package mainimport ("github.com/shadow1ng/fscan/Plugins""github.com/shadow1ng/fscan/common")func main() {var Info common.HostInfocommon.Flag(&Info)common.Parse(&Info)Plugins.Scan(Info)print("scan end\n")}
1、var Info common.HostInfo
实例化 common/config.go 中HostInfo结构体,包含host,port,url等。(主要为与主机相关的参数)
type HostInfo struct {Host stringPorts stringDomain stringUrl stringPath stringTimeout int64Scantype stringCommand stringSshKey stringUsername stringPassword stringUsernames []stringPasswords []stringInfostr []stringHash string}
2、common.Flag(&Info)
将info结构体指针传入common/flag.go,进行接受参数
func Flag(Info *HostInfo) {Banner()flag.StringVar(&Info.Host, "h", "", "IP address of the host you want to scan,for example: 192.168.11.11 | 192.168.11.11-255 | 192.168.11.11,192.168.11.12")flag.StringVar(&NoHosts, "hn", "", "the hosts no scan,as: -hn 192.168.1.1/24")flag.StringVar(&Info.Ports, "p", DefaultPorts, "Select a port,for example: 22 | 1-65535 | 22,80,3306")flag.StringVar(&PortAdd, "pa", "", "add port base DefaultPorts,-pa 3389")flag.StringVar(&NoPorts, "pn", "", "the ports no scan,as: -pn 445")flag.StringVar(&Info.Command, "c", "", "exec command (ssh)")flag.StringVar(&Info.SshKey, "sshkey", "", "sshkey file (id_rsa)")flag.StringVar(&Info.Domain, "domain", "", "smb domain")flag.StringVar(&Info.Username, "user", "", "username")flag.StringVar(&Info.Password, "pwd", "", "password")flag.Int64Var(&Info.Timeout, "time", 3, "Set timeout")flag.StringVar(&Info.Scantype, "m", "all", "Select scan type ,as: -m ssh")flag.StringVar(&Info.Path, "path", "", "fcgi、smb romote file path")flag.IntVar(&Threads, "t", 600, "Thread nums")flag.StringVar(&HostFile, "hf", "", "host file, -hf ip.txt")flag.StringVar(&Userfile, "userf", "", "username file")flag.StringVar(&Passfile, "pwdf", "", "password file")flag.StringVar(&RedisFile, "rf", "", "redis file to write sshkey file (as: -rf id_rsa.pub) ")flag.StringVar(&RedisShell, "rs", "", "redis shell to write cron file (as: -rs 192.168.1.1:6666) ")flag.BoolVar(&IsWebCan, "nopoc", false, "not to scan web vul")flag.BoolVar(&IsBrute, "nobr", false, "not to Brute password")flag.BoolVar(&IsPing, "np", false, "not to ping")flag.BoolVar(&Ping, "ping", false, "using ping replace icmp")flag.StringVar(&TmpOutputfile, "o", "result.txt", "Outputfile")flag.BoolVar(&TmpSave, "no", false, "not to save output log")flag.Int64Var(&WaitTime, "debug", 60, "every time to LogErr")flag.BoolVar(&Silent, "silent", false, "silent scan")flag.StringVar(&URL, "u", "", "url")flag.StringVar(&UrlFile, "uf", "", "urlfile")flag.StringVar(&Pocinfo.PocName, "pocname", "", "use the pocs these contain pocname, -pocname weblogic")flag.StringVar(&Pocinfo.Proxy, "proxy", "", "set poc proxy, -proxy http://127.0.0.1:8080")flag.StringVar(&Pocinfo.Cookie, "cookie", "", "set poc cookie")flag.Int64Var(&Pocinfo.Timeout, "wt", 5, "Set web timeout")flag.IntVar(&Pocinfo.Num, "num", 20, "poc rate")flag.Parse()}
3、common.Parse(&Info)
将接受到主机信息传入Parse处理,依次处理扫描类型,
ParseScantype(Info) 主要处理 -m参数,选择扫描类 型
ParseUser(Info) 处理爆破时的用户名、用户名文件,-user、-userf
ParsePass(Info ) 处理爆破时的密码,密码文件,-pwd,-pwdf
ParseInput(Info) 处理目标 host、url、保存文件的路径、是否保存日志文件、扫描端口
2、fscan处理参数
func Parse(Info *HostInfo) {ParseScantype(Info)ParseUser(Info)ParsePass(Info)ParseInput(Info)}
4、Plugins.Scan(Info) 开始扫描
若有收获,就点个赞吧
0 人点赞
