feat: 新增多个漏洞扫描和爆破

Author: qi4l

1.json

@@ -0,0 +1,59 @@
+[
+	{
+		"Keyword": "NetInfo",
+		"URL": "NetInfo://127.0.0.1:135",
+		"主机名": ",DESKTOP-6QB1NLT",
+		"网络接口": ",192.168.1.4,240e:34c:5523:9230:8cff:2143:be82:72cd,240e:34c:5523:9230:b4f1:4903:56ff:f1fc"
+	},
+	{
+		"Digest": "\"SMB@AcVxL{b\u0026/s*`(+00+7+7\"",
+		"IP": "127.0.0.1",
+		"Keyword": "smb",
+		"Length": "246",
+		"MatchRegexString": "^(?si:\\x00\\x00...SMB.*)",
+		"Port": "445",
+		"ProbeName": "TCP_SMB_NEGOTIATE",
+		"Response": "\u0000\u0000\u0000\ufffd\ufffdSMB@\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000A\u0000\u0001\u0000\u0011\u0003\u0002\u0000\ufffd\u0000cVx\ufffd\ufffdL\ufffd\ufffd͜{\ufffdb\u0026/\u0000\u0000\u0000\u0000\u0000\ufffd\u0000\u0000\u0000\ufffd\u0000\u0000\u0000\ufffd\u0000\ufffd\ufffd\ufffd\ufffds\ufffd\ufffd\u0001\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\ufffd\u0000*\u0000\ufffd\u0000\u0000\u0000`(\u0006\u0006+\u0006\u0001\u0005\u0005\u0002\ufffd\u001e0\u001c\ufffd\u001a0\u0018\u0006\n+\u0006\u0001\u0004\u0001\ufffd7\u0002\u0002\u001e\u0006\n+\u0006\u0001\u0004\u0001\ufffd7\u0002\u0002\n\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0026\u0000\u0000\u0000\u0000\u0000\u0001\u0000 \u0000\u0001\u0000\ufffd\ufffd\ufffd0\ufffdĀ!lh9\ufffd\ufffd\ufffdY\ufffd\ufffd'\ufffdT7\ufffdU ΅D\ufffd\u0018f\u0000\u0000\u0003\u0000\n\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0001\u0000",
+		"Service": "smb",
+		"URL": "smb://127.0.0.1:445"
+	},
+	{
+		"Digest": "\"\\r\\n\\r\\n\"",
+		"FingerPrint": "WebSocket++/0.8.2",
+		"Header": "HTTP/1.1 426 Upgrade Required\r\nServer: WebSocket++/0.8.2\r\n",
+		"IP": "127.0.0.1",
+		"Keyword": "",
+		"Length": "60",
+		"Port": "9010",
+		"Response": "HTTP/1.1 426 Upgrade Required\r\nServer: WebSocket++/0.8.2\r\n\r\n",
+		"Service": "http",
+		"URL": "http://127.0.0.1:9010"
+	},
+	{
+		"Body": "\u003chtml\u003e\u003chead\u003e\u003ctitle\u003eNot Found\u003c/title\u003e\u003c/head\u003e\u003cbody\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/body\u003e\u003c/html\u003e",
+		"Digest": "\"itle\u003eNot Found\u003c/title\u003e\u003c/\"",
+		"Header": "HTTP/1.0 404 Not Found\r\nContent-Length: 85\r\nContent-Type: text/html\r\n",
+		"IP": "127.0.0.1",
+		"Keyword": "NotFound",
+		"Length": "156",
+		"Port": "9080",
+		"Response": "HTTP/1.0 404 Not Found\r\nContent-Length: 85\r\nContent-Type: text/html\r\n\r\n\u003chtml\u003e\u003chead\u003e\u003ctitle\u003eNot Found\u003c/title\u003e\u003c/head\u003e\u003cbody\u003e\u003ch1\u003e404 Not Found\u003c/h1\u003e\u003c/body\u003e\u003c/html\u003e",
+		"Service": "http",
+		"URL": "http://127.0.0.1:9080"
+	},
+	{
+		"Body": "{\"code\":0,\"msg\":\"success\"}",
+		"Cert": "SignatureAlgorithm: SHA256-RSA\r\nPublicKeyAlgorithm: RSA\r\nVersion: 3\r\nSerialNumber: 18180314610807744709599553085745103519\r\nIssuer: CN=DigiCert Secure Site CN CA G3,O=DigiCert Inc,C=US\r\nSubject: CN=localhost.ptlogin2.qq.com,O=Shenzhen Tencent Computer Systems Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN\r\nNotBefore: 2024-06-26 00:00:00 +0000 UTC\r\nNotAfter: 2025-06-26 23:59:59 +0000 UTC\r\nMaxPathLen: -1\r\nOCSPServer: http://ocsp.digicert.cn\r\nIssuingCertificateURL: http://cacerts.digicert.cn/DigiCertSecureSiteCNCAG3.crt\r\nDNSNames: localhost.ptlogin2.qq.com; localhost.ptlogin2.tencent.com; localhost.ptlogin2.tenpay.com; localhost.ptlogin2.weiyun.com\r\nCRLDistributionPoints: http://crl.digicert.cn/DigiCertSecureSiteCNCAG3.crl\r\n\r\nSUBJECT:\r\nCountry: CN\r\nOrganization: Shenzhen Tencent Computer Systems Company Limited\r\nLocality: Shenzhen\r\nProvince: Guangdong Province\r\nCommonName: localhost.ptlogin2.qq.com\r\n\r\nIssuer:\r\nCountry: US\r\nOrganization: DigiCert Inc\r\nCommonName: DigiCert Secure Site CN CA G3\r\n",
+		"Digest": "\"\\n\\r\\n{\\\"code\\\":0,\\\"msg\\\":\\\"succ\"",
+		"FingerPrint": "DigiCert-Cert\t",
+		"FoundDomain": "localhost.ptlogin2.qq.com、ocsp.digicert.cn、cacerts.digicert.cn、localhost.ptlogin2.tencent.com、localhost.ptlogin2.tenpay.com、localhost.ptlogin2.weiyun.com、crl.digicert.cn",
+		"Header": "HTTP/1.1 200 OK\r\nContent-Type: application/json\r\nContent-Length: 26\r\n",
+		"IP": "127.0.0.1",
+		"Keyword": "",
+		"Length": "97",
+		"Port": "4001",
+		"Response": "HTTP/1.1 200 OK\r\nContent-Type: application/json\r\nContent-Length: 26\r\n\r\n{\"code\":0,\"msg\":\"success\"}",
+		"Service": "https",
+		"URL": "https://127.0.0.1:4001"
+	}
+]

README.md

@@ -12,17 +12,6 @@ QScan
 FScan
 ![img.png](assets/FScan.png)
 
-+ 免杀
-
-![img.png](assets/火绒免杀.png)
-
-![img.png](assets/img360.png)
-
-![img.png](assets/img卡巴斯基.png)
-
-+ 漏洞扫描
-![img_1.png](assets/img_1.png)
-
 + MS17010检测
 
 ## 使用参数

app/type-args.go

@@ -6,6 +6,7 @@ import (
 	"github.com/gookit/color"
 	"os"
 	"strings"
+	"time"
 )
 
 type args struct {
@@ -195,3 +196,50 @@ func gradient(text string, coloRR []*color.Style256) string {
 
 	return strings.TrimRight(output, "\n")
 }
+
+// CheckErrs 检查是否为需要重试的错误
+func CheckErrs(err error) error {
+	if err == nil {
+		return nil
+	}
+
+	// 已知需要重试的错误列表
+	errs := []string{
+		"closed by the remote host", "too many connections",
+		"EOF", "A connection attempt failed",
+		"established connection failed", "connection attempt failed",
+		"Unable to read", "is not allowed to connect to this",
+		"no pg_hba.conf entry",
+		"No connection could be made",
+		"invalid packet size",
+		"bad connection",
+	}
+
+	// 检查错误是否匹配
+	errLower := strings.ToLower(err.Error())
+	for _, key := range errs {
+		if strings.Contains(errLower, strings.ToLower(key)) {
+			time.Sleep(3 * time.Second)
+			return err
+		}
+	}
+
+	return nil
+}
+
+var Userdict = map[string][]string{
+	"elastic":   {"elastic", "admin", "kibana"},
+	"rabbitmq":  {"guest", "admin", "administrator", "rabbit", "rabbitmq", "root"},
+	"kafka":     {"admin", "kafka", "root", "test"},
+	"activemq":  {"admin", "root", "activemq", "system", "user"},
+	"ldap":      {"admin", "administrator", "root", "cn=admin", "cn=administrator", "cn=manager"},
+	"smtp":      {"admin", "root", "postmaster", "mail", "smtp", "administrator"},
+	"imap":      {"admin", "mail", "postmaster", "root", "user", "test"},
+	"pop3":      {"admin", "root", "mail", "user", "test", "postmaster"},
+	"zabbix":    {"Admin", "admin", "guest", "user"},
+	"rsync":     {"rsync", "root", "admin", "backup"},
+	"cassandra": {"cassandra", "admin", "root", "system"},
+	"neo4j":     {"neo4j", "admin", "root", "test"},
+}
+
+var Passwords = []string{"123456", "admin", "admin123", "root", "", "pass123", "pass@123", "password", "Password", "P@ssword123", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}111", "{user}123", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "{user}@123#4", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "123456!a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1qaz!QAZ", "2wsx@WSX", "qwe123!@#", "Aa123456!", "A123456s!", "sa123456", "1q2w3e", "Charge123", "Aa123456789", "elastic123"}

assets/img360.png

@@ -6,74 +6,16 @@ func DefaultFtpList() *AuthList {
 		"anonymous",
 		"ftp",
 		"test",
+		"admin",
+		"www",
 		"web",
-		//"admin",
-		//"test",
-		//"user",
-		//"root",
-		//"manager",
-		//"webadmin",
+		"root",
+		"db",
+		"wwwroot",
+		"data",
 	}
 	a.Password = []string{
-		"",
-		"123456",
-		"zaq1@WSX",
-		"%user%",
-		"%user%123",
-		"%user%1234",
-		"%user%123456",
-		"%user%12345",
-		"%user%@123",
-		"%user%@123456",
-		"%user%@12345",
-		"%user%#123",
-		"%user%#123456",
-		"%user%#12345",
-		"%user%_123",
-		"%user%_123456",
-		"%user%_12345",
-		"%user%123!@#",
-		"%user%!@#$",
-		"%user%!@#",
-		"%user%~!@",
-		"%user%!@#123",
-		"%user%2022",
-		"%user%2021",
-		"%user%2020",
-		"%user%2019",
-		"%user%2018",
-		"%user%2017",
-		"%user%2016",
-		"%user%2015",
-		"%user%@2017",
-		"%user%@2016",
-		"%user%@2015",
-		"qweasdzxc",
-		"Passw0rd",
-		"password",
-		"12345",
-		"1234",
-		"123",
-		"qwerty",
-		"1q2w3e4r",
-		"1qaz2wsx",
-		"qazwsx",
-		"123qwe",
-		"123qaz",
-		"0000",
-		"1234567",
-		"123456qwerty",
-		"password123",
-		"12345678",
-		"1q2w3e",
-		"abc123",
-		"test123",
-		"123456789",
-		"q1w2e3r4",
-		//"okmnji",
-		//"postgres",
-		//"test",
-		//"user",
+		"123456", "admin", "admin123", "root", "", "pass123", "pass@123", "password", "Password", "P@ssword123", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}111", "{user}123", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "{user}@123#4", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "123456!a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1qaz!QAZ", "2wsx@WSX", "qwe123!@#", "Aa123456!", "A123456s!", "sa123456", "1q2w3e", "Charge123", "Aa123456789", "elastic123",
 	}
 	a.Special = []Auth{
 		NewSpecialAuth("anonymous", "anonymous"),

assets/img卡巴斯基.png

@@ -4,6 +4,7 @@ func DefaultMssqlList() *AuthList {
 	a := NewAuthList()
 	a.Username = []string{
 		"sa",
+		"sql",
 		//"admin",
 		//"test",
 		//"user",
@@ -12,65 +13,7 @@ func DefaultMssqlList() *AuthList {
 		//"webadmin",
 	}
 	a.Password = []string{
-		"",
-		"123456",
-		"zaq1@WSX",
-		"%user%",
-		"%user%123",
-		"%user%1234",
-		"%user%123456",
-		"%user%12345",
-		"%user%@123",
-		"%user%@123456",
-		"%user%@12345",
-		"%user%#123",
-		"%user%#123456",
-		"%user%#12345",
-		"%user%_123",
-		"%user%_123456",
-		"%user%_12345",
-		"%user%123!@#",
-		"%user%!@#$",
-		"%user%!@#",
-		"%user%~!@",
-		"%user%!@#123",
-		"%user%2022",
-		"%user%2021",
-		"%user%2020",
-		"%user%2019",
-		"%user%2018",
-		"%user%2017",
-		"%user%2016",
-		"%user%2015",
-		"%user%@2017",
-		"%user%@2016",
-		"%user%@2015",
-		"qweasdzxc",
-		"Passw0rd",
-		"password",
-		"12345",
-		"1234",
-		"123",
-		"qwerty",
-		"1q2w3e4r",
-		"1qaz2wsx",
-		"qazwsx",
-		"123qwe",
-		"123qaz",
-		"0000",
-		"1234567",
-		"123456qwerty",
-		"password123",
-		"12345678",
-		"1q2w3e",
-		"abc123",
-		"test123",
-		"123456789",
-		"q1w2e3r4",
-		//"okmnji",
-		//"postgres",
-		//"test",
-		//"user",
+		"123456", "admin", "admin123", "root", "", "pass123", "pass@123", "password", "Password", "P@ssword123", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}111", "{user}123", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "{user}@123#4", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "123456!a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1qaz!QAZ", "2wsx@WSX", "qwe123!@#", "Aa123456!", "A123456s!", "sa123456", "1q2w3e", "Charge123", "Aa123456789", "elastic123",
 	}
 	a.Special = []Auth{
 		NewSpecialAuth("test", "test"),

assets/火绒免杀.png

@@ -4,6 +4,7 @@ func DefaultMysqlList() *AuthList {
 	a := NewAuthList()
 	a.Username = []string{
 		"root",
+		"mysql",
 		//"admin",
 		//"test",
 		//"user",
@@ -12,65 +13,7 @@ func DefaultMysqlList() *AuthList {
 		//"webadmin",
 	}
 	a.Password = []string{
-		"",
-		"123456",
-		"zaq1@WSX",
-		"%user%",
-		"%user%123",
-		"%user%1234",
-		"%user%123456",
-		"%user%12345",
-		"%user%@123",
-		"%user%@123456",
-		"%user%@12345",
-		"%user%#123",
-		"%user%#123456",
-		"%user%#12345",
-		"%user%_123",
-		"%user%_123456",
-		"%user%_12345",
-		"%user%123!@#",
-		"%user%!@#$",
-		"%user%!@#",
-		"%user%~!@",
-		"%user%!@#123",
-		"%user%2022",
-		"%user%2021",
-		"%user%2020",
-		"%user%2019",
-		"%user%2018",
-		"%user%2017",
-		"%user%2016",
-		"%user%2015",
-		"%user%@2017",
-		"%user%@2016",
-		"%user%@2015",
-		"qweasdzxc",
-		"Passw0rd",
-		"password",
-		"12345",
-		"1234",
-		"123",
-		"qwerty",
-		"1q2w3e4r",
-		"1qaz2wsx",
-		"qazwsx",
-		"123qwe",
-		"123qaz",
-		"0000",
-		"1234567",
-		"123456qwerty",
-		"password123",
-		"12345678",
-		"1q2w3e",
-		"abc123",
-		"test123",
-		"123456789",
-		"q1w2e3r4",
-		//"okmnji",
-		//"postgres",
-		//"test",
-		//"user",
+		"123456", "admin", "admin123", "root", "", "pass123", "pass@123", "password", "Password", "P@ssword123", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}111", "{user}123", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "{user}@123#4", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "123456!a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1qaz!QAZ", "2wsx@WSX", "qwe123!@#", "Aa123456!", "A123456s!", "sa123456", "1q2w3e", "Charge123", "Aa123456789", "elastic123",
 	}
 	a.Special = []Auth{
 		NewSpecialAuth("test", "test"),

core/hydra/default_ftp_authlist.go

@@ -11,9 +11,7 @@ func DefaultOracleList() *AuthList {
 		"orcl",
 	}
 	a.Password = []string{
-		"123456",
-		"abc123",
-		"okmnji",
+		"123456", "admin", "admin123", "root", "", "pass123", "pass@123", "password", "Password", "P@ssword123", "123123", "654321", "111111", "123", "1", "admin@123", "Admin@123", "admin123!@#", "{user}", "{user}1", "{user}111", "{user}123", "{user}@123", "{user}_123", "{user}#123", "{user}@111", "{user}@2019", "{user}@123#4", "P@ssw0rd!", "P@ssw0rd", "Passw0rd", "qwe123", "12345678", "test", "test123", "123qwe", "123qwe!@#", "123456789", "123321", "666666", "a123456.", "123456~a", "123456!a", "000000", "1234567890", "8888888", "!QAZ2wsx", "1qaz2wsx", "abc123", "abc123456", "1qaz@WSX", "a11111", "a12345", "Aa1234", "Aa1234.", "Aa12345", "a123456", "a123123", "Aa123123", "Aa123456", "Aa12345.", "sysadmin", "system", "1qaz!QAZ", "2wsx@WSX", "qwe123!@#", "Aa123456!", "A123456s!", "sa123456", "1q2w3e", "Charge123", "Aa123456789", "elastic123",
 	}
 	a.Special = []Auth{
 		NewSpecialAuth("internal", "oracle"),