Coder Social home page Coder Social logo

f-nascan's Introduction

#网络资产信息扫描 在渗透测试(特别是内网)中经常需要对目标进行网络资产收集,即对方服务器都有哪些IP,IP上开了哪些端口,端口上运行着哪些服务,此脚本即为实现此过程,相比其他探测脚本有以下优点:1、轻巧简洁,只需python环境,无需安装额外外库。2、扫描完成后生成独立页面报告。

此脚本的大概流程为 ICMP存活探测-->端口开放探测-->端口指纹服务识别-->提取快照(若为WEB)-->生成结果报表

运行环境:python 2.6 +

参数说明
-h 必须输入的参数,支持ip(192.168.1.1),ip段(192.168.1),ip范围指定(192.168.1.1-192.168.1.254),ip列表文件(ip.ini),最多限制一次可扫描65535个IP。
-p 指定要扫描端口列表,多个端口使用,隔开 例如:22,23,80,3306。未指定即使用内置默认端口进行扫描(21,22,23,25,53,80,110,139,143,389,443,445,465,873,993,995,1080,1723,1433,1521,3306,3389,3690,5432,5800,5900,6379,7001,8000,8001,8080,8081,8888,9200,9300,9080,9999,11211,27017)
-m 指定线程数量 默认100线程
-t 指定HTTP请求超时时间,默认为10秒,端口扫描超时为值的1/2。
-n 不进行存活探测(ICMP)直接进行扫描。

结果报告保存在当前目录(扫描IP-时间戳.html)。

例子:
python NAScan.py -h 10.111.1
python NAScan.py -h 192.168.1.1-192.168.2.111
python NAScan.py -h 10.111.1.22 -p 80,7001,8080 -m 200 -t 6
python NAScan.py -h ip.ini -p port.ini -n

服务识别在server_info.ini文件中配置
格式为:服务名|默认端口|正则 例 ftp|21|^220.*?ftp|^220-
正则为空时则使用端口进行匹配,否则以正则匹配结果为准。

项目地址 https://github.com/ywolf/
欢迎大家反馈建议和BUG

f-nascan's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

haoirui ver007 newbiethetest tutorial0 shanyt kevien key20 cihaobeihei xfkxfk 0ps b01u pronouncing stupid333 futurelighthouse dptechma secpersu mysteryz uppentest sevck cybersmith phpplay zhuyue1314 brianwrf pekita1 ccavxx cheaphunter m0nk3yd1u44y vf3ng fchestnut findlakes test98123456 thanatoskira wangthunder youmuyou huaibaobao aa2288207 kslinf cann0n dalufine wstart yaoyi2008 tycheo mi4y0x kdzm zhao9jack kissthink haimo918 ssdtfarm ahmatjan sevenfu w4ter silent-waiting wawor4827 lvmaple catcherman gxjluck blkstone tuian xujun05 z-hong7 v1cker solower aipengjie uncia 1sn0m4d learnusegit la5la vinsonzou mozcrash whoami-whoami safe3 followmaster test123test111 0xqq lylsq beelives gaozhenpeng amranth conqu3r yzkc blueroutecn newaynewlife z0x010 v4n0m hiahiahiahaha xuseman xiju2003 lnln1111 srsman jing-admin lengxu sangbu nx4dm1n iicoming flying0er kenser jamalmo ganglongguni houcy fengxingzhu

f-nascan's Issues

扫描端口建议

-p这个参数最好能接收端口段的写法哈,比如-p 1-65535。

报告呈现建议

报告呈现的时候最好也可以选择按照端口分类哈,比如80端口,右侧能看到那些IP地址开放了80端口。

增加对域名的扫描

RT,有时候有扫描域名的情况,可以考虑支持域名方式扫描,或者ip.ini方式加载多个域名扫描哈,现在扫描域名会报错。

Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
self.run()
File "fscan.py", line 45, in run
self.Sock.sendto(self.packet, (ip, 0))
gaierror: [Errno -2] Name or service not known

ip.txt扫描时报错 gaierror: [Errno 11001] getaddrinfo failed

第一次是成功的,后面每次扫描都直接报以下错误,怎么解决呀。。。
Exception in thread Thread-1:
Traceback (most recent call last):
File "C:\Python27\lib\threading.py", line 801, in __bootstrap_inner
self.run()
File ".\F-NAScan.py", line 45, in run
self.Sock.sendto(self.packet, (ip, 0))
gaierror: [Errno 11001] getaddrinfo failed

扫描时出错 python F-NAScan.py -h 192.168.1.111

File "/root/Desktop/F-NAScan-master/F-NAScan.py", line 105
print 'The current user permissions unable to send icmp packets'
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print('The current user permissions unable to send icmp packets')?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.