grayddq / publicmonitors Goto Github PK
View Code? Open in Web Editor NEW对公网IP列表进行端口服务扫描,发现周期内的端口服务变化情况和弱口令安全风险
对公网IP列表进行端口服务扫描,发现周期内的端口服务变化情况和弱口令安全风险
运行时显示root@test:~/PublicMonitors# python3 PublicMonitors.py
Traceback (most recent call last):
File "PublicMonitors.py", line 3, in
from lib.Main import *
File "/root/PublicMonitors/lib/Main.py", line 2, in
from publicScan import *
ModuleNotFoundError: No module named 'publicScan'
是什么情况呢
IP files may be wrong.
不支持 1.0.0.0/24 这样的?
今天安装运行发现那python_namp没有PortScanner,换成python-nmap就可以了。
还有发现中文发送到邮箱会乱码,应该是阿里云的邮箱没有自动识别
else:
part = MIMEText("端口服务详情请参照附件信息。\n注:端口服务信息并未改变,且不存在弱口令信息")
part.add_header("Content-Type",'text/plain; charset="utf-8"')
msg.attach(part)
在MIMEText里面添加头信息,指定字符集是utf-8就可以了!
lib/publicScan.py
28行关于json.loads
解析tmp/tempResult
的每一行,由于masscan生成的结果,key没有使用引号引起来,这里json解析错误,程序失败。
Starting masscan 1.0.4 (http://bit.ly/14GZzcT) at 2019-01-08 13:47:33 GMT
-- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
Initiating SYN Stealth Scan
Scanning 8 hosts [65535 ports/host]
2019-01-08 21:54:12,205 - LogInfo - finsh Masscan
2019-01-08 21:54:12,206 - LogInfo - start read results...
2019-01-08 21:54:12,206 - LogInfo - start nmap scan service...
2019-01-08 21:54:27,928 - LogInfo - finsh nmap scan.
2019-01-08 21:54:27,928 - LogInfo - compare with the last result
2019-01-08 21:54:27,929 - LogInfo - generate the result file
2019-01-08 21:54:27,929 - LogInfo - start weak pass thread
2019-01-08 21:54:27,929 - LogInfo - read scan reasult to weak pass
2019-01-08 21:54:27,935 - LogInfo - start weak pass scan...
2019-01-08 21:54:27,935 - LogInfo - finsh weak pass scan.
2019-01-08 21:54:27,944 - LogInfo - generate the result file out/2019-01-08.xls
2019-01-08 21:54:27,945 - LogInfo - start sending mail...
Traceback (most recent call last):
File "PublicMonitors.py", line 28, in <module>
main(conf_info)
File "/Users/gwiily/PublicMonitors/lib/Main.py", line 34, in main
Send_Email(conf_info).run()
File "/Users/gwiily/PublicMonitors/lib/publicEmail.py", line 88, in run
self.send()
File "/Users/gwiily/PublicMonitors/lib/publicEmail.py", line 39, in send
value[0], value[1], value[2])
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe5 in position 45: ordinal not in range(128)
按照部署,masscan基本都有异常,无法扫描出端口服务。
@grayddq It would be much more easy to trace if it scan with domain names.
1、masscan无法扫描端口号
在centos版本安装masscan有很大几率有问题,确实存在无法扫描端口问题,我现在使用的是unbuntu版本.
2、发送邮件出现如下问题:
2019-01-11 15:48:51,491 - LogInfo - sending mail failure,error:
2019-01-11 15:48:51,555 - LogInfo - sending mail failure,error:
2019-01-11 15:48:56,775 - LogInfo - sending mail failure,error:
2019-01-11 15:48:56,775 - LogInfo - sending mail success
这样不会收到邮件的,我当时场景是用的新浪的邮箱,配置的用户名和密码.就会出现这个问题.后来密码改成授权码就能解决.
3、发送邮件出现乱码问题:
(1)在lib/publicEmail.py中增加如下:
from email.mine.text import Header
msg["Subject"] = Header("每日端口服务信息详", "utf-8")
正文出现乱参考:#3
另外出现UnicodeDecodeError: 'ascii' codec can't decode byte 0xe5 in position 45: ordinal not in range(128)主要是编码问题:
在40行后面增加:
add_port_info = unicode(add_port_info, 'utf-8')
你好,看到您扫出来的弱口令还是很不容易猜解的,这部分字典是自己生成的吗?
当ip列表过大的时候,nmap扫描开始报错,退出程序。使用少量ip,如果没有变更,则发送乱码邮件
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.