zyylhn / zscan Goto Github PK
View Code? Open in Web Editor NEWZscan a scan blasting tool set
License: MIT License
zscan's People
Contributors
Stargazers
Watchers
Forkers
j5s evi1hack zzhsec huangzccn weber213 freefv phuong39 mxm-tools qianniaoge lelechina jeromeyoung safe6sec valerian7 jxpsx afwu xiju2003 workcha muharihar sockx ta0ing roixroi limingjin10 mu-l cmeninwa sarvex sairson qsdj laplacekorea killvxk fifa555 conanjun t43wiu6 cn-syndra hirak0 z0edff0x3d 5l1v3r1 zishuhooo kcufid thecryinggame h0ngzh0ng jeffry38 aqimmm sec-fork zhanglei meowwbox soliontheroad 0x0000141 shenzhibuqin york-cmd lyingsimon wenongs lztcode sanwm huyanshuhan antichown dongdabai col4-eng rabitw cpt-jack-a-castle castledev2022 lubyruffy nevergiveupzyq startagain2016 lay0us1 ofalwl jaygith zhjguang mygit2014 cvlabsio crj0b tangzong-jx iq-scm xibotao l0ading-x hihihi175hihihi pyjcode migruwlzscan's Issues
能否编译个成品发出来
没有编译环境 请问每次更新的时侯能否编译个成品发出来,谢谢!
如何调用指定ip.txt使用
怎么调用指定的ip.txt列表进行扫描。并指定user和pass 。可以这么用吗。如果可以格式是什么?
小建议
exploit模块ssh只支持交互式登录,但是不支持批量登录多台机器执行命令
有考虑在blast模块添加一个执行SSH命令的功能吗,C段机器爆破成功的同时,在每台机器分别执行命令返回结果(非交互)(参考fscan ssh -c 命令)
请问支持smb login爆破吗?
请问支持smb login爆破吗?
关于zscan代理功能使用出现的严重问题
我发现了zscan一个致命的问题,我想知道这个问题是否有解决方法,当使用proxy代理后,在进行端口扫描,会发现,所设置的所有端口均会为返回成功,我设置了1-100端口,并尝试ps模块的端口扫描
我研究了zscan的源码,发现是socks5代理连接的问题。这使得你的zscan扫描在走代理后将完全不准确
其次程序运行中会出现net.Func的error问题
这是一个非常严重的错误,他将会完全印象程序的使用,望修改
报错Get "https://cdn.nuclei.sh": dial tcp: lookup cdn.nuclei.sh: no such host
这个报错我不知道怎么解决了,我试过重置网络,清DNS缓存,换DNS服务器,都没用,还是报这个错,在虚拟机中我能够正常运行,但是在物理机我怎么都运行不了(以前是可以运行的,不知道哪天开始突然就用不了了),能否解决这个问题,或者给出一些建议,谢谢
可以编译一下吗?
ssh爆破报错
环境为win2008 r2
z.exe ssh --hostfile linux.txt -U root -P root
z.exe ssh -H ip -U root -P root
panic: runtime error: slice bounds out of range [:-1]
MAC
$ ./zscan all -H 192.168.8.1/24 --ping --log
Mode:all
Start time:2021-11-29 10:12:37
The number of threads:100
Time delay:3s
Traget:192.168.8.1/24
Verbose:Don't show verbose
Ping befor portscan
Save scan log in log.txt
=========================living ip result list==========================
[ping] Find '192.168.8.1' aliving
[ping] Find '192.168.8.123' aliving
[ping] Find '192.168.8.146' aliving
[ping] Find '192.168.8.101' aliving
[ping] Find '192.168.8.121' aliving
[ping] Find '192.168.8.140' aliving
[ping] Find '192.168.8.155' aliving
[ping] Find '192.168.8.159' aliving
[ping] Find '192.168.8.166' aliving
[ping] Find '192.168.8.167' aliving
[ping] Find '192.168.8.255' aliving
A total of 11 IP addresses were discovered
Find port 192.168.8.167:22
Start burp ssh : 192.168.8.167:22
Find port 192.168.8.1:53
Find port 192.168.8.1:80
Find port 192.168.8.159:80
Find port 192.168.8.121:135
Find port 192.168.8.146:135
Find port 192.168.8.159:135
Find port 192.168.8.166:135
panic: runtime error: slice bounds out of range [:-1]
goroutine 723 [running]:
zscan/cmd.oxidIpInfo({0x173a800, 0xc00061a008})
/Users/zyy/zscan/cmd/winscan.go:519 +0x492
zscan/cmd.Connectall({0xc000920270, 0xc000718300}, 0x87)
/Users/zyy/zscan/cmd/all.go:139 +0xd45
zscan/cmd.(*PortScan).Startscan(0xc00017e780)
/Users/zyy/zscan/cmd/ps.go:114 +0x14f
created by zscan/cmd.(*PortScan).Run
/Users/zyy/zscan/cmd/ps.go:83 +0x6d
Windows
C:\Users\Desktop>zscan_win_x64.exe all -H 192.168.8.1/24 --ping --log
Mode:all
Start time:2021-11-29 10:10:41
The number of threads:100
Time delay:3s
Traget:192.168.8.1/24
Verbose:Don't show verbose
Ping befor portscan
Save scan log in log.txt
=========================living ip result list==========================
[ping] Find '192.168.8.1' aliving
[ping] Find '192.168.8.123' aliving
[ping] Find '192.168.8.121' aliving
[ping] Find '192.168.8.140' aliving
[ping] Find '192.168.8.155' aliving
[ping] Find '192.168.8.146' aliving
[ping] Find '192.168.8.159' aliving
[ping] Find '192.168.8.167' aliving
[ping] Find '192.168.8.168' aliving
[ping] Find '192.168.8.166' aliving
A total of 10 IP addresses were discovered
Find port 192.168.8.167:22
Start burp ssh : 192.168.8.167:22
Find port 192.168.8.1:53
Find port 192.168.8.1:80
Find port 192.168.8.159:80
Find port 192.168.8.121:135
Find port 192.168.8.146:135
Find port 192.168.8.168:135
panic: runtime error: slice bounds out of range [:-1]
goroutine 598 [running]:
zscan/cmd.oxidIpInfo({0x10acca0, 0xc0003ae078})
/Users/zyy/zscan/cmd/winscan.go:519 +0x492
zscan/cmd.Connectall({0xc0004105b0, 0xc0005321b0}, 0x87)
/Users/zyy/zscan/cmd/all.go:139 +0xd45
zscan/cmd.(*PortScan).Startscan(0xc0002ca6e0)
/Users/zyy/zscan/cmd/ps.go:114 +0x14f
created by zscan/cmd.(*PortScan).Run
/Users/zyy/zscan/cmd/ps.go:83 +0x6d
Mac Installation
Can you please explain to me step by step how this tol can be installed on Mac? Thank you very much
同学,您这个项目引入了244个开源组件,存在2个漏洞,辛苦升级一下
检测到 zyylhn/zscan 一共引入了244个开源组件,存在2个漏洞
漏洞标题:jwt-go 安全漏洞
缺陷组件:github.com/dgrijalva/[email protected]+incompatible
漏洞编号:CVE-2020-26160
漏洞描述:jwt-go是个人开发者的一个Go语言的JWT实现。
jwt-go 4.0.0-preview1之前版本存在安全漏洞。攻击者可利用该漏洞在使用[]string{} for m[\"aud\"](规范允许)的情况下绕过预期的访问限制。
影响范围:(∞, 4.0.0-preview1)
最小修复版本:4.0.0-preview1
缺陷组件引入路径:zscan@->github.com/dgrijalva/[email protected]+incompatible
另外还有2个漏洞,详细报告:https://mofeisec.com/jr?p=a2c061
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.