niudaii / zpscan Goto Github PK
View Code? Open in Web Editor NEW一个有点好用的信息收集工具。A somewhat useful information gathering tool.
License: MIT License
一个有点好用的信息收集工具。A somewhat useful information gathering tool.
License: MIT License
使用命令
./zpscan crack -i ip:1521 --user test123 --pass thinker
输出内容如下,已确认test123/thinker 可以正常连接oracle,但是爆破并没有显示成功。
开始爆破……
……
爆破结束
运行时间
师傅开发的工具很棒,http指纹库可以加强一下,可以参考ObserverWard https://github.com/0x727/FingerprintHub
问问师傅可以增加支持 ipv6 么
师傅,下载的配置文件里finger指纹只有一个,看了下格式跟其他的指纹库不适配。
root@TX-VPS:~/zpscan# ./zpscan_linux webscan -o out-zpscan-pocscan.txt -f ../urls.txt
[ERR] initFinger() err, Get "/xxx": unsupported protocol scheme ""
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x8ac955]
goroutine 1 [running]:
github.com/niudaii/zpscan/internal/utils.GetAllFile.func1({0x0, 0x0}, {0x0?, 0x0?}, {0x0?, 0x0?})
/home/runner/work/zpscan/zpscan/internal/utils/fileutil.go:63 +0x35
path/filepath.Walk({0x0, 0x0}, 0xc0006d9a18)
/opt/hostedtoolcache/go/1.18.8/x64/src/path/filepath/path.go:515 +0x50
github.com/niudaii/zpscan/internal/utils.GetAllFile({0x0?, 0xc0006d9ab0?})
/home/runner/work/zpscan/zpscan/internal/utils/fileutil.go:62 +0x52
github.com/niudaii/zpscan/pkg/pocscan/goby.LoadAllPoc({0x0?, 0x0?})
/home/runner/work/zpscan/zpscan/pkg/pocscan/goby/poc.go:97 +0x33
github.com/niudaii/zpscan/cmd.initPoc()
/home/runner/work/zpscan/zpscan/cmd/pocscan.go:71 +0x39
github.com/niudaii/zpscan/cmd.glob..func7(0x4174e80?, {0x20b1037?, 0x4?, 0x4?})
/home/runner/work/zpscan/zpscan/cmd/webscan.go:67 +0x28a
github.com/spf13/cobra.(*Command).execute(0x4174e80, {0xc0001772c0, 0x4, 0x4})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0x4174700)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3b4
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
github.com/niudaii/zpscan/cmd.Execute()
/home/runner/work/zpscan/zpscan/cmd/root.go:108 +0x1da
main.main()
/home/runner/work/zpscan/zpscan/main.go:9 +0x17
无法运行pocscan 没有mian.go这个文件
大佬,请教一下 crack模块的 -m参数如何使用的。
config.yaml文件缺失,内容是啥
使用了2w的字典, 然后运行rdp爆破后发现在i/o timeout之后就会滚动条拉到底, 然后就不跑了(--debug下看到的)
.\zpscan_1.8.39.exe crack -i xxx --user Administrator,Public,MSSQLSERVER,SQLTELEMETRY -m rdp --threads 100 --pass-file "xxx\top19576.txt" --debug
[ERR] initFinger() err, open : no such file or directory
[FTL] initQqwry() err, open : no such file or directory
建议加入域名端口扫描
师傅的工具很棒,提一下webscan指纹识别的功能建议,是否考虑method增加get或者post请求类的,有些站点需要携带指纹url或者关键字才能回显对应框架的指纹
可不可以出一下使用说明啊 不会用啊
本地 127.0.0.1:135
未能扫出口令(用户名密码已知)
20 线程,默认超时
当前测试环境win 10
代码片段位于:zpscan/pkg/crack/parse.go的 ParseTargets函数中
parse.go文件的第16行,tmp = strings.Split(tmp[1], "|")
tmp参数原本来自于对target参数的分割,tmp[0]是ip,tmp[1]是端口。但这里对tmp[1]又用 '|'进行了分割,并且把分割后的值覆盖了原来的tmp,导致下面对tmp的判断永远不可能==2。所以如果target的形式是x.x.x.x:2022这种非标端口,走到这一步后,len(tmp)==2这个判断永远不成立。只能走else分支,但是在预置端口-服务对应关系列表中找不到2022端口,此时及时制定了-m为ssh,也会提示目标为空
从作者代码看,|应该是为了支持 x.x.x.x:2022|ssh这种形式。不过这里既然有-m参数,建议能够把-m参数和 ip:port|servername这两种形式合并下。比较容易歧义
2023/06/01 14:17:01 open config.yaml: no such file or directory
我是直接下载得release里的zpscan_linux
goroutine 1125 [running]:
github.com/C-Sto/goWMIExec/pkg/ntlmssp.ParseSSPChallenge({0x45a22f8, 0x0, 0x0})
/home/runner/go/pkg/mod/github.com/!c-!sto/go!w!m!i![email protected]/pkg/ntlmssp/ntlmssp.go:114 +0x9c5
github.com/niudaii/zpscan/pkg/crack/plugins/wmiexec.(*wmiExecer).Auth(0xc000973b30)
/home/runner/work/zpscan/zpscan/pkg/crack/plugins/wmiexec/wmiexec.go:264 +0x64a
github.com/niudaii/zpscan/pkg/crack/plugins/wmiexec.WMIExec({0xc000faae70, 0xd}, {0xc0000a8110, 0xd}, {0xc0006d5ea8, 0x8}, {0x0, 0x0}, {0x0, 0x0}, ...)
/home/runner/work/zpscan/zpscan/pkg/crack/plugins/wmiexec/wmiexec.go:790 +0x39b
github.com/niudaii/zpscan/pkg/crack/plugins.WmiCrack(0xc000bb1040)
/home/runner/work/zpscan/zpscan/pkg/crack/plugins/wmi.go:11 +0xb1
github.com/niudaii/zpscan/pkg/crack.(*Runner).Crack.func1()
/home/runner/work/zpscan/zpscan/pkg/crack/runner.go:118 +0x43b
created by github.com/niudaii/zpscan/pkg/crack.(*Runner).Crack
/home/runner/work/zpscan/zpscan/pkg/crack/runner.go:106 +0x5e5
被扫描目标windows 7
线程 20
当前测试环境win 10
output可以添加一个json格式的输出,方便其他工具解析扫描结果。
我比较懒,就不mr了。
open config.yaml: no such file or directory
goroutine 1 [running]:
github.com/niudaii/zpscan/internal/utils.GetAllFile.func1({0x0, 0x0}, {0x0?, 0x0?}, {0xc0002d4390?, 0x76?})
/home/runner/work/zpscan/zpscan/internal/utils/fileutil.go:63 +0x35
path/filepath.Walk({0x0, 0x0}, 0xc000757a88)
/opt/hostedtoolcache/go/1.18.8/x64/src/path/filepath/path.go:515 +0x50
github.com/niudaii/zpscan/internal/utils.GetAllFile({0x0?, 0xc000757af0?})
/home/runner/work/zpscan/zpscan/internal/utils/fileutil.go:62 +0x52
github.com/niudaii/zpscan/pkg/pocscan/goby.LoadAllPoc({0x0?, 0x210041b?})
/home/runner/work/zpscan/zpscan/pkg/pocscan/goby/poc.go:97 +0x33
github.com/niudaii/zpscan/cmd.initPoc()
/home/runner/work/zpscan/zpscan/cmd/pocscan.go:71 +0x39
github.com/niudaii/zpscan/cmd.glob..func5(0x4174480?, {0x20b1037?, 0x4?, 0x4?})
/home/runner/work/zpscan/zpscan/cmd/pocscan.go:45 +0x14a
github.com/spf13/cobra.(*Command).execute(0x4174480, {0xc0001133c0, 0x4, 0x4})
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0x4174700)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3b4
github.com/spf13/cobra.(*Command).Execute(...)
/home/runner/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
github.com/niudaii/zpscan/cmd.Execute()
/home/runner/work/zpscan/zpscan/cmd/root.go:108 +0x1da
main.main()
/home/runner/work/zpscan/zpscan/main.go:9 +0x17
不知道师傅有没有做web的想法,工具很棒
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.