├── README.md └── cscan.py /README.md: -------------------------------------------------------------------------------- 1 | # cscan 2 | 3 | 基于`python`和[httpscan](https://github.com/zer0h/httpscan#httpscan)的多端口c段扫描器。 4 | 5 | ![](https://i.loli.net/2020/08/14/rmvJuNkgAbRcQTw.png) 6 | 7 | 用法: 8 | 9 | ```bash 10 | python cscan.py -i IP/CIDR –t threads 11 | ``` 12 | 13 | 例: 14 | 15 | ```bash 16 | python cscan.py -i 10.20.30.0/24 –t 100 17 | ``` 18 | 19 | 默认线程为100 20 | 21 | -------------------------------------------------------------------------------- /cscan.py: -------------------------------------------------------------------------------- 1 | # cscan based on httpscan 2 | import requests 3 | import re 4 | import IPy 5 | import argparse 6 | import threading 7 | 8 | headers = { 9 | 'user-agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36', 10 | 'Connection': 'close' 11 | } 12 | 13 | portlist = [ 14 | 80, 8080, 81, 8081, 7001, 8000, 8088, 8888, 9090, 8090, 88, 8001, 82, 9080, 8082, 8089, 9000, 8443, 9999, 8002, 15 | 89, 8083, 8200, 90, 8086, 801, 8011, 8085, 9001, 9200, 8100, 8012, 85, 8084, 8070, 8091, 8003, 7777, 8010, 443, 16 | 8028, 8087, 83, 10000, 8181, 8099, 8899, 8360, 8300, 9002, 8053, 1000, 8989, 9060, 888, 8006, 6677, 7200, 8280, 17 | 8161, 8880, 8020, 7070, 889, 1010, 8004, 86, 38501, 41516, 28017, 18080, 7002, 808, 800, 8099, 8800, 8180, 18 | 3505, 7080, 8484, 9003 19 | ] 20 | 21 | 22 | def iplist(ip): 23 | urllist = [] 24 | iplist = IPy.IP(ip) 25 | for ip in iplist[1:-1]: 26 | for port in portlist: 27 | urllist.append('http://' + str(ip) + ':' + str(port)) 28 | return urllist 29 | 30 | 31 | def scan(start, end, urllist, lockObj): 32 | for i in range(int(start), int(end)): 33 | try: 34 | r = requests.session().get(url=urllist[i], headers=headers, timeout=5) 35 | status = r.status_code 36 | if status != 404 and status != 403 and status != 400 and status != 502: 37 | title = re.search(r'(.*)', r.content.decode()) 38 | if title: 39 | title = title.group(1).strip().strip("\r").strip("\n") 40 | else: 41 | title = 'Null' 42 | banner = '' 43 | try: 44 | banner += r.headers['Server'][:21] 45 | except: 46 | pass 47 | lockObj.acquire() 48 | print("|%-29s|%-6s|%-24s|%-35s" % (urllist[i], status, banner, title)) 49 | lockObj.release() 50 | except: 51 | pass 52 | 53 | 54 | def main(): 55 | print(r''' 56 | ___ ___ ___ __ _ _ __ 57 | / __/ __|/ __/ _` | '_ \ 58 | | (__\__ \ (_| (_| | | | | 59 | \___|___/\___\__,_|_| |_| 60 | by:zjun 61 | www.zjun.info 62 | ''') 63 | parser = argparse.ArgumentParser(description='cscan based on httpscan') 64 | parser.add_argument('-i', '--ip', required=True, help='target ip or ip segment') 65 | parser.add_argument('-t', '--thread', required=False, default=100, help='number of threads,default = 100') 66 | args = parser.parse_args() 67 | ip = args.ip 68 | numbers = args.thread 69 | print('|IP |Status|Server |Title') 70 | url = iplist(ip) 71 | lock = threading.Lock() 72 | for i in range(int(numbers)): 73 | if i == int(numbers) - 1: 74 | threading.Thread(target=scan, args=(i * len(url) / int(numbers), len(url), url, lock)).start() 75 | threading.Thread(target=scan, 76 | args=(i * len(url) / int(numbers), (i + 1) * len(url) / int(numbers) - 1, url, lock)).start() 77 | 78 | 79 | if __name__ == '__main__': 80 | main() 81 | --------------------------------------------------------------------------------