sairson / yasso Goto Github PK
View Code? Open in Web Editor NEW强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)
我想问下师傅 这个Yasso一键扫描 windows 防火墙默认开启拦截icmp包 也就是默认ping不通 ,然后这个一键扫描用的就是ping,然后自然的没有发现这个机器的存活,然后就没有下一步端口扫描服务探测了,那么问题来了,这个工具需要前期自己用msf arp等内网存活工具探测一遍吗
字典怎么自定义或者选择自己电脑上的字典?
[mysql] 2022/01/18 18:01:49 packets.go:37: unexpected EOF
修复:注释掉解析os,version,等字段部分即可,但是会在扫描时候无法准确的扫描出版本信息
Yasso_win_x64.exe crack redis --rebound 127.0.0.1:6379 --pass 12345678 --port 6379 --hostname 127.0.0.1
panic: runtime error: index out of range [2] with length 2
goroutine 1 [running]:
Yasso/cmd.RedisInfo(0xb10040, 0xc000006620, 0xc000023808, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
F:/tools/Yasso/cmd/redis.go:179 +0x645
Yasso/cmd.RedisAuthConn(0xc000022280, 0x9, 0x18eb, 0x0, 0x0, 0x3b9aca00, 0x0, 0x0, 0x0, 0x0, ...)
F:/tools/Yasso/cmd/redis.go:122 +0x3a5
Yasso/cmd.BruteRedisByUser()
F:/tools/Yasso/cmd/redis.go:69 +0x11b
Yasso/cmd.glob..func13(0x10dbb80, 0xc000128780, 0x0, 0x8)
F:/tools/Yasso/cmd/redis.go:23 +0x3d
github.com/spf13/cobra.(*Command).execute(0x10dbb80, 0xc000128700, 0x8, 0x8, 0x10dbb80, 0xc000128700)
C:/Users/Administrator/go/go1.16.4/bin/pkg/mod/github.com/spf13/[email protected]/command.go:860 +0x2c2
github.com/spf13/cobra.(*Command).ExecuteC(0x10dbe00, 0x0, 0xc000049f78, 0xc000123f78)
C:/Users/Administrator/go/go1.16.4/bin/pkg/mod/github.com/spf13/[email protected]/command.go:974 +0x375
github.com/spf13/cobra.(*Command).Execute(...)
C:/Users/Administrator/go/go1.16.4/bin/pkg/mod/github.com/spf13/[email protected]/command.go:902
Yasso/cmd.Execute()
F:/tools/Yasso/cmd/root.go:38 +0x38
main.main()
F:/tools/Yasso/main.go:12 +0x27
在面对大规模资产时,经常遇到多个ip默认端口更改问题,建议使用-H导入文件时支持以下格式。
192.168.1.1:3389
192.168.1.1:33389
192.168.1.1:9833
3389爆破的时候,可以做到不顶掉已经登陆的用户吗。
RT
使用什么命令可以不生成Yasso.log文件
爆破模块:指定的用户名不生效,爆破时还是会时用默认的
如果扫描目标太多,会一直尝试打开log,直到抛出异常
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
[!] open log file failed open Yasso.log: too many open files
windows版本自己编译exe 18M是不是太大了
希望加入常用数据库操作支持
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.