string) (softMatch Match, err error) { 278 | softMatch = Match{IsSoft: true} 279 | 280 | matchText := data[len("softmatch")+1:] 281 | directive := p.getDirectiveSyntax(matchText) 282 | 283 | textSplited := strings.Split(directive.DirectiveStr, directive.Delimiter) 284 | 285 | pattern, versionInfo := textSplited[0], strings.Join(textSplited[1:], "") 286 | patternUnescaped, _ := DecodePattern(pattern) 287 | patternUnescapedStr := string([]rune(string(patternUnescaped))) 288 | patternCompiled, ok := regexp.Compile(patternUnescapedStr) 289 | if ok != nil { 290 | return softMatch, ok 291 | } 292 | 293 | softMatch.Service = directive.DirectiveName 294 | softMatch.Pattern = pattern 295 | softMatch.PatternCompiled = patternCompiled 296 | softMatch.VersionInfo = versionInfo 297 | 298 | return softMatch, nil 299 | } 300 | 301 | func DecodePattern(s string) ([]byte, error) { 302 | sByteOrigin := []byte(s) 303 | matchRe := regexp.MustCompile(`\\(x[0-9a-fA-F]{2}|[0-7]{1,3}|[aftnrv])`) 304 | sByteDec := matchRe.ReplaceAllFunc(sByteOrigin, func(match []byte) (v []byte) { 305 | var replace []byte 306 | if isHexCode(match) { 307 | hexNum := match[2:] 308 | byteNum, _ := strconv.ParseInt(string(hexNum), 16, 32) 309 | if isReChar(byteNum) { 310 | replace = []byte{'\\', uint8(byteNum)} 311 | } else { 312 | replace = []byte{uint8(byteNum)} 313 | } 314 | } 315 | if isStructCode(match) { 316 | structCodeMap := map[int][]byte{ 317 | 97: []byte{0x07}, // \a 318 | 102: []byte{0x0c}, // \f 319 | 116: []byte{0x09}, // \t 320 | 110: []byte{0x0a}, // \n 321 | 114: []byte{0x0d}, // \r 322 | 118: []byte{0x0b}, // \v 323 | } 324 | replace = structCodeMap[int(match[1])] 325 | } 326 | if isOctalCode(match) { 327 | octalNum := match[2:] 328 | byteNum, _ := strconv.ParseInt(string(octalNum), 8, 32) 329 | replace = []byte{uint8(byteNum)} 330 | } 331 | return replace 332 | }) 333 | 334 | matchRe2 := regexp.MustCompile(`\\([^\\])`) 335 | sByteDec2 := matchRe2.ReplaceAllFunc(sByteDec, func(match []byte) (v []byte) { 336 | var replace []byte 337 | if isOtherEscapeCode(match) { 338 | replace = match 339 | } else { 340 | replace = match 341 | } 342 | return replace 343 | }) 344 | return sByteDec2, nil 345 | } 346 | 347 | type ProbesRarity []Probe 348 | 349 | func (ps ProbesRarity) Len() int { 350 | return len(ps) 351 | } 352 | 353 | func (ps ProbesRarity) Swap(i, j int) { 354 | ps[i], ps[j] = ps[j], ps[i] 355 | } 356 | 357 | func (ps ProbesRarity) Less(i, j int) bool { 358 | return ps[i].Rarity < ps[j].Rarity 359 | } 360 | 361 | func sortProbesByRarity(probes []Probe) (probesSorted []Probe) { 362 | probesToSort := ProbesRarity(probes) 363 | sort.Stable(probesToSort) 364 | probesSorted = []Probe(probesToSort) 365 | return probesSorted 366 | } 367 | 368 | type Target struct { 369 | IP string 370 | Port int 371 | Protocol string 372 | } 373 | 374 | type Result struct { 375 | Target 376 | Service 377 | 378 | Error string 379 | } 380 | 381 | type Service struct { 382 | Name string 383 | Banner string 384 | 385 | Extras 386 | } 387 | 388 | type Extras struct { 389 | VendorProduct string 390 | Version string 391 | Info string 392 | Hostname string 393 | OperatingSystem string 394 | DeviceType string 395 | CPE string 396 | Sign string 397 | StatusCode int 398 | ServiceURL string 399 | } 400 | 401 | func (p *Probe) ContainsPort(testPort int) bool { 402 | ports := strings.Split(p.Ports, ",") 403 | 404 | for _, port := range ports { 405 | cmpPort, _ := strconv.Atoi(port) 406 | if testPort == cmpPort { 407 | return true 408 | } 409 | } 410 | for _, port := range ports { 411 | if strings.Contains(port, "-") { 412 | portRange := strings.Split(port, "-") 413 | start, _ := strconv.Atoi(portRange[0]) 414 | end, _ := strconv.Atoi(portRange[1]) 415 | for cmpPort := start; cmpPort <= end; cmpPort++ { 416 | if testPort == cmpPort { 417 | return true 418 | } 419 | } 420 | } 421 | } 422 | return false 423 | } 424 | 425 | func (v *VScan) Explore(addr string) (Result, error) { 426 | var target Target 427 | target.IP = strings.Split(addr, ":")[0] 428 | portstr, err := strconv.Atoi(strings.Split(addr, ":")[1]) 429 | if err == nil { 430 | target.Port = portstr 431 | } 432 | target.Protocol = "tcp" 433 | var probesUsed []Probe 434 | 435 | for _, probe := range v.Probes { 436 | if strings.ToLower(probe.Protocol) == strings.ToLower(target.Protocol) { 437 | probesUsed = append(probesUsed, probe) 438 | } 439 | } 440 | 441 | probesUsed = append(probesUsed, v.ProbesMapKName["NULL"]) 442 | 443 | probesUsed = sortProbesByRarity(probesUsed) 444 | 445 | var probesUsedFiltered []Probe 446 | for _, probe := range probesUsed { 447 | probesUsedFiltered = append(probesUsedFiltered, probe) 448 | } 449 | probesUsed = probesUsedFiltered 450 | 451 | result, err := v.scanWithProbes(target, &probesUsed) 452 | 453 | return result, err 454 | } 455 | 456 | func (m *Match) MatchPattern(response []byte) (matched bool) { 457 | responseStr := string([]rune(string(response))) 458 | foundItems := m.PatternCompiled.FindStringSubmatch(responseStr) 459 | if len(foundItems) > 0 { 460 | matched = true 461 | return 462 | } 463 | return false 464 | } 465 | 466 | func (m *Match) ParseVersionInfo(response []byte) Extras { 467 | var extras = Extras{} 468 | 469 | responseStr := string([]rune(string(response))) 470 | foundItems := m.PatternCompiled.FindStringSubmatch(responseStr) 471 | 472 | versionInfo := m.VersionInfo 473 | foundItems = foundItems[1:] 474 | for index, value := range foundItems { 475 | dollarName := "$" + strconv.Itoa(index+1) 476 | versionInfo = strings.Replace(versionInfo, dollarName, value, -1) 477 | } 478 | 479 | v := versionInfo 480 | if strings.Contains(v, " p/") { 481 | regex := regexp.MustCompile(`p/([^/]*)/`) 482 | vendorProductName := regex.FindStringSubmatch(v) 483 | extras.VendorProduct = vendorProductName[1] 484 | } 485 | if strings.Contains(v, " p|") { 486 | regex := regexp.MustCompile(`p|([^|]*)|`) 487 | vendorProductName := regex.FindStringSubmatch(v) 488 | extras.VendorProduct = vendorProductName[1] 489 | } 490 | if strings.Contains(v, " v/") { 491 | regex := regexp.MustCompile(`v/([^/]*)/`) 492 | version := regex.FindStringSubmatch(v) 493 | extras.Version = version[1] 494 | } 495 | if strings.Contains(v, " v|") { 496 | regex := regexp.MustCompile(`v|([^|]*)|`) 497 | version := regex.FindStringSubmatch(v) 498 | extras.Version = version[1] 499 | } 500 | if strings.Contains(v, " i/") { 501 | regex := regexp.MustCompile(`i/([^/]*)/`) 502 | info := regex.FindStringSubmatch(v) 503 | extras.Info = info[1] 504 | } 505 | if strings.Contains(v, " i|") { 506 | regex := regexp.MustCompile(`i|([^|]*)|`) 507 | info := regex.FindStringSubmatch(v) 508 | extras.Info = info[1] 509 | } 510 | if strings.Contains(v, " h/") { 511 | regex := regexp.MustCompile(`h/([^/]*)/`) 512 | hostname := regex.FindStringSubmatch(v) 513 | extras.Hostname = hostname[1] 514 | } 515 | if strings.Contains(v, " h|") { 516 | regex := regexp.MustCompile(`h|([^|]*)|`) 517 | hostname := regex.FindStringSubmatch(v) 518 | extras.Hostname = hostname[1] 519 | } 520 | if strings.Contains(v, " o/") { 521 | regex := regexp.MustCompile(`o/([^/]*)/`) 522 | operatingSystem := regex.FindStringSubmatch(v) 523 | extras.OperatingSystem = operatingSystem[1] 524 | } 525 | if strings.Contains(v, " o|") { 526 | regex := regexp.MustCompile(`o|([^|]*)|`) 527 | operatingSystem := regex.FindStringSubmatch(v) 528 | extras.OperatingSystem = operatingSystem[1] 529 | } 530 | if strings.Contains(v, " d/") { 531 | regex := regexp.MustCompile(`d/([^/]*)/`) 532 | deviceType := regex.FindStringSubmatch(v) 533 | extras.DeviceType = deviceType[1] 534 | } 535 | if strings.Contains(v, " d|") { 536 | regex := regexp.MustCompile(`d|([^|]*)|`) 537 | deviceType := regex.FindStringSubmatch(v) 538 | extras.DeviceType = deviceType[1] 539 | } 540 | if strings.Contains(v, " cpe:/") { 541 | regex := regexp.MustCompile(`cpe:/([^/]*)/`) 542 | cpeName := regex.FindStringSubmatch(v) 543 | if len(cpeName) > 1 { 544 | extras.CPE = cpeName[1] 545 | } else { 546 | extras.CPE = cpeName[0] 547 | } 548 | } 549 | if strings.Contains(v, " cpe:|") { 550 | regex := regexp.MustCompile(`cpe:|([^|]*)|`) 551 | cpeName := regex.FindStringSubmatch(v) 552 | if len(cpeName) > 1 { 553 | extras.CPE = cpeName[1] 554 | } else { 555 | extras.CPE = cpeName[0] 556 | } 557 | } 558 | return extras 559 | } 560 | 561 | func DecodeData(s string) ([]byte, error) { 562 | sByteOrigin := []byte(s) 563 | matchRe := regexp.MustCompile(`\\(x[0-9a-fA-F]{2}|[0-7]{1,3}|[aftnrv])`) 564 | sByteDec := matchRe.ReplaceAllFunc(sByteOrigin, func(match []byte) (v []byte) { 565 | var replace []byte 566 | if isHexCode(match) { 567 | hexNum := match[2:] 568 | byteNum, _ := strconv.ParseInt(string(hexNum), 16, 32) 569 | replace = []byte{uint8(byteNum)} 570 | } 571 | if isStructCode(match) { 572 | structCodeMap := map[int][]byte{ 573 | 97: []byte{0x07}, // \a 574 | 102: []byte{0x0c}, // \f 575 | 116: []byte{0x09}, // \t 576 | 110: []byte{0x0a}, // \n 577 | 114: []byte{0x0d}, // \r 578 | 118: []byte{0x0b}, // \v 579 | } 580 | replace = structCodeMap[int(match[1])] 581 | } 582 | if isOctalCode(match) { 583 | octalNum := match[2:] 584 | byteNum, _ := strconv.ParseInt(string(octalNum), 8, 32) 585 | replace = []byte{uint8(byteNum)} 586 | } 587 | return replace 588 | }) 589 | 590 | matchRe2 := regexp.MustCompile(`\\([^\\])`) 591 | sByteDec2 := matchRe2.ReplaceAllFunc(sByteDec, func(match []byte) (v []byte) { 592 | var replace []byte 593 | if isOtherEscapeCode(match) { 594 | replace = match 595 | } else { 596 | replace = match 597 | } 598 | return replace 599 | }) 600 | return sByteDec2, nil 601 | } 602 | 603 | func (t *Target) GetAddress() string { 604 | return t.IP + ":" + strconv.Itoa(t.Port) 605 | } 606 | 607 | func trimBanner(buf []byte) string { 608 | bufStr := string(buf) 609 | if strings.Contains(bufStr, "SMB") { 610 | banner := hex.EncodeToString(buf) 611 | if banner[0xa:0xa+6] == "534d42" { 612 | plain := banner[0xa2:] 613 | data, _ := hex.DecodeString(plain) 614 | var domain = "" 615 | var index = 0 616 | for _, s := range data { 617 | index += 1 618 | if s != 0 { 619 | domain = domain + string(s) 620 | } else { 621 | if data[index] == 0 && data[index+1] == 0 { 622 | index += 1 623 | break 624 | } 625 | } 626 | } 627 | var hostname = "" 628 | var index2 = 0 629 | for _, h := range data[index:] { 630 | index2 += 1 631 | if h != 0 { 632 | hostname = hostname + string(h) 633 | } 634 | if data[index:][index2] == 0 && data[index:][index2+1] == 0 { 635 | break 636 | } 637 | } 638 | smb_banner := "hostname: " + hostname + " domain: " + domain 639 | return smb_banner 640 | } 641 | } 642 | 643 | var src string 644 | for _, ch := range bufStr { 645 | if (32 < int(ch)) && (int(ch) < 125) { 646 | src = src + string(ch) 647 | } else { 648 | src = src + " " 649 | } 650 | } 651 | 652 | re, _ := regexp.Compile("\\s{2,}") 653 | src = re.ReplaceAllString(src, ".") 654 | return strings.TrimSpace(src) 655 | } 656 | 657 | func trimHtml(src string) string { 658 | re, _ := regexp.Compile("\\<[\\S\\s]+?\\>") 659 | src = re.ReplaceAllStringFunc(src, strings.ToLower) 660 | re, _ = regexp.Compile("\\") 661 | src = re.ReplaceAllString(src, "") 662 | re, _ = regexp.Compile("\\") 663 | src = re.ReplaceAllString(src, "") 664 | re, _ = regexp.Compile("\\<[\\S\\s]+?\\>") 665 | src = re.ReplaceAllString(src, " ") 666 | re, _ = regexp.Compile("\\s{2,}") 667 | src = re.ReplaceAllString(src, " ") 668 | return strings.TrimSpace(src) 669 | } 670 | 671 | func ConvertToString(src string, srcCode string, tagCode string) string { 672 | srcCoder := mahonia.NewDecoder(srcCode) 673 | srcResult := srcCoder.ConvertString(src) 674 | tagCoder := mahonia.NewDecoder(tagCode) 675 | _, cdata, _ := tagCoder.Translate([]byte(srcResult), true) 676 | result := string(cdata) 677 | return result 678 | } 679 | 680 | type HttpInfo struct { 681 | ServiceURL string 682 | StatusCode int 683 | ServerBanner string 684 | ServerSign string 685 | } 686 | 687 | func getHttpBanner(url string) (statsu bool, res HttpInfo) { 688 | var tag HttpInfo 689 | transport := &http.Transport{ 690 | DialContext: (&net.Dialer{ 691 | Timeout: time.Duration(1) * time.Second, 692 | }).DialContext, 693 | TLSClientConfig: &tls.Config{ 694 | InsecureSkipVerify: true, 695 | }, 696 | } 697 | 698 | client := &http.Client{ 699 | Transport: transport, 700 | Timeout: 1 * time.Second, 701 | } 702 | resp, err := client.Get(url) 703 | if err != nil { 704 | return false, tag 705 | } 706 | defer resp.Body.Close() 707 | 708 | content, err := ioutil.ReadAll(resp.Body) 709 | if err != nil { 710 | return false, tag 711 | } 712 | 713 | tag.ServerSign = resp.Header.Get("Server") 714 | tag.StatusCode = resp.StatusCode 715 | tag.ServiceURL = url 716 | 717 | if strings.Contains(string(resp.Header.Get("Content-Type")), "2312") { 718 | tag.ServerBanner = trimHtml(ConvertToString(string(content), "gbk", "utf-8")) 719 | } else { 720 | tag.ServerBanner = trimHtml(string(content)) 721 | } 722 | return true, tag 723 | } 724 | 725 | func (v *VScan) scanWithProbes(target Target, probes *[]Probe) (Result, error) { 726 | var result = Result{Target: target} 727 | 728 | for _, probe := range *probes { 729 | var response []byte 730 | 731 | probeData, _ := DecodeData(probe.Data) 732 | 733 | addr := target.GetAddress() 734 | 735 | response, _ = grabResponse(addr, probeData) 736 | 737 | if len(response) > 0 { 738 | found := false 739 | 740 | softFound := false 741 | var softMatch Match 742 | 743 | for _, match := range *probe.Matchs { 744 | matched := match.MatchPattern(response) 745 | if matched && !match.IsSoft { 746 | extras := match.ParseVersionInfo(response) 747 | result.Service.Name = match.Service 748 | if match.Service == "http" { 749 | if target.Port == 443 || target.Port == 2443 || target.Port == 3443 || target.Port == 4443 || target.Port == 5443 || target.Port == 6443 || target.Port == 7443 || target.Port == 8443 || target.Port == 9443 || target.Port == 4430 { 750 | url := "https://" + target.GetAddress() 751 | status, tag := getHttpBanner(url) 752 | if status { 753 | result.Banner = tag.ServerBanner 754 | result.Service.Extras = extras 755 | result.Service.Extras.Sign = tag.ServerSign 756 | result.Service.Extras.StatusCode = tag.StatusCode 757 | result.Service.Extras.ServiceURL = tag.ServiceURL 758 | } else { 759 | result.Service.Extras = extras 760 | result.Service.Extras.ServiceURL = url 761 | } 762 | } else { 763 | url := "http://" + target.GetAddress() 764 | status, tag := getHttpBanner(url) 765 | if status { 766 | result.Banner = tag.ServerBanner 767 | result.Service.Extras = extras 768 | result.Service.Extras.Sign = tag.ServerSign 769 | result.Service.Extras.StatusCode = tag.StatusCode 770 | result.Service.Extras.ServiceURL = tag.ServiceURL 771 | } else { 772 | result.Service.Extras = extras 773 | result.Service.Extras.ServiceURL = url 774 | } 775 | } 776 | } else if (match.Service == "ssl" || match.Service == "ssl/http" || match.Service == "ssl-ms-rdp") && (target.Port == 443 || target.Port == 2443 || target.Port == 3443 || target.Port == 4443 || target.Port == 5443 || target.Port == 6443 || target.Port == 4430 || (target.Port >= 80 && target.Port <= 99) || (target.Port >= 7000 && target.Port <= 9999)) { 777 | url := "https://" + target.GetAddress() 778 | status, tag := getHttpBanner(url) 779 | if status { 780 | result.Banner = tag.ServerBanner 781 | result.Service.Extras = extras 782 | result.Service.Extras.Sign = tag.ServerSign 783 | result.Service.Extras.StatusCode = tag.StatusCode 784 | result.Service.Extras.ServiceURL = tag.ServiceURL 785 | } else { 786 | result.Service.Extras = extras 787 | result.Service.Extras.ServiceURL = url 788 | } 789 | } else { 790 | result.Banner = trimBanner(response) 791 | result.Service.Extras = extras 792 | } 793 | found = true 794 | return result, nil 795 | } else if matched && match.IsSoft && !softFound { 796 | softFound = true 797 | softMatch = match 798 | } 799 | } 800 | 801 | fallback := probe.Fallback 802 | if _, ok := v.ProbesMapKName[fallback]; ok { 803 | fbProbe := v.ProbesMapKName[fallback] 804 | for _, match := range *fbProbe.Matchs { 805 | matched := match.MatchPattern(response) 806 | if matched && !match.IsSoft { 807 | extras := match.ParseVersionInfo(response) 808 | result.Service.Name = match.Service 809 | if match.Service == "http" { 810 | if target.Port == 443 || target.Port == 2443 || target.Port == 3443 || target.Port == 4443 || target.Port == 5443 || target.Port == 6443 || target.Port == 7443 || target.Port == 8443 || target.Port == 9443 || target.Port == 4430 { 811 | url := "https://" + target.GetAddress() 812 | status, tag := getHttpBanner(url) 813 | result.Service.Extras.ServiceURL = tag.ServiceURL 814 | if status { 815 | result.Banner = tag.ServerBanner 816 | result.Service.Extras.Sign = tag.ServerSign 817 | result.Service.Extras.StatusCode = tag.StatusCode 818 | } else { 819 | result.Banner = trimBanner(response) 820 | result.Service.Extras = extras 821 | } 822 | } else { 823 | url := "http://" + target.GetAddress() 824 | status, tag := getHttpBanner(url) 825 | result.Service.Extras.ServiceURL = tag.ServiceURL 826 | if status { 827 | result.Banner = tag.ServerBanner 828 | result.Service.Extras.Sign = tag.ServerSign 829 | result.Service.Extras.StatusCode = tag.StatusCode 830 | } else { 831 | result.Banner = trimBanner(response) 832 | result.Service.Extras = extras 833 | } 834 | } 835 | } else { 836 | result.Banner = trimBanner(response) 837 | result.Service.Extras = extras 838 | } 839 | found = true 840 | return result, nil 841 | } else if matched && match.IsSoft && !softFound { 842 | softFound = true 843 | softMatch = match 844 | } 845 | } 846 | } 847 | if !found { 848 | if !softFound { 849 | 850 | result.Banner = trimBanner(response) 851 | 852 | if strings.Contains(result.Banner, "HTTP/") { 853 | result.Service.Name = "http" 854 | } else if strings.Contains(result.Banner, "html") { 855 | result.Service.Name = "http" 856 | } else { 857 | result.Service.Name = "unknown" 858 | } 859 | 860 | if result.Service.Name == "http" { 861 | if target.Port == 443 || target.Port == 2443 || target.Port == 3443 || target.Port == 4443 || target.Port == 5443 || target.Port == 6443 || target.Port == 7443 || target.Port == 8443 || target.Port == 9443 || target.Port == 4430 { 862 | url := "https://" + target.GetAddress() 863 | status, tag := getHttpBanner(url) 864 | result.Service.Extras.ServiceURL = tag.ServiceURL 865 | if status { 866 | result.Banner = tag.ServerBanner 867 | result.Service.Extras.Sign = tag.ServerSign 868 | result.Service.Extras.StatusCode = tag.StatusCode 869 | } 870 | } else { 871 | url := "http://" + target.GetAddress() 872 | status, tag := getHttpBanner(url) 873 | result.Service.Extras.ServiceURL = tag.ServiceURL 874 | if status { 875 | result.Banner = tag.ServerBanner 876 | result.Service.Extras.Sign = tag.ServerSign 877 | result.Service.Extras.StatusCode = tag.StatusCode 878 | } 879 | } 880 | } 881 | 882 | return result, nil 883 | } else { 884 | 885 | result.Banner = trimBanner(response) 886 | 887 | extras := softMatch.ParseVersionInfo(response) 888 | result.Service.Extras = extras 889 | result.Service.Name = softMatch.Service 890 | 891 | return result, nil 892 | } 893 | } 894 | } 895 | } 896 | return result, nil 897 | } 898 | 899 | func grabResponse(addr string, data []byte) ([]byte, error) { 900 | var response []byte 901 | 902 | dialer := net.Dialer{} 903 | 904 | conn, errConn := dialer.Dial("tcp", addr) 905 | if errConn != nil { 906 | return response, errConn 907 | } 908 | defer conn.Close() 909 | 910 | if len(data) > 0 { 911 | conn.SetWriteDeadline(time.Now().Add(time.Second * 1)) 912 | _, errWrite := conn.Write(data) 913 | if errWrite != nil { 914 | return response, errWrite 915 | } 916 | } 917 | 918 | conn.SetReadDeadline(time.Now().Add(time.Second * 1)) 919 | for true { 920 | buff := make([]byte, 1024) 921 | n, errRead := conn.Read(buff) 922 | if errRead != nil { 923 | if len(response) > 0 { 924 | break 925 | } else { 926 | return response, errRead 927 | } 928 | } 929 | if n > 0 { 930 | response = append(response, buff[:n]...) 931 | } 932 | } 933 | return response, nil 934 | } 935 | 936 | func (v *VScan) Tagetsacn(addr []string, thread int) { 937 | var info string 938 | var host []string 939 | var wg sync.WaitGroup 940 | mutex := &sync.Mutex{} 941 | limiter := make(chan struct{}, thread) 942 | //aliveHost := make(chan string, thread/2) 943 | aliveHost := make(chan string, thread) 944 | //go func() { 945 | // for s := range aliveHost { 946 | // fmt.Println(s) 947 | // } 948 | //}() 949 | for _, targetIP := range addr { 950 | wg.Add(1) 951 | limiter <- struct{}{} 952 | go func(targetIP string) { 953 | defer wg.Done() 954 | result, err := v.Explore(targetIP) 955 | mutex.Lock() 956 | if err == nil { 957 | if result.Service.Name == "http" { 958 | banner := result.Service.Banner 959 | if len(banner) > 30 { 960 | banner = banner[:30] + "..." 961 | } 962 | info = "\n - banner: " + banner 963 | if result.Service.Extras.Version != "" { 964 | info = "\n - 版本: " + result.Service.Extras.Version + info 965 | } 966 | if result.Service.Extras.VendorProduct != "" { 967 | info = "\n - 厂商: " + result.Service.Extras.VendorProduct + info 968 | } 969 | if result.Service.Extras.Sign != "" { 970 | info = "\n - 签名: " + result.Service.Extras.Sign + info 971 | } 972 | } else if result.Service.Name == "microsoft-ds" && (strings.Contains(result.Service.Banner, "hostname") || strings.Contains(result.Service.Banner, "domain")) { 973 | info = "\n - 厂商: " + result.Service.Extras.VendorProduct + "\n - 服务: " + result.Service.Name + "\n - banner: " + result.Service.Banner 974 | } else if result.Service.Name == "ssl-ms-rdp" { 975 | info = "\n - 服务: " + result.Service.Name 976 | } else { 977 | info = "\n - 服务: " + result.Service.Name 978 | if result.Service.Banner != "" && result.Service.Banner != "." && result.Service.Banner != ".@." { 979 | info = "\n - 服务: " + result.Service.Name + "\n - banner: " + result.Service.Banner 980 | } 981 | if result.Service.Extras != (Extras{}) { 982 | if result.Service.Extras.Version != "" { 983 | info = info + "\n - 版本: " + result.Service.Extras.Version 984 | } 985 | if result.Service.Extras.VendorProduct != "" { 986 | info = "\n - 厂商: " + result.Service.Extras.VendorProduct + info 987 | } 988 | if result.Service.Extras.Sign != "" { 989 | info = "\n - 签名: " + result.Service.Extras.Sign + "\n - " + info 990 | } 991 | } 992 | } 993 | if info == "" { 994 | info = "\n - unknown" 995 | } 996 | 997 | fmt.Printf("%s:%d %s\n", result.IP, result.Port, info) 998 | host = append(host, result.IP+" 端口:"+strconv.Itoa(result.Port)+info) 999 | mutex.Unlock() 1000 | } 1001 | <-limiter 1002 | }(targetIP) 1003 | } 1004 | wg.Wait() 1005 | close(aliveHost) 1006 | WriteResult(host) 1007 | } 1008 | 1009 | func (v *VScan) Init() { 1010 | proberContent := bytes.NewReader(proberbyte.GetProber()) 1011 | proberReader, _ := gzip.NewReader(proberContent) 1012 | proberStr, _ := ioutil.ReadAll(proberReader) 1013 | v.parseProbesFromContent(string(proberStr)) 1014 | v.parseProbesToMapKName(v.Probes) 1015 | } 1016 | 1017 | func GetProbes(aliveHosts []string) { 1018 | v := VScan{} 1019 | v.Init() 1020 | thread := 100 1021 | //if len(aliveHosts)>50 { 1022 | // thread = len(aliveHosts)/2 1023 | //} 1024 | 1025 | v.Tagetsacn(aliveHosts, thread) 1026 | } 1027 | -------------------------------------------------------------------------------- /core/utils/dic.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "bufio" 5 | "fmt" 6 | "strconv" 7 | "strings" 8 | "sulab/core/model" 9 | 10 | "os" 11 | ) 12 | 13 | func UserPassIsExist() bool { 14 | if IsExist("userpass.txt") { 15 | return true 16 | } 17 | return false 18 | } 19 | 20 | func PwdIsExist() bool { 21 | if IsExist("userpass.txt") { 22 | return true 23 | } 24 | if IsExist("user.txt") { 25 | return true 26 | } 27 | if IsExist("pass.txt") { 28 | return true 29 | } 30 | return false 31 | } 32 | 33 | func IsExist(f string) bool { 34 | _, err := os.Stat(f) 35 | return err == nil || os.IsExist(err) 36 | } 37 | 38 | func TxtRead(filename string) (lines []string) { 39 | file, err := os.Open(filename) 40 | if err != nil { 41 | fmt.Println("Open ", filename, "error, %v", err) 42 | } 43 | fi, _ := os.Stat(filename) 44 | if fi.Size() == 0 { 45 | fmt.Println("Error: " + filename + " is null!") 46 | os.Exit(1) 47 | } 48 | defer file.Close() 49 | scanner := bufio.NewScanner(file) 50 | scanner.Split(bufio.ScanLines) 51 | 52 | for scanner.Scan() { 53 | ip := strings.TrimSpace(scanner.Text()) 54 | if ip != "" { 55 | lines = append(lines, ip) 56 | } 57 | } 58 | return lines 59 | } 60 | func UserDic() (users []string) { 61 | dicname := "user.txt" 62 | file, err := os.Open(dicname) 63 | if err != nil { 64 | fmt.Println("Open "+dicname+" error, %v", err) 65 | } 66 | fi, _ := os.Stat(dicname) 67 | if fi.Size() == 0 { 68 | fmt.Println("Error: " + dicname + " is null!") 69 | os.Exit(1) 70 | } 71 | defer file.Close() 72 | scanner := bufio.NewScanner(file) 73 | scanner.Split(bufio.ScanLines) 74 | 75 | for scanner.Scan() { 76 | user := strings.TrimSpace(scanner.Text()) 77 | if user != "" { 78 | users = append(users, user) 79 | } 80 | } 81 | return users 82 | } 83 | 84 | func PassDic() (password []string) { 85 | dicname := "pass.txt" 86 | file, err := os.Open(dicname) 87 | if err != nil { 88 | fmt.Println("Open "+dicname+" error, %v", err) 89 | } 90 | fi, _ := os.Stat(dicname) 91 | if fi.Size() == 0 { 92 | fmt.Println("Error: " + dicname + " is null!") 93 | os.Exit(1) 94 | } 95 | 96 | defer file.Close() 97 | scanner := bufio.NewScanner(file) 98 | scanner.Split(bufio.ScanLines) 99 | 100 | for scanner.Scan() { 101 | passwd := strings.TrimSpace(scanner.Text()) 102 | if passwd != "" { 103 | password = append(password, passwd) 104 | } 105 | } 106 | return password 107 | } 108 | 109 | func UserPassDic() (userpass []string) { 110 | dicname := "userpass.txt" 111 | file, err := os.Open(dicname) 112 | if err != nil { 113 | fmt.Println("Open "+dicname+" error, %v", err) 114 | } 115 | fi, _ := os.Stat(dicname) 116 | if fi.Size() == 0 { 117 | fmt.Println("Error: " + dicname + " is null!") 118 | os.Exit(1) 119 | } 120 | 121 | defer file.Close() 122 | scanner := bufio.NewScanner(file) 123 | scanner.Split(bufio.ScanLines) 124 | 125 | for scanner.Scan() { 126 | passwd := strings.TrimSpace(scanner.Text()) 127 | if passwd != "" { 128 | userpass = append(userpass, passwd) 129 | } 130 | } 131 | return userpass 132 | } 133 | func ReadUserDict(userDict string) (users []string, err error) { 134 | file, err := os.Open(userDict) 135 | if err != nil { 136 | fmt.Println("Open user dict file err, %v", err) 137 | } 138 | 139 | defer file.Close() 140 | 141 | scanner := bufio.NewScanner(file) 142 | scanner.Split(bufio.ScanLines) 143 | 144 | for scanner.Scan() { 145 | user := strings.TrimSpace(scanner.Text()) 146 | if user != "" { 147 | users = append(users, user) 148 | } 149 | } 150 | return users, err 151 | } 152 | 153 | func ReadIpList(fileName string) (ipList []model.IpAddr) { 154 | ipListFile, err := os.Open(fileName) 155 | if err != nil { 156 | fmt.Printf("Open ip List file err, %v", err) 157 | } 158 | 159 | defer ipListFile.Close() 160 | 161 | scanner := bufio.NewScanner(ipListFile) 162 | scanner.Split(bufio.ScanLines) 163 | 164 | for scanner.Scan() { 165 | line := scanner.Text() 166 | if line == "" { 167 | continue 168 | } 169 | ipPort := strings.TrimSpace(line) 170 | t := strings.Split(ipPort, ":") 171 | ip := t[0] 172 | portProtocol := t[1] 173 | tmpPort := strings.Split(portProtocol, "|") 174 | 175 | if len(tmpPort) == 2 { 176 | port, _ := strconv.Atoi(tmpPort[0]) 177 | protocol := strings.ToUpper(tmpPort[1]) 178 | if SupportProtocols[protocol] { 179 | addr := model.IpAddr{Ip: ip, Port: port, Protocol: protocol} 180 | ipList = append(ipList, addr) 181 | } else { 182 | fmt.Printf("Not support %v, ignore: %v:%v", protocol, ip, port) 183 | } 184 | } else { 185 | 186 | port, err := strconv.Atoi(tmpPort[0]) 187 | if err == nil { 188 | protocol, ok := PortNames[port] 189 | if ok && SupportProtocols[protocol] { 190 | addr := model.IpAddr{Ip: ip, Port: port, Protocol: protocol} 191 | ipList = append(ipList, addr) 192 | } 193 | } 194 | } 195 | 196 | } 197 | 198 | return ipList 199 | } 200 | 201 | func ReadIps(ScanType string, Target []string) (ipList []model.IpAddr) { 202 | 203 | port := model.GetPorts(Config.DB, "up") 204 | 205 | for _, p := range port { 206 | if p.Protocol != "" { 207 | protocol, _ := strconv.Atoi(p.Protocol) 208 | for _, i := range Target { 209 | ip := i 210 | port := protocol 211 | protocol := ScanType 212 | addr := model.IpAddr{Ip: ip, Port: port, Protocol: protocol} 213 | ipList = append(ipList, addr) 214 | } 215 | } else { 216 | for _, i := range Target { 217 | ip := i 218 | port := 21 219 | protocol := ScanType 220 | addr := model.IpAddr{Ip: ip, Port: port, Protocol: protocol} 221 | ipList = append(ipList, addr) 222 | } 223 | } 224 | } 225 | 226 | return ipList 227 | } 228 | 229 | func ReadSshIps(ScanType string, Target []string) (ipList []model.IpAddr) { 230 | 231 | port := model.GetPorts(Config.DB, "up") 232 | if port == nil { 233 | for _, i := range Target { 234 | ip := i 235 | port := 22 236 | protocol := ScanType 237 | addr := model.IpAddr{Ip: ip, Port: port, Protocol: protocol} 238 | ipList = append(ipList, addr) 239 | } 240 | 241 | } else { 242 | for _, i := range Target { 243 | ip := i 244 | port := 22 245 | protocol := ScanType 246 | addr := model.IpAddr{Ip: ip, Port: port, Protocol: protocol} 247 | ipList = append(ipList, addr) 248 | } 249 | 250 | } 251 | 252 | return ipList 253 | } 254 | -------------------------------------------------------------------------------- /core/utils/logger.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/fatih/color" 7 | ) 8 | 9 | type Logger struct{} 10 | 11 | func InitLogger() *Logger { 12 | return &Logger{} 13 | } 14 | 15 | func (l *Logger) LogDebug(message string) { 16 | highlight := color.New(color.FgWhite).SprintFunc() 17 | reset := color.New(color.FgWhite).SprintFunc() 18 | fmt.Println(highlight("[-]"), reset(message)) 19 | } 20 | 21 | func (l *Logger) LogInfo(message string) { 22 | highlight := color.New(color.FgBlue).SprintFunc() 23 | reset := color.New(color.FgWhite).SprintFunc() 24 | fmt.Println(highlight("[*]"), reset(message)) 25 | } 26 | 27 | func (l *Logger) LogNotify(message string) { 28 | highlight := color.New(color.FgGreen).SprintFunc() 29 | fmt.Println(highlight("[+]"), highlight(message)) 30 | } 31 | 32 | func (l *Logger) LogWarning(message string) { 33 | highlight := color.New(color.FgYellow).SprintFunc() 34 | fmt.Println(highlight("[?]"), highlight(message)) 35 | } 36 | 37 | func (l *Logger) LogError(message string) { 38 | highlight := color.New(color.FgRed).SprintFunc() 39 | fmt.Println(highlight("[!]"), highlight(message)) 40 | } 41 | -------------------------------------------------------------------------------- /core/utils/net.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "net" 5 | "net/http" 6 | ) 7 | 8 | func Connected() bool { 9 | _, err := http.Get("https://clients3.google.com/generate_204") 10 | if err != nil { 11 | return false 12 | } 13 | return true 14 | } 15 | 16 | // --------------------------------------------------------------------------------------- 17 | // IP addresses 18 | // --------------------------------------------------------------------------------------- 19 | // Returns all the addresses of the local network interfaces 20 | func ParseLocalIP() map[string]string { 21 | // Returns a Map of interface:subnet 22 | res := make(map[string]string) 23 | 24 | ifaces, _ := net.Interfaces() 25 | for _, i := range ifaces { 26 | addrs, _ := i.Addrs() 27 | for _, addr := range addrs { 28 | res[i.Name] = addr.String() 29 | break 30 | } 31 | } 32 | return res 33 | } 34 | 35 | // Parse a string and returns the corresponding CIDR and error status 36 | func ParseCIDR(s string) (string, error) { 37 | _, ipv4Net, err := net.ParseCIDR(s) 38 | if err != nil { 39 | return "", err 40 | } 41 | return ipv4Net.String(), nil 42 | } 43 | 44 | // Parse a string and returns the corresponding IP address, or nil 45 | func ParseIP(s string) string { 46 | i := net.ParseIP(s) 47 | return i.String() 48 | } 49 | 50 | // Parse a string, regardless if it is an IP or CIDR, and returns its string representation 51 | func ParseAddress(addr string) (string, bool) { 52 | cidr, err := ParseCIDR(addr) 53 | if err == nil { 54 | return cidr, true 55 | } 56 | 57 | ip := ParseIP(addr) 58 | if ip != "" { 59 | return ip, true 60 | } 61 | 62 | return "", false 63 | } 64 | -------------------------------------------------------------------------------- /core/utils/utils.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "crypto/md5" 5 | "fmt" 6 | "io" 7 | "os" 8 | "os/exec" 9 | "os/user" 10 | "path/filepath" 11 | "strings" 12 | "sulab/core/model" 13 | 14 | "github.com/jinzhu/gorm" 15 | ) 16 | 17 | var Config config 18 | 19 | var Const_notification_delay_unit = 10 20 | var Const_example_target_cidr = "127.0.0.1/32" 21 | var Const_example_target_desc = "Target CIDR or /32 for single target" 22 | 23 | var Const_UDP_PORTS = "19,53,69,79,111,123,135,137,138,161,177,445,500,514,520,1434,1900,5353" 24 | var Const_NMAP_SWEEP = "-n -sn -PE -PP" 25 | var Const_NMAP_TCP_FULL = "--randomize-hosts -Pn -sS -sC -A -T4 -g53 -p-" 26 | var Const_NMAP_TCP_STANDARD = "--randomize-hosts -Pn -sS -A -T4 -g53 --top-ports 1000" 27 | var Const_NMAP_TCP_PROD = "--randomize-hosts -Pn -sT -sV -T3 -p-" 28 | var Const_NMAP_TCP_VULN = "--randomize-hosts -Pn -sT -sV -p- --script=vulscan/vulscan.nse" 29 | var Const_NMAP_UDP_STANDARD = fmt.Sprintf("--randomize-hosts -Pn -sU -sC -A -T4 -p%s", Const_UDP_PORTS) 30 | var Const_NMAP_UDP_PROD = fmt.Sprintf("--randomize-hosts -Pn -sU -sC -sV -T3 -p%s", Const_UDP_PORTS) 31 | 32 | var WORDLIST_FUZZ_NAMELIST = "/usr/share/wfuzz/wordlist/fuzzdb/wordlists-user-passwd/names/namelist.txt" 33 | var WORDLIST_MSF_PWDS = "/usr/share/wordlists/metasploit/unix_passwords.txt" 34 | var WORDLIST_FINGER_USER = WORDLIST_FUZZ_NAMELIST 35 | var WORDLIST_FTP_USER = WORDLIST_FUZZ_NAMELIST 36 | var WORDLIST_SMTP = WORDLIST_FUZZ_NAMELIST 37 | var WORDLIST_SNMP = "/usr/share/doc/onesixtyone/dict.txt" 38 | var WORDLIST_DNS_BRUTEFORCE = WORDLIST_FUZZ_NAMELIST 39 | var WORDLIST_HYDRA_SSH_USER = WORDLIST_FUZZ_NAMELIST 40 | var WORDLIST_HYDRA_SSH_PWD = WORDLIST_MSF_PWDS 41 | var WORDLIST_HYDRA_FTP_USER = WORDLIST_FUZZ_NAMELIST 42 | var WORDLIST_HYDRA_FTP_PWD = WORDLIST_MSF_PWDS 43 | 44 | type config struct { 45 | Outfolder string 46 | Log *Logger 47 | DB *gorm.DB 48 | DBPath string 49 | } 50 | type Bar struct { 51 | percent int64 52 | cur int64 53 | total int64 54 | rate string 55 | graph string 56 | } 57 | 58 | func (bar *Bar) NewOption(start, total int64) { 59 | bar.cur = start 60 | bar.total = total 61 | if bar.graph == "" { 62 | bar.graph = "█" 63 | } 64 | bar.percent = bar.getPercent() 65 | for i := 0; i < int(bar.percent); i += 2 { 66 | bar.rate += bar.graph 67 | } 68 | } 69 | func (bar *Bar) getPercent() int64 { 70 | return int64(float32(bar.cur) / float32(bar.total) * 100) 71 | } 72 | func (bar *Bar) NewOptionWithGraph(start, total int64, graph string) { 73 | bar.graph = graph 74 | bar.NewOption(start, total) 75 | } 76 | func (bar *Bar) Play(cur int64) { 77 | bar.cur = cur 78 | last := bar.percent 79 | bar.percent = bar.getPercent() 80 | if bar.percent != last && bar.percent%2 == 0 { 81 | bar.rate += bar.graph 82 | } 83 | fmt.Printf("\r[%-50s]%3d%% %8d/%d", bar.rate, bar.percent, bar.cur, bar.total) 84 | } 85 | func (bar *Bar) Finish() { 86 | fmt.Println() 87 | } 88 | 89 | func InitConfig() { 90 | Config = config{} 91 | 92 | Config.Log = InitLogger() 93 | 94 | if os.Getenv("OUT_FOLDER") != "" { 95 | Config.Outfolder = filepath.Join(os.Getenv("OUT_FOLDER"), "goscan") 96 | } else { 97 | usr, _ := user.Current() 98 | Config.Outfolder = filepath.Join(usr.HomeDir, ".goscan") 99 | } 100 | EnsureDir(Config.Outfolder) 101 | 102 | if os.Getenv("GOSCAN_DB_PATH") != "" { 103 | Config.DBPath = os.Getenv("GOSCAN_DB_PATH") 104 | } else { 105 | Config.DBPath = filepath.Join(Config.Outfolder, "goscan.db") 106 | fmt.Println(Config.DBPath) 107 | } 108 | Config.DB = model.InitDB(Config.DBPath) 109 | 110 | Config.Log.LogDebug("Connected to DB") 111 | } 112 | 113 | func ChangeOutFolder(path string) { 114 | 115 | Config.Outfolder = path 116 | EnsureDir(Config.Outfolder) 117 | 118 | Config.DBPath = filepath.Join(Config.Outfolder, "goscan.db") 119 | fmt.Println(Config.DBPath) 120 | Config.DB = model.InitDB(Config.DBPath) 121 | Config.Log.LogDebug("Connected to DB") 122 | } 123 | 124 | func ParseCmd(s string) (string, []string) { 125 | 126 | s = strings.TrimSpace(s) 127 | if len(s) == 0 { 128 | return "", make([]string, 0) 129 | } 130 | 131 | tokens := strings.Fields(s) 132 | 133 | cmd, args := tokens[0], tokens[1:] 134 | return cmd, args 135 | } 136 | 137 | func ParseNextArg(args []string) (string, []string) { 138 | if len(args) < 2 { 139 | return args[0], make([]string, 0) 140 | } 141 | return args[0], args[1:] 142 | } 143 | 144 | func ParseAllArgs(args []string) string { 145 | return strings.Join(args, " ") 146 | } 147 | 148 | func ShellCmd(cmd string) (string, error) { 149 | Config.Log.LogDebug(fmt.Sprintf("Executing command: %s", cmd)) 150 | output, err := exec.Command("sh", "-c", cmd).Output() 151 | if err != nil { 152 | if !strings.Contains(err.Error(), "exit status 1") { 153 | Config.Log.LogError(fmt.Sprintf("Error while executing command: %s", err.Error())) 154 | } 155 | return string(output), err 156 | } 157 | return string(output), err 158 | } 159 | 160 | func EnsureDir(dir string) { 161 | 162 | if _, err := os.Stat(dir); os.IsNotExist(err) { 163 | os.MkdirAll(dir, os.ModePerm) 164 | Config.Log.LogDebug(fmt.Sprintf("Created directory: %s", dir)) 165 | } 166 | } 167 | 168 | func RemoveDir(dir string) { 169 | os.RemoveAll(dir) 170 | Config.Log.LogDebug(fmt.Sprintf("Deleted directory: %s", dir)) 171 | } 172 | 173 | func CleanPath(s string) string { 174 | return strings.Replace(s, "/", "_", -1) 175 | } 176 | 177 | func WriteArrayToFile(path string, s []string) { 178 | Config.Log.LogDebug(fmt.Sprintf("Writing output to file: %s", path)) 179 | f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, 0755) 180 | if err != nil { 181 | Config.Log.LogError("Cannot create file") 182 | } 183 | defer f.Close() 184 | 185 | sep := "\n" 186 | for _, line := range s { 187 | if _, err = f.WriteString(line + sep); err != nil { 188 | Config.Log.LogError(fmt.Sprintf("Error while writing to file: %s", err)) 189 | } 190 | } 191 | } 192 | 193 | func MD5(s string) (m string) { 194 | h := md5.New() 195 | io.WriteString(h, s) 196 | return fmt.Sprintf("%x", h.Sum(nil)) 197 | } 198 | 199 | func MakeTaskHash(k string) string { 200 | hash := MD5(k) 201 | return hash 202 | } 203 | -------------------------------------------------------------------------------- /core/utils/var.go: -------------------------------------------------------------------------------- 1 | package utils 2 | 3 | import ( 4 | "strings" 5 | "sulab/core/model" 6 | "sync" 7 | ) 8 | 9 | var ( 10 | Mutex sync.Mutex 11 | 12 | PortNames = map[int]string{ 13 | 21: "FTP", 14 | 22: "SSH", 15 | 161: "SNMP", 16 | 445: "SMB", 17 | 1433: "MSSQL", 18 | 3306: "MYSQL", 19 | 5432: "POSTGRESQL", 20 | 6379: "REDIS", 21 | 9200: "ELASTICSEARCH", 22 | 27017: "MONGODB", 23 | } 24 | 25 | SupportProtocols map[string]bool 26 | 27 | BruteResult map[string]model.Service 28 | ) 29 | 30 | func init() { 31 | 32 | BruteResult = make(map[string]model.Service) 33 | 34 | SupportProtocols = make(map[string]bool) 35 | for _, proto := range PortNames { 36 | SupportProtocols[strings.ToUpper(proto)] = true 37 | } 38 | 39 | } 40 | -------------------------------------------------------------------------------- /demo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/demo.png -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module sulab 2 | 3 | go 1.17 4 | 5 | require ( 6 | github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394 7 | github.com/c-bata/go-prompt v0.2.6 8 | github.com/cheggaaa/pb/v3 v3.0.8 9 | github.com/denisenkom/go-mssqldb v0.12.0 10 | github.com/fatih/color v1.13.0 11 | github.com/go-redis/redis/v8 v8.11.5 12 | github.com/gosnmp/gosnmp v1.31.0 13 | github.com/icodeface/grdp v0.0.0-20200414055757-e0008b0b5cb2 14 | github.com/jinzhu/gorm v1.9.16 15 | github.com/jlaffaye/ftp v0.0.0-20220310202011-d2c44e311e78 16 | github.com/lib/pq v1.10.5 17 | github.com/olekukonko/tablewriter v0.0.5 18 | github.com/stacktitan/smb v0.0.0-20190531122847-da9a425dceb8 19 | golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88 20 | gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 21 | ) 22 | 23 | require ( 24 | github.com/VividCortex/ewma v1.1.1 // indirect 25 | github.com/cespare/xxhash/v2 v2.1.2 // indirect 26 | github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect 27 | github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe // indirect 28 | github.com/golang-sql/sqlexp v0.0.0-20170517235910-f1bb20e5a188 // indirect 29 | github.com/hashicorp/errwrap v1.0.0 // indirect 30 | github.com/hashicorp/go-multierror v1.1.1 // indirect 31 | github.com/icodeface/tls v0.0.0-20190904082144-a3e1fe30543e // indirect 32 | github.com/jinzhu/inflection v1.0.0 // indirect 33 | github.com/lunixbochs/struc v0.0.0-20190326164542-a9e4041416c2 // indirect 34 | github.com/mattn/go-colorable v0.1.9 // indirect 35 | github.com/mattn/go-isatty v0.0.14 // indirect 36 | github.com/mattn/go-runewidth v0.0.12 // indirect 37 | github.com/mattn/go-sqlite3 v1.14.0 // indirect 38 | github.com/mattn/go-tty v0.0.3 // indirect 39 | github.com/pkg/term v1.2.0-beta.2 // indirect 40 | github.com/rivo/uniseg v0.2.0 // indirect 41 | golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect 42 | ) 43 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/Azure/azure-sdk-for-go/sdk/azcore v0.19.0/go.mod h1:h6H6c8enJmmocHUbLiiGY6sx7f9i+X3m1CHdd5c6Rdw= 2 | github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.11.0/go.mod h1:HcM1YX14R7CJcghJGOYCgdezslRSVzqwLf/q+4Y2r/0= 3 | github.com/Azure/azure-sdk-for-go/sdk/internal v0.7.0/go.mod h1:yqy467j36fJxcRV2TzfVZ1pCb5vxm4BtZPUdYWe/Xo8= 4 | github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc= 5 | github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM= 6 | github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA= 7 | github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y= 8 | github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394 h1:OYA+5W64v3OgClL+IrOD63t4i/RW7RqrAVl9LTZ9UqQ= 9 | github.com/axgle/mahonia v0.0.0-20180208002826-3358181d7394/go.mod h1:Q8n74mJTIgjX4RBBcHnJ05h//6/k6foqmgE45jTQtxg= 10 | github.com/c-bata/go-prompt v0.2.6 h1:POP+nrHE+DfLYx370bedwNhsqmpCUynWPxuHi0C5vZI= 11 | github.com/c-bata/go-prompt v0.2.6/go.mod h1:/LMAke8wD2FsNu9EXNdHxNLbd9MedkPnCdfpU9wwHfY= 12 | github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= 13 | github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 14 | github.com/cheggaaa/pb/v3 v3.0.8 h1:bC8oemdChbke2FHIIGy9mn4DPJ2caZYQnfbRqwmdCoA= 15 | github.com/cheggaaa/pb/v3 v3.0.8/go.mod h1:UICbiLec/XO6Hw6k+BHEtHeQFzzBH4i2/qk/ow1EJTA= 16 | github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= 17 | github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= 18 | github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= 19 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 20 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 21 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 22 | github.com/denisenkom/go-mssqldb v0.0.0-20191124224453-732737034ffd/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= 23 | github.com/denisenkom/go-mssqldb v0.12.0 h1:VtrkII767ttSPNRfFekePK3sctr+joXgO58stqQbtUA= 24 | github.com/denisenkom/go-mssqldb v0.12.0/go.mod h1:iiK0YP1ZeepvmBQk/QpLEhhTNJgfzrpArPY/aFvc9yU= 25 | github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= 26 | github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= 27 | github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= 28 | github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y= 29 | github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0= 30 | github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= 31 | github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= 32 | github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= 33 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= 34 | github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= 35 | github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= 36 | github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI= 37 | github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= 38 | github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs= 39 | github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= 40 | github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= 41 | github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY= 42 | github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= 43 | github.com/golang-sql/sqlexp v0.0.0-20170517235910-f1bb20e5a188 h1:+eHOFJl1BaXrQxKX+T06f78590z4qA2ZzBTqahsKSE4= 44 | github.com/golang-sql/sqlexp v0.0.0-20170517235910-f1bb20e5a188/go.mod h1:vXjM/+wXQnTPR4KqTKDgJukSZ6amVRtWMPEjE6sQoK8= 45 | github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= 46 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 47 | github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= 48 | github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= 49 | github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= 50 | github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= 51 | github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= 52 | github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= 53 | github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= 54 | github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= 55 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 56 | github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 57 | github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 58 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= 59 | github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= 60 | github.com/gosnmp/gosnmp v1.31.0 h1:l18tqymKfReKBPr3kMK4mMM+n3DHlIpsZbBBSy8nuko= 61 | github.com/gosnmp/gosnmp v1.31.0/go.mod h1:EIp+qkEpXoVsyZxXKy0AmXQx0mCHMMcIhXXvNDMpgF0= 62 | github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= 63 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= 64 | github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= 65 | github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= 66 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= 67 | github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= 68 | github.com/icodeface/grdp v0.0.0-20200414055757-e0008b0b5cb2 h1:ygCqbylErDVlQ3ykPaa8lmfrbPQoiGcOlSgC+Ej8VgI= 69 | github.com/icodeface/grdp v0.0.0-20200414055757-e0008b0b5cb2/go.mod h1:AENknrjjTG+yAL3EFNMDxSALP140yz4RXJOqIwGulig= 70 | github.com/icodeface/tls v0.0.0-20190904082144-a3e1fe30543e h1:3V+yaobzgt0CfQTbMoTEwDY5qbvrVnRgr96JBZ00Vhw= 71 | github.com/icodeface/tls v0.0.0-20190904082144-a3e1fe30543e/go.mod h1:VJNHW2GxCtQP/IQtXykBIPBV8maPJ/dHWirVTwm9GwY= 72 | github.com/jinzhu/gorm v1.9.16 h1:+IyIjPEABKRpsu/F8OvDPy9fyQlgsg2luMV2ZIH5i5o= 73 | github.com/jinzhu/gorm v1.9.16/go.mod h1:G3LB3wezTOWM2ITLzPxEXgSkOXAntiLHS7UdBefADcs= 74 | github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= 75 | github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= 76 | github.com/jinzhu/now v1.0.1 h1:HjfetcXq097iXP0uoPCdnM4Efp5/9MsM0/M+XOTeR3M= 77 | github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= 78 | github.com/jlaffaye/ftp v0.0.0-20220310202011-d2c44e311e78 h1:urWv38lDLjDRk5fG9P8vvxlfpQXaKtRlZc+QLKk3FRA= 79 | github.com/jlaffaye/ftp v0.0.0-20220310202011-d2c44e311e78/go.mod h1:oZaomI+9/et52UBjvNU9LCIqmgt816+7ljXCx0EIPzo= 80 | github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= 81 | github.com/lib/pq v1.10.5 h1:J+gdV2cUmX7ZqL2B0lFcW0m+egaHC2V3lpO8nWxyYiQ= 82 | github.com/lib/pq v1.10.5/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= 83 | github.com/lunixbochs/struc v0.0.0-20190326164542-a9e4041416c2 h1:xvBq0/ARZLqmB57m6jds017I+KtXPcsKBHv6dUUac4A= 84 | github.com/lunixbochs/struc v0.0.0-20190326164542-a9e4041416c2/go.mod h1:iOJu9pApjjmEmNq7PqlA5R9mDu/HMF5EM3llWKX/TyA= 85 | github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= 86 | github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= 87 | github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= 88 | github.com/mattn/go-colorable v0.1.9 h1:sqDoxXbdeALODt0DAeJCVp38ps9ZogZEAXjus69YV3U= 89 | github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= 90 | github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= 91 | github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= 92 | github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= 93 | github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= 94 | github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= 95 | github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= 96 | github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= 97 | github.com/mattn/go-runewidth v0.0.12 h1:Y41i/hVW3Pgwr8gV+J23B9YEY0zxjptBuCWEaxmAOow= 98 | github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= 99 | github.com/mattn/go-sqlite3 v1.14.0 h1:mLyGNKR8+Vv9CAU7PphKa2hkEqxxhn8i32J6FPj1/QA= 100 | github.com/mattn/go-sqlite3 v1.14.0/go.mod h1:JIl7NbARA7phWnGvh0LKTyg7S9BA+6gx71ShQilpsus= 101 | github.com/mattn/go-tty v0.0.3 h1:5OfyWorkyO7xP52Mq7tB36ajHDG5OHrmBGIS/DtakQI= 102 | github.com/mattn/go-tty v0.0.3/go.mod h1:ihxohKRERHTVzN+aSVRwACLCeqIoZAWpoICkkvrWyR0= 103 | github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8= 104 | github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= 105 | github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= 106 | github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= 107 | github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= 108 | github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= 109 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= 110 | github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= 111 | github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= 112 | github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= 113 | github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= 114 | github.com/onsi/ginkgo/v2 v2.0.0/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= 115 | github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= 116 | github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= 117 | github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= 118 | github.com/onsi/gomega v1.18.1 h1:M1GfJqGRrBrrGGsbxzV5dqM2U2ApXefZCQpkukxYRLE= 119 | github.com/onsi/gomega v1.18.1/go.mod h1:0q+aL8jAiMXy9hbwj2mr5GziHiwhAIQpFmmtT5hitRs= 120 | github.com/pkg/browser v0.0.0-20180916011732-0a3d74bf9ce4/go.mod h1:4OwLy04Bl9Ef3GJJCoec+30X3LQs/0/m4HFRt/2LUSA= 121 | github.com/pkg/term v1.2.0-beta.2 h1:L3y/h2jkuBVFdWiJvNfYfKmzcCnILw7mJWm2JQuMppw= 122 | github.com/pkg/term v1.2.0-beta.2/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw= 123 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 124 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 125 | github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= 126 | github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= 127 | github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= 128 | github.com/stacktitan/smb v0.0.0-20190531122847-da9a425dceb8 h1:GVFkBBJAEO3CpzIYcDDBdpUObzKwVW9okNWcLYL/nnU= 129 | github.com/stacktitan/smb v0.0.0-20190531122847-da9a425dceb8/go.mod h1:phLSETqH/UJsBtwDVBxSfJKwwkbJcGyy2Q/h4k+bmww= 130 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 131 | github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= 132 | github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 133 | github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= 134 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= 135 | github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 136 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 137 | golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 138 | golang.org/x/crypto v0.0.0-20190909091759-094676da4a83/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 139 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 140 | golang.org/x/crypto v0.0.0-20191205180655-e7c4368fe9dd/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 141 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 142 | golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= 143 | golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88 h1:Tgea0cVUD0ivh5ADBX4WwuI12DUd2to3nCYe2eayMIw= 144 | golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= 145 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= 146 | golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 147 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 148 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 149 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 150 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 151 | golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 152 | golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 153 | golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 154 | golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= 155 | golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= 156 | golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= 157 | golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE= 158 | golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= 159 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 160 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 161 | golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 162 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 163 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 164 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 165 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 166 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 167 | golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 168 | golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 169 | golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 170 | golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 171 | golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 172 | golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 173 | golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 174 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 175 | golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 176 | golang.org/x/sys v0.0.0-20200918174421-af09f7315aff/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 177 | golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 178 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 179 | golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 180 | golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 181 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 182 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 183 | golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 184 | golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= 185 | golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 186 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= 187 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= 188 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 189 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 190 | golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= 191 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 192 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 193 | golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= 194 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 195 | golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= 196 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 197 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 198 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 199 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 200 | google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= 201 | google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= 202 | google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= 203 | google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= 204 | google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= 205 | google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= 206 | google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= 207 | google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= 208 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= 209 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 210 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= 211 | gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 h1:VpOs+IwYnYBaFnrNAeB8UUWtL3vEUnzSCL1nVjPhqrw= 212 | gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= 213 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= 214 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= 215 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 216 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 217 | gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 218 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 219 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= 220 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= 221 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 222 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= 223 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 224 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "strings" 6 | "sulab/core/cli" 7 | "sulab/core/utils" 8 | 9 | "github.com/c-bata/go-prompt" 10 | "github.com/fatih/color" 11 | ) 12 | 13 | var ( 14 | author string = "sulab" 15 | version string = "0.1" 16 | ) 17 | 18 | func showBanner() { 19 | name := fmt.Sprintf("Taiji (v.%s)", version) 20 | banner := ` 21 | _________ ____ ____________ ________________ 22 | /_ __/ _ | / _/_ / / _/ __/ / / / _/_ __/ __/ 23 | / / / __ |_/ // // // /_\ \/ /_/ // / / / / _/ 24 | /_/ /_/ |_/___/\___/___/___/\____/___/ /_/ /___/ 25 | ` 26 | 27 | all_lines := strings.Split(banner, "\n") 28 | w := len(all_lines[1]) 29 | 30 | fmt.Println(banner) 31 | color.Green(fmt.Sprintf("%[1]*s", -w, fmt.Sprintf("%[1]*s", (w+len(name))/2, name))) 32 | color.Blue(fmt.Sprintf("%[1]*s", -w, fmt.Sprintf("%[1]*s", (w+len(author))/2, author))) 33 | fmt.Println() 34 | } 35 | 36 | func initCore() { 37 | 38 | showBanner() 39 | 40 | utils.InitConfig() 41 | } 42 | 43 | func main() { 44 | 45 | initCore() 46 | 47 | p := prompt.New( 48 | cli.Executor, 49 | cli.Completer, 50 | prompt.OptionTitle("Taiji: Penetration Test Framework"), 51 | prompt.OptionPrefix("[Taiji] > "), 52 | prompt.OptionLivePrefix(cli.ChangeLivePrefix), 53 | prompt.OptionInputTextColor(prompt.White), 54 | ) 55 | p.Run() 56 | } 57 | -------------------------------------------------------------------------------- /nworld.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/nworld.jpg -------------------------------------------------------------------------------- /pass.txt: -------------------------------------------------------------------------------- 1 | 123456 2 | 9228clyx3709 3 | guest 4 | zj33iHJJXudCuP7u 5 | 123456a 6 | dayin 7 | nsfocus 8 | !@#admin123 9 | @#admin123 10 | admin1 11 | soidc..123 12 | zxasqw12 13 | 14500 14 | 123456^%$#@! 15 | !qaz2wsx3edc 16 | testing 17 | ADMIN 18 | www.idcth.com 19 | Football 20 | Afs123456 21 | wsmyaoai!@ 22 | hack 23 | hack!@# 24 | cqtbzx 25 | 2wsxcde3 26 | ZHONGGUO$#@!999@ 27 | WD#sd7258 28 | lingfeng 29 | Ret123456 30 | wzl!@#789 31 | fuwuqi1 32 | huaibeitc.com 33 | www.chinacache.com 34 | mysql!@# 35 | geili 36 | geilia 37 | geiligeili 38 | geili2012 39 | 123456,. 40 | 123abc,. 41 | 123,. 42 | woaini,. 43 | woaini1314, 44 | woaini1314,. 45 | chinacache.com 46 | 775207 47 | 7143236 48 | 1234qwea 49 | adm1n 50 | sql2000#@! 51 | adm1na 52 | administrat0r 53 | adm1n1strator 54 | adm1nistrator 55 | shilei521 56 | shilei521shilei521 57 | zzidc2012 58 | www.huaibeitc.com 59 | guest 60 | 33221 61 | 33221a 62 | 33221. 63 | 33221.. 64 | zzidc 65 | zzidc123 66 | zzidc1@3 67 | zzidc!2# 68 | zzidc!@# 69 | zzidc!@#123 70 | zzidc123!@# 71 | %@)!#!$ 72 | %@)##$$ 73 | %@) 74 | 5213466 75 | 521344. 76 | 1314!#!$ 77 | !#!$ 78 | %@)1314 79 | %@)1314. 80 | %@)3344 81 | %@)3344. 82 | %@)3344a 83 | %@)1314a 84 | %@)!#!$.. 85 | %@)!#!$. 86 | !QWE123!@# 87 | !QWE!@#123 88 | !QWE!@# 89 | GUEST 90 | P@SSWORD!@#$ 91 | cinternet_yzh 92 | chinadatas.com 93 | qsn147 94 | admin@321 95 | !@#$qwer1234 96 | zeidc123123 97 | zaqq 98 | abcd123!@# 99 | idc0318 100 | qwer!@#$1234 101 | qwer1234!@#$ 102 | ....... 103 | ...... 104 | ... 105 | .......nyes 106 | vps.com 107 | !@qwaszx 108 | asd123.0 109 | 4280939 110 | zai 111 | zai. 112 | zjidc!@ 113 | 0579idc666 114 | wudisk 115 | zjidc 116 | lingshanfood 117 | xinnet2009n 118 | zjidc!@# 119 | 1a2b3c4d 120 | woridigua 121 | yqb963456 122 | qq123456 123 | shabi520 124 | GHOST 125 | !1@2#3 126 | !1 127 | !1@2 128 | !1@2#3 129 | !1@2#3$4 130 | !1@2#3$4%5 131 | !1@2#3$4%5^6 132 | !1@2#3$4%5^6&7 133 | !1@2#3$4%5^6&7*8 134 | !1@2#3$4%5^6&7*8(9 135 | !1@2#3$4%5^6&7*8(9)0 136 | !2#4 137 | !2 138 | !2# 139 | !2#4% 140 | !2#4%6 141 | !2#4%6& 142 | !2#4%6&8 143 | !2#4%6&8( 144 | !2#4%6&8(0 145 | 1@ 146 | 1@3 147 | 1@3$ 148 | 1@3$5 149 | 1@3$5^ 150 | 1@3$5^7 151 | 1@3$5^7* 152 | 1@3$5^7*9 153 | 1@3$5^7*9) 154 | nfidc2011 155 | 1a2b3c4d5e 156 | zkyq~123 157 | admin~123 158 | 123~123 159 | 123~321 160 | 2011 161 | 1234asdf!@# 162 | wuzhi!@#360 163 | wuzhi!@#360. 164 | wuzhi!@#360.. 165 | qaz321.. 166 | qwert12345 167 | 6504710shuazuan 168 | sky!QAZ@WSX 169 | ws@1zxxn 170 | mingshang 171 | 96686112 172 | wanghao123 173 | 3000idc 174 | power0.123 175 | P@$$w0rd 176 | 1235698 177 | 1! 178 | 1!2@ 179 | 1!2@3# 180 | 1!2@3#4$ 181 | 1!2@3#4$5% 182 | 1!2@3#4$5%6^ 183 | 1!2@3#4$5%6^7& 184 | 1!2@3#4$5%6^7&8* 185 | 1!2@3#4$5%6^7&8*9( 186 | 1!2@3#4$5%6^7&8*9(0) 187 | 1!2@3#4$5%6^7&8*9(0)- 188 | 1!2@3#4$5%6^7&8*9(0)-= 189 | 1!2@3#4$5%6^7&8*9(0)-_=+ 190 | 1!2@3#4$5%6^7&8*9(0)-_ 191 | 112233445566778899 192 | 1597530258 193 | 1597538520 194 | htidc@111 195 | 159753 196 | 122455788 197 | 133466799 198 | 112244557788 199 | 113344667799 200 | idc2010 201 | idc2011 202 | idc2012 203 | 7191011 204 | xxzxjx@2011# 205 | xxzxjx@2012# 206 | 2wsx#EDC4rfv%TGB 207 | 3edc$RFV5tgb^YHN 208 | 4rfv%TGB6yhn&UJM 209 | 5tgb^YHN7ujm*IK, 210 | xyz 211 | 3344 212 | 19811203 213 | !@#qweasd 214 | huawei123 215 | xiaobaogg 216 | 123 217 | 4rfv3edc2wsx1qaz 218 | huawei 219 | 1235246 220 | 123246579 221 | 4006268199 222 | qqqwww 223 | 1qaz2wsx3edc4rfv 224 | 00112233445566778899 225 | 99887766554433221100 226 | 998877665544332211 227 | WWW.123.COM 228 | lituobestsanmao 229 | 332211 230 | !@#19841010 231 | computer 232 | computer. 233 | idc2.com.cn 234 | YUNPAI.COM 235 | XUXULIKE.COM 236 | 594201 237 | 870621 238 | 594201. 239 | kawayi 240 | MEIYOUMIMA 241 | 7730 242 | z584897593 243 | 123654.com 244 | 999wf 245 | 100.. 246 | 200.. 247 | 100200.. 248 | 1000.. 249 | 1000. 250 | 100. 251 | 100a.. 252 | 100a.+ 253 | 100a. 254 | 1376356 255 | zhoushuai521 256 | 521 257 | 44944 258 | 00544 259 | shishijiushishi 260 | dongdongwoshishi 261 | ze!idc!@# 262 | ze.idc!@# 263 | ze.idc123 264 | ze.idc!@#123 265 | ze.idc123.!@# 266 | zeidc123. 267 | zeidc123.a 268 | zeidc123.!@# 269 | zeidc!@#.123 270 | ze!idc123 271 | geiwogun 272 | 1238249 273 | baizi514 274 | 549201 275 | 199175 276 | admin2008 277 | admin2012 278 | 777777 279 | 321.a 280 | q5qymgw9 281 | 123.456a 282 | 123456.a 283 | 1234 284 | changeme 285 | Aa#bB@741852 286 | 1qa2ws 287 | qingdao 288 | fangfang 289 | 123.456.789 290 | 123.456.789a 291 | 123.456 292 | 123.789 293 | 123.789a 294 | zxcqwe 295 | qwezxc 296 | ZXCQWE 297 | QWEZXC 298 | 1qwe3zxc 299 | 3zxc1qwe 300 | 1zxc3qwe 301 | 1qwe2zxc 302 | 2zxc1qwe 303 | !@#123qwe 304 | 1zxc2qwe 305 | 115599 306 | 335577 307 | !q@w#e$r 308 | 995511 309 | 564335 310 | 775533 311 | 225588 312 | 22446688 313 | 88446622 314 | 22668844 315 | 22448866 316 | huihui 317 | huqhuq 318 | 112445788 319 | 113446799 320 | wocaonima 321 | wocaonima123 322 | 123wocaonima 323 | 55 324 | wocaonima123. 325 | wocaonima123.. 326 | wocaonimaa 327 | wocaonima. 328 | wocaonima.. 329 | wocaonimaa. 330 | wocaonimaa.. 331 | wocaonimeia 332 | wocaonimei 333 | wocaonimei. 334 | wocaonimei.. 335 | wocaonimeia. 336 | wocaonimeia.. 337 | woshinidie 338 | totoidc 339 | . 340 | caonima123 341 | admin110 342 | admin120 343 | admin119 344 | wutian1010 345 | network 346 | ti 347 | woshinidie123 348 | woshinidie123.. 349 | caonima 350 | woshiniba 351 | woshiniba. 352 | woshiniba.. 353 | wshinibaa 354 | woshinibaba 355 | wocaonibaba 356 | wocaoniba. 357 | tianshidechibang 358 | changxiang 359 | wwwroot 360 | c361.com 361 | chinacache 362 | 5842189jqk.116 363 | ebadu 364 | 9494 365 | QWERTYUIOP[] 366 | ASDFGHJKL;'\ 367 | ASDFGHJKL; 368 | ASDFGHJKL 369 | QWERTYUIOP 370 | ZXCVBNM,./ 371 | ZXCVBNM,. 372 | ZXCVBNM, 373 | ZXCVBNM 374 | QWEASDZXC 375 | 1QWE2ASD3ZXC 376 | QWE1ASD2ZXC3 377 | 1QAZ2WSX3EDC 378 | 1QAZ2WSX 379 | !QAZ@WSX#EDC 380 | !QAZ@WSX 381 | jjidcJJIDC123 382 | rst_login../ 383 | rst_login 384 | 2fwtyjo1urw9 385 | 2fwtyo1urw9 386 | idc0514 387 | liuhuating@#changji 388 | 123456789jqka2 389 | 123456789jqk 390 | 123456789jqka. 391 | 123456789jqka 392 | 123456789.jqka 393 | 123456789.jqk 394 | 123456789jqk.a 395 | !qaz@wsx#edc 396 | 12345678910jqka2 397 | 12345678910jqka 398 | 123457 399 | 12345678910.jqka2 400 | 1qa2ws3ed 401 | 12345678910.jqk.a 402 | 888999 403 | shusheng 404 | abc123!@# 405 | 12345678910jqka.2 406 | hy2010 407 | trend 408 | gbys_2011 409 | 12345678910jqk.a 410 | 12345678910jqk 411 | qwaszx12 412 | admin123.0 413 | 12zxasqw 414 | asd123!@# 415 | 057686200002 416 | esin.com 417 | zxc123!@# 418 | admin123456 419 | zouwenbo123 420 | yize123 421 | woqu123 422 | 123a.123a 423 | 123a.123 424 | 235wcqt55b 425 | esin0731.com 426 | jiushijiushi 427 | wocaoniubi 428 | wocaonb 429 | wocaoniucha 430 | wocaoniuX 431 | wocaoniux 432 | wocaoniubia 433 | wocaonba 434 | wocaoniubi. 435 | admin1234 436 | wocaoniubi.. 437 | wocaonb. 438 | wocaonb.. 439 | comeonbabey 440 | 000 441 | esin0731.com 442 | landuidc 443 | 8172590 444 | 2020110 445 | zeidc123!@# 446 | ZEIDC 447 | ZEIDC123 448 | ZEIDC!@# 449 | ZEIDC!@#123 450 | ZEIDC123!@# 451 | zeidc!@#123 452 | zeidc!@#a123 453 | zeidc123a!@# 454 | zeidc123a 455 | zeidc!@#a 456 | 7788250 457 | qingyouduzhong 458 | 7758520.. 459 | wocaoa 460 | chinaidc 461 | dede 462 | 5 463 | 789&*( 464 | idcadministrator 465 | 999abc 466 | abc999 467 | niubikalasi 468 | niubikelasi 469 | nbkelasi 470 | nbkalasi 471 | niubi123 472 | 123niub 473 | niuba 474 | nba 475 | nb123 476 | 123nb 477 | niubi123a 478 | 123niubia 479 | niubi123. 480 | admini 481 | 123niubi. 482 | 123niubi123 483 | 999abc. 484 | abc999. 485 | yzboyue.com 486 | www.yzboyue.com 487 | idcadmin 488 | idcadmina 489 | woaini234game 490 | woaini234 491 | woainia 492 | woaini1234 493 | woaini3456 494 | woaini123 495 | zhaociji 496 | taicijile 497 | taicijila 498 | 7758520. 499 | jingjing 500 | 654321a 501 | 654321a. 502 | 654321a.. 503 | 654321a.+ 504 | caonima.com 505 | www.caonima.com 506 | caoniniang.com 507 | ganniniang.com 508 | www.caoniniang.com 509 | www.ganniniang.com 510 | 7758520a 511 | 00114477 512 | 114477 513 | 00225588 514 | 00336699 515 | 336699a 516 | 225588a 517 | 114477a 518 | zxin10 519 | idc.com 520 | 123123.com 521 | yiwang_3758 522 | xx520.. 523 | www.idc.com 524 | yifan3758 525 | com.5778 526 | ceshi 527 | ceshi5778 528 | lvyou 529 | china!@#2011 530 | lvyoubbs 531 | useradmin 532 | zxccxz 533 | 5991886 534 | werwer 535 | aaabbb 536 | ocnc123 537 | vcenter 538 | aaabbb. 539 | westidc123 540 | aaabbb.+ 541 | a123.123.+ 542 | b123b 543 | abc123abc 544 | qijimu.com 545 | abc123a 546 | abc123abc.. 547 | 123abc.. 548 | 123ABC.. 549 | abc123abc. 550 | abc123abc.+ 551 | 188 552 | test 553 | chinazhongguo 554 | zhongguochina 555 | chinazhongguo. 556 | chinazhongguo.. 557 | chinazhongguo..+ 558 | chinazhongguo.+ 559 | zhongguochina. 560 | zhongguochina.+ 561 | zhongguochina..+ 562 | wocaozhongguo 563 | zhongguowocao 564 | wocaozhongguo. 565 | zhongguowocao. 566 | diandian.. 567 | xcvxcv 568 | test)$!@ 569 | 684755 570 | ld23090dong 571 | 0.321 572 | a321 573 | a123 574 | a 575 | aaa 576 | aaaa 577 | aa 578 | abcd1234 579 | a.123 580 | a.321 581 | a.321a 582 | b321 583 | z321 584 | q321 585 | b.321 586 | z.321 587 | q.321 588 | 1a. 589 | 1z. 590 | 1q. 591 | 1a 592 | 1z 593 | 1q 594 | admin147 595 | zxccxz1 596 | 123987 597 | 123987a 598 | gameidc 599 | 123456 600 | qwerasdfzxcv 601 | qwerasdf 602 | qweewq1 603 | qweewq 604 | abc123456. 605 | a123456789a 606 | qaz123 607 | z123456 608 | www.cz.com.cn 609 | www.jjidc.com 610 | QWE123!@# 611 | QWE!@#123 612 | qwe!@#123 613 | 737399 614 | ycw1234!@#$ 615 | 200833 616 | 13579 617 | poiuytrewq 618 | lkjhgfdsa 619 | mnbvcxz 620 | 24680 621 | jjidc.com.cn 622 | qiaolin520 623 | as1230. 624 | 1230. 625 | +-*/123 626 | +/*-456 627 | +/*-123 628 | koma 629 | +-*/456 630 | +-*/789 631 | asd1230. 632 | 1234asdf!@#$ 633 | 1234!@# 634 | qw123. 635 | qwe123.. 636 | qw123a 637 | qw123.a 638 | qw1230. 639 | qw1230.a 640 | zxc123. 641 | zxc123.a 642 | zxc1230. 643 | zx1230. 644 | zx1230.a 645 | 123.a 646 | asd123. 647 | asd123.a 648 | asd123.. 649 | jjidccom 650 | 123456abc 651 | 123456a 652 | 19885510 653 | xyidc_2006 654 | 6695zx 655 | scictd9821622 656 | 365obsserver! 657 | Server 658 | ranglm123456 659 | 13920225257 660 | idc925111 661 | 1qaz@wsx#edc 662 | 666666 663 | .......199 664 | xu15817079919 665 | yanjin0429 666 | zhangznw 667 | 13527380230 668 | idc0.01 669 | YZ@Cnidc@563IDC#2618$ZF 670 | idc123&123 671 | 662766 672 | 122.224 673 | qweasdqwe 674 | chinaidcok 675 | huaiyukeji115 676 | .......199@ 677 | 361072011 678 | yzidc!@# 679 | liuzhangzi1988 680 | 123456!@#$%^ 681 | idc0123 682 | dahouzi110 683 | 123.789+ 684 | trista188#** 685 | mm1237 686 | 07736056123 687 | TnHoo15862380404 688 | idc0123 689 | 189532210113 690 | idc123 691 | jspower123.0 692 | gedingfeng1102888 693 | 122.336 694 | 5ds65tr5as 695 | 122.335 696 | sino 697 | !@#$% 698 | www.esin.com 699 | 95217189 700 | 95217 701 | passjjidc.net 702 | passwjz5122356 703 | !!@@198653 704 | 1357924680 705 | chinayixun 706 | qweasdzxc123 707 | 1qwe2asd3zxc 708 | 123qweasdzxc 709 | huachen1258zz 710 | power123.0 711 | sanhe123 712 | 3H8IDC72sanhe000 713 | xiaoyili 714 | sanhe000~!@# 715 | 1234qwer!@#$ 716 | 1234qwer!@# 717 | qwer!@#$ 718 | Chinawidc168 719 | idc1688 720 | mozhale 721 | Chinaidcw 722 | Q!W@E#R$ 723 | deoogulhk 724 | qweasdzxc123. 725 | esincs 726 | qweasdzxc. 727 | qweasdzxc 728 | 123qweasdzxc. 729 | 1qwe2asd3zxc. 730 | passw0rd 731 | zxc123.. 732 | Passw0rd 733 | P@ssW0rd 734 | p@ssw0rd 735 | huaibeitc2020 736 | 654321 737 | iloveyou1314 738 | iloveyou1314. 739 | iloveyou1314.. 740 | iloveyou1314.+ 741 | iloveyou5201314 742 | iloveyou5201314. 743 | iloveyou5201314.. 744 | iloveyou5201314.+ 745 | iloveyou521314 746 | iloveyou521314. 747 | iloveyou521314.. 748 | iloveyou521314.+ 749 | iloveyou5211314 750 | iloveyou5845211314 751 | iloveyou584521314 752 | iloveyoubabey 753 | www.qq.com 754 | 5201314a 755 | 1314.520 756 | 520.1314 757 | iloveyoubabey. 758 | iloveyoubabey.. 759 | iloveyoubabey.+ 760 | 123456654321 761 | ww.1g.com.cn 762 | www.123.com 763 | webcc123 764 | mayiyahei 765 | administratora 766 | 123.654 767 | 123a654 768 | 654.123 769 | 654a123 770 | 123654.. 771 | 9527 772 | wobuzhidao 773 | buzhidaomima 774 | buzhidao#21 775 | buzhidao 776 | njxw2011 777 | 123456.com 778 | www.123456.com 779 | ytisp!@#$bac 780 | taishan 781 | escroson2009 782 | xlq2922154 783 | gyjsuukk 784 | qyjsuukkooii 785 | nanjing 786 | jiangsunanjing 787 | !@#admina 788 | zhongguodianxin 789 | zhongguowangtong 790 | chinadianxin 791 | 654321 792 | chinawangtong 793 | ymidc 794 | password0 795 | 123123abc.+ 796 | 123123abc 797 | abcabc 798 | lq 799 | 751005 800 | 123abc123abc 801 | 123abc123abc. 802 | abcabc123 803 | abc123123a 804 | abc123123. 805 | abc123123a. 806 | zhongguoliantong 807 | jia 808 | chinaliantong 809 | zhongguotietong 810 | chinatietong 811 | !@#admin 812 | zhongguoyidong 813 | chinayidong 814 | caodenimaoojiao 815 | userver1 816 | 123123123a 817 | 123321123 818 | server 819 | 123123123. 820 | 123.123.123 821 | 123.123.123a 822 | mj6598140 823 | 123.123a. 824 | 123.123a 825 | 123.123 826 | 120.123123 827 | 30.123123 828 | yoanhk@1630com 829 | netuser.. 830 | userver.. 831 | wanbuqi 832 | shangbuqi 833 | 62716849 834 | xiaoqiang2011 835 | 456852 836 | douniwan 837 | wanbuqi.. 838 | wanbuqi. 839 | wanbuqi.+ 840 | shangbuqi.. 841 | zeidc!@# 842 | zeidc!2# 843 | zeidc1@3 844 | zeidc1@# 845 | zeidc123!23 846 | zeidc1231@3 847 | zeidc12312# 848 | shangbuqi. 849 | shangbuqi.+ 850 | douniwan.. 851 | 6efqw9evc6 852 | douniwan. 853 | douniwan.+ 854 | douniwana 855 | asd.qwe.123 856 | qwe.asd.zxc 857 | qwe.asd.zxc.123 858 | qwe.asd.zxc123 859 | qwe.asd.zxc.!@# 860 | qwe.asd.zxc!@# 861 | qaz*!!)!@ 862 | tiankong!@# 863 | 8762973 864 | sb250 865 | shabi250 866 | sb250. 867 | sb250.. 868 | shabi250. 869 | shabi250a 870 | sb250a 871 | shabi250.. 872 | xiaocaoc 873 | xiaocaocao 874 | xiaocao.. 875 | xiaohua 876 | 1+2+3+4 877 | 1a2s3d4f 878 | a1s2d3f4 879 | 987654321 880 | 1z2x3c4v 881 | z1x2c3v4 882 | 132580 883 | 123456789aa 884 | best 885 | 3164978520 886 | 3164970258 887 | longhao520..1 888 | 520..1 889 | 520..a 890 | a..520 891 | a520.. 892 | huangshang 893 | 1234rewq 894 | rewq4321 895 | rewq1234 896 | gongzhu 897 | taizi 898 | fenghuang 899 | longfeng 900 | fenghuangchuanqi 901 | feng@huang@123abc 902 | feng@huang@123abc. 903 | feng@huang@123abc.+ 904 | fenghuang.. 905 | fenghuang. 906 | fenghuang.+ 907 | longfeng.. 908 | fengfeng. 909 | longfeng.+ 910 | woqunimabi 911 | Qwerty 912 | wangba 913 | panshi371 914 | kuaibo 915 | wc.com 916 | yaodi@555 917 | hunshehui 918 | heishehui 919 | cesuowc 920 | wccesuo 921 | laoshu 922 | internet 923 | pplive 924 | 123654a 925 | 123654a. 926 | 123654a.. 927 | 123654a.+ 928 | qqlive 929 | 456987a 930 | 456987 931 | haloukeiti 932 | hellokitty 933 | haloukitty 934 | haloukugou 935 | hellokugou 936 | caonima!@#123.+ 937 | shinubi 938 | 1314521 939 | 1314520 940 | 1314521.. 941 | 1314520.. 942 | 1314521. 943 | 1314520. 944 | aini130. 945 | wocaoa 946 | seeyou 947 | 1qaz2xsw3edc 948 | 1qaz2xsw 949 | qazxswedc 950 | 1qazxsw2edc 951 | pcadminghhd 952 | hello 953 | HI~ 954 | hi~ 955 | hi 956 | a5201314 957 | onetwo 958 | shuijiao 959 | 0.0 960 | qingchun 961 | huore 962 | yuwang 963 | xiwang 964 | feixiang 965 | 1.1 966 | -,- 967 | -.- 968 | fuckyou 969 | happynew 970 | grilboy 971 | boygril 972 | fuyun 973 | IPhone4 974 | iphone4 975 | iphone4s 976 | apple1 977 | applea 978 | apple 979 | 5202003 980 | 5202008 981 | !@##@! 982 | nimama 983 | nibaba 984 | nima 985 | jifangmima 986 | kinkin 987 | a5201314. 988 | a5211314. 989 | 521314.. 990 | 521314. 991 | 521314 992 | a521314 993 | a521314.. 994 | wwqqww 995 | woainiys1 996 | !@#!@#!@# 997 | 520131463 998 | qqqqqq 999 | woaini521.. 1000 | woaini521 1001 | woaini520521 1002 | 520521.. 1003 | 520521 1004 | 521520.. 1005 | !@#!@# 1006 | wojiu4zhu 1007 | wojiushizhu 1008 | woaini3344.. 1009 | abc123 1010 | abc123. 1011 | ABC123. 1012 | abc123.+ 1013 | abc123.. 1014 | ABC123.. 1015 | ABC123.+ 1016 | abc123..+ 1017 | Monkey 1018 | dq06 1019 | 123.0 1020 | best 1021 | 555222000 1022 | wunaidewo 1023 | wunai 1024 | yumen 1025 | wocaoledj 1026 | xc123456789 1027 | qwerasdf147 1028 | 321432321 1029 | aisinile 1030 | monkey 1031 | Letmein 1032 | aaa0416 1033 | letmein 1034 | wasdijkl 1035 | xhwzxh 1036 | mimashisha 1037 | mima 1038 | taiyangri 1039 | taiyangR 1040 | taiyangr 1041 | wsrzzr 1042 | yehaohaoye 1043 | 7758521wzq 1044 | yueliang11 1045 | yueliang21 1046 | yueliang 1047 | babamama 1048 | 123456h 1049 | 123456q 1050 | 123456z 1051 | 123456x 1052 | 123456c 1053 | 123456d 1054 | 123456e 1055 | 123456r 1056 | 123456f 1057 | 123456m 1058 | sishenlaile 1059 | 131415926 1060 | a123123 1061 | 654123a 1062 | 654123 1063 | younizhenhao 1064 | qwzxercv 1065 | thankyou 1066 | qwas123321 1067 | jifangmima 1068 | a521314 1069 | 521314 1070 | 521314.. 1071 | 521314. 1072 | a521314.. 1073 | a521314. 1074 | woaini11 1075 | qawseda 1076 | 123abc!@# 1077 | bertiezlu7u2p7j5 1078 | gyjs7788 1079 | llwl507cn.1314 1080 | 123..f 1081 | 123..** 1082 | yu233 1083 | xiaohuai 1084 | shcyc123 1085 | 123456.. 1086 | anchnet123@#$ 1087 | 110119 1088 | 1593570258 1089 | )(*&^%$#@! 1090 | as51230 1091 | sakura 1092 | 4603540 1093 | 1988aa 1094 | fg1234 1095 | 789456 1096 | /*-789456123 1097 | lajimima 1098 | 123654 1099 | 123654789 1100 | 987456321a 1101 | xinNETP@ssW0rD8 1102 | 987456321 1103 | 789654123 1104 | server2003 1105 | 789654123a 1106 | qweqwe12 1107 | !Q@W#E$R 1108 | 10002000 1109 | a111111 1110 | 123a.+ 1111 | 123a. 1112 | 123a.. 1113 | 1122 1114 | a123. 1115 | a123.123a 1116 | a123.123.123a 1117 | a123.+ 1118 | a123..+ 1119 | a1231 1120 | a123a 1121 | 456123 1122 | akosdkasod 1123 | OAOidc123!@# 1124 | panshi0426 1125 | l@vey@u 1126 | Abcd1234 1127 | l@veyou 1128 | il@veyou 1129 | il@vey@u 1130 | WOAINI 1131 | WOAINI.. 1132 | WOAINI. 1133 | WOAINI1314 1134 | WOAINI3344 1135 | woaini1314..+ 1136 | abcd1234. 1137 | abcd1234.. 1138 | abcd1234.+ 1139 | abcd1234..+ 1140 | asdf1234. 1141 | asdf1234 1142 | qwer1234 1143 | zxcv1234 1144 | yiyayou 1145 | waini1234 1146 | huangshan 1147 | jingdian1956 1148 | zhongjie 1149 | sss123456 1150 | 52052054 1151 | woai4ni6 1152 | asd1012 1153 | zxc1012 1154 | sc1012 1155 | baobeiyaojing 1156 | 3344521 1157 | 1111111 1158 | 741741 1159 | bendan123 1160 | lqkajz 1161 | pqoaiz 1162 | qazokm 1163 | qazpl, 1164 | qaz]'/ 1165 | love5 1166 | nice 1167 | nice. 1168 | nice.. 1169 | nice1 1170 | //123456 1171 | zuiai521 1172 | aaa0416 1173 | 123456789/*- 1174 | 123+456+789 1175 | 369/*- 1176 | 01478520963. 1177 | 110120 1178 | 110120110120 1179 | `1234567890-=\ 1180 | 1+2+3+4+5+6+7+8+9 1181 | 555idc 1182 | 0.123456789 1183 | 124578.369 1184 | 1346798520 1185 | 134679 1186 | 134679a 1187 | 134679a. 1188 | 134679. 1189 | 134679.. 1190 | 147852 1191 | 134679a.. 1192 | 321654987 1193 | 1346790258 1194 | 147852369 1195 | 01478520.369 1196 | 0123456789 1197 | 102030405060708090 1198 | 102030 1199 | 1020 1200 | 0110 1201 | trustno1 1202 | dns-01 1203 | Dragon 1204 | Baseball 1205 | dragon 1206 | baseball 1207 | 124578 1208 | 124578963 1209 | 124578369 1210 | 25698 1211 | a1s2d3 1212 | a1a2a3 1213 | 1a 1214 | 1a2s3d 1215 | 1a2a3a 1216 | tiantang 1217 | asdfgh 1218 | sdfsdf 1219 | 111111 1220 | Iloveyou 1221 | aaaaaaaa1 1222 | woailaopo 1223 | 520... 1224 | idcidcidc 1225 | qwe123a 1226 | iloveyou 1227 | imissyou 1228 | sad012 1229 | p0p0p0p0 1230 | sd445566 1231 | 111213 1232 | xie123 1233 | nimda 1234 | qazwsxedc 1235 | huaweiepon 1236 | 1234567891 1237 | hbposev9 1238 | Master 1239 | master 1240 | password 1241 | 123123 1242 | Superman 1243 | superman 1244 | tianxi8656261 1245 | 7758520 1246 | chuanqisifu 1247 | 19885510 1248 | yzidc!*( 1249 | 1qaz2wsx 1250 | 1qaz@wsx 1251 | 1qaz3edc 1252 | !QAZ2wsx 1253 | !QAZ2WSX 1254 | !qaz2wsx 1255 | !QAZ@wsx 1256 | !QAZ3edc 1257 | ##login!@# 1258 | keep123++ 1259 | 123456abc 1260 | gongxifacai 1261 | !@#$%^&*( 1262 | wocaoshini 1263 | wocaoniniang 1264 | chinese 1265 | comeon 1266 | music 1267 | asdfghjkl 1268 | Ashmboy2008B 1269 | qwertyu 1270 | qwertyuiop[] 1271 | qwertyuiop 1272 | asdfghjkl;' 1273 | zxcvbnm 1274 | zxcvbnm,./ 1275 | caonimabi 1276 | (123456) 1277 | 3.1415926 1278 | 3.141592653 1279 | wocao3344 1280 | wocao1314 1281 | wocao3344. 1282 | wocao3344.. 1283 | bugaosuni 1284 | meiyoumima 1285 | fuwuqi 1286 | fuwuqimima 1287 | gongxifacai 1288 | 1QAZ 1289 | 1qaz 1290 | !QAZ 1291 | !qaz 1292 | 11 1293 | 123 1294 | 00 1295 | !!@@##$$%%^^&&**(( 1296 | 130130 1297 | woaini520 1298 | woaini520.. 1299 | woaini520++ 1300 | 5845211314 1301 | 5845201314 1302 | 584521314 1303 | meidia!@# 1304 | 123abc 1305 | 123a 1306 | 123abc. 1307 | 159357abcdef 1308 | 159357asd 1309 | vlan35 1310 | asd159357 1311 | a159357a 1312 | www.cctv.com 1313 | 123456789 1314 | 123abc.+ 1315 | 123ABC. 1316 | 123abc123ABC 1317 | 951753 1318 | xuxulike.com 1319 | drowssap 1320 | 1qaz2wsx3edc 1321 | 03718ge5 1322 | 2wsx3edc 1323 | 2WSX3EDC 1324 | 258369147 1325 | 12345qwert 1326 | admin123!@# 1327 | admin123 1328 | admin1@3 1329 | shpbsshpbs 1330 | qq.com 1331 | 123123.. 1332 | xiaoxiao 1333 | 123654. 1334 | 123qwe 1335 | idc000 1336 | admin 1337 | yzdx123654.0 1338 | media!@# 1339 | woaini1314. 1340 | www.cnidc.com 1341 | 8888 1342 | 123456789a 1343 | 12345678 1344 | 1212 1345 | 8848 1346 | baodaye 1347 | 123456aa 1348 | 1q2w3e,./?>< 1349 | asdf!@#$ 1350 | 111222 1351 | 123123.com 1352 | woaini1314 1353 | woaini1314.. 1354 | woaini3344. 1355 | media 1356 | woaini5201314 1357 | 5201314.. 1358 | 5201314 1359 | woaini 1360 | nihaoma 1361 | 6 1362 | 520520 1363 | 99999 1364 | jiezu2011 1365 | soidc126.242 1366 | lh222 1367 | adminadmin 1368 | admina 1369 | !@#123admin 1370 | haha 1371 | heihei 1372 | !@#$QWERASDF 1373 | !2dw!(ZGJdefoQy3UtS 1374 | !@#$%^qwerty 1375 | hehe 1376 | huihui 1377 | HAHA 1378 | HEIHEI 1379 | wossa 1380 | wossa7616323 1381 | 061128..+ 1382 | HEHE 1383 | HUIHUI 1384 | qaz000... 1385 | huahua 1386 | lijing 1387 | yxfs123 1388 | hua 1389 | HUAHUA 1390 | HUA 1391 | hahaheiheihouhou 1392 | sxbglove 1393 | admin!@# 1394 | dns99.cn 1395 | admin!@#123 1396 | chinayilian 1397 | lijing868 1398 | nihao123 1399 | zeidc 1400 | jxidc123.com 1401 | qing88 1402 | admin@123 1403 | 123@admin 1404 | 1@3a 1405 | google.com.123 1406 | tasklist 1407 | sqlpass 1408 | ds123 1409 | telecom 1410 | 911 1411 | yzdx456789 1412 | qwe.123 1413 | QWE.123 1414 | 9000idc.com!@# 1415 | www.666idc.com 1416 | aa123456 1417 | v01adminnb 1418 | netshield 1419 | root 1420 | rootroot 1421 | qwer123!@# 1422 | 123asd 1423 | 789789.com 1424 | 1301492 1425 | 52idc123456 1426 | asdf.1234 1427 | wobenfengkuang 1428 | wobenwudi 1429 | gameover 1430 | over 1431 | intel 1432 | wanming 1433 | 07.cx 1434 | oaserver 1435 | jingdian1956 1436 | 1314520 1437 | 100200 1438 | zxm10 1439 | admin111 1440 | 7758521 1441 | chinadatas 1442 | westidc 1443 | QWE123 1444 | 1q2w3e4r 1445 | 1q2w3e4r5t 1446 | abc123456 1447 | q1w2e3r4t5 1448 | tangtaocneva.com 1449 | 3h8.com18 1450 | 0by#Nu9p^& 1451 | jyyq123 1452 | zxcvasdf!@# 1453 | hawkco 1454 | 147896325 1455 | a 1456 | 369369369 1457 | 1qazxsw@ -------------------------------------------------------------------------------- /pocversion: -------------------------------------------------------------------------------- 1 | 0.2 2 | -------------------------------------------------------------------------------- /res.txt: -------------------------------------------------------------------------------- 1 | 2 | 全部掃描完成 3 | 全部掃描完成 4 | 全部掃描完成 5 | 全部掃描完成 6 | 全部掃描完成 7 | 全部掃描完成 8 | 全部掃描完成 9 | 全部掃描完成 10 | [+] 127.0.0.1 33 root 123456 11 | 全部掃描完成 12 | 全部掃描完成 13 | 全部掃描完成 14 | 全部掃描完成 15 | 全部掃描完成 16 | [+] 127.0.0.1 33 root 123456 17 | 全部掃描完成 18 | [+] 127.0.0.1 33 root 123456 19 | 全部掃描完成 20 | 全部掃描完成 21 | [+] 127.0.0.1 33 root 123456 22 | 全部掃描完成 23 | [+] 127.0.0.1 33 root 123456 24 | 全部掃描完成 25 | [+] 127.0.0.1 33 root 123456 26 | 全部掃描完成 27 | 全部掃描完成 28 | 全部掃描完成 29 | 全部掃描完成 30 | 全部掃描完成 31 | 全部掃描完成 32 | 全部掃描完成 33 | 全部掃描完成 34 | 全部掃描完成 35 | 全部掃描完成 36 | 全部掃描完成 37 | 全部掃描完成 38 | 全部掃描完成 39 | 全部掃描完成 40 | 全部掃描完成 41 | 全部掃描完成 42 | 全部掃描完成 43 | 全部掃描完成 44 | 全部掃描完成 45 | 全部掃描完成 46 | 全部掃描完成 47 | 全部掃描完成 48 | 49 | -------------------------------------------------------------------------------- /taichi-pocs.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/taichi-pocs.zip -------------------------------------------------------------------------------- /taichiversion: -------------------------------------------------------------------------------- 1 | 0.2.1 2 | -------------------------------------------------------------------------------- /test/livescan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/test/livescan.png -------------------------------------------------------------------------------- /test/poc.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/test/poc.gif -------------------------------------------------------------------------------- /test/port.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/test/port.gif -------------------------------------------------------------------------------- /url.txt: -------------------------------------------------------------------------------- 1 | 127.0.0.1 -------------------------------------------------------------------------------- /user.txt: -------------------------------------------------------------------------------- 1 | root 2 | admin 3 | administrator 4 | system 5 | sa -------------------------------------------------------------------------------- /version: -------------------------------------------------------------------------------- 1 | 0.1 2 | -------------------------------------------------------------------------------- /webchat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sulab999/Taichi/4e29ead571735da37884f2ef23599b2e5d29a57b/webchat.png --------------------------------------------------------------------------------