fp

package
v1.2.2-sp3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 6, 2023 License: AGPL-3.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	DefaultNmapServiceProbeRules     map[*NmapProbe][]*NmapMatch
	DefaultNmapServiceProbeRulesOnce sync.Once
	DefaultWebFingerprintRules       []*webfingerprint.WebRule
	DefaultWebFingerprintRulesOnce   sync.Once
)
View Source
var FetchBannerFromHostPortEx = webfingerprint.FetchBannerFromHostPortEx
View Source
var TCPDefault = make(map[int][]defaultPort)
View Source
var UDPDefault = make(map[int][]defaultPort)

Functions

func ExtractBlockFromMatch

func ExtractBlockFromMatch(raw string) []string

func GetDefaultNmapServiceProbeRules

func GetDefaultNmapServiceProbeRules() (map[*NmapProbe][]*NmapMatch, error)

func GetDefaultTCPServiceName

func GetDefaultTCPServiceName(port int) string

func GetDefaultUDPServiceName

func GetDefaultUDPServiceName(port int) string

func GetDefaultWebFingerprintRules

func GetDefaultWebFingerprintRules() ([]*webfingerprint.WebRule, error)

func GetRuleBlockByConfig

func GetRuleBlockByConfig(currentPort int, config *Config) (emptyBlock *RuleBlock, blocks []*RuleBlock, ok bool)

func ParseNmapServiceProbeToRuleMap

func ParseNmapServiceProbeToRuleMap(raw []byte) (result map[*NmapProbe][]*NmapMatch, err error)

func ParseNmapServiceProbesTxt

func ParseNmapServiceProbesTxt(raw string) ([]*NmapProbe, []*NmapMatch, []string)

func SetMatchResultCache

func SetMatchResultCache(addr string, result *MatchResult)

func SetMatchResultDatabaseCache

func SetMatchResultDatabaseCache(addr string, result *MatchResult)

func UnquoteCStyleString

func UnquoteCStyleString(raw string) (string, error)

Types

type Config

type Config struct {
	// 针对那种传输层协议进行指纹识别?
	TransportProtos []TransportProto

	// 在主动模式发包的基础上进行探测控制
	// 稀有度越大,表示这个服务在现实存在的可能性越小
	// 取值范围为1-9
	// 默认值为 5
	RarityMax int

	/*
		Probe 为主动发送一些数据包来检测指纹信息的机制,以下选项可以控制 Probe 的使用
	*/
	// 主动模式,这个模式下,会主动发包进行探测指纹,(启用 Probe)
	// 默认值为 false
	ActiveMode bool

	// 默认每一个 Probe 的超时时间
	ProbeTimeout time.Duration

	// 发送 Probe 的数量限制,默认值为 5
	ProbesMax int

	// 发送 Probe 的并发量,默认值为 5
	ProbesConcurrentMax int

	// 指定规则
	FingerprintRules map[*NmapProbe][]*NmapMatch

	// 指纹检测时候取的数据大小,意味着多大的数据会参与到指纹识别中
	// 2048 为默认值
	// 主机指纹识别的时间与这个值成正比
	FingerprintDataSize int

	//
	// ForceEnableWebFingerprint 表示强制检测 Web 指纹
	ForceEnableWebFingerprint bool

	// OnlyEnableWebFingerprint 表示值进行 Web 指纹识别
	//    这个选项为 True 的时候,行为将会覆盖 ForceEnableWebFingerprint
	OnlyEnableWebFingerprint bool

	// 禁用专门的 Web 指纹扫描
	DisableWebFingerprint bool

	// 这个选项标志着,如果 Web 指纹检测中途已经检测出了某些指纹,也应该继续检测其他指纹
	WebFingerprintUseAllRules bool

	// 爬虫发现的最大 URL 数量,默认是 5 个
	CrawlerMaxUrlCount int

	// 使用指定的 WebRule 来测试 Web 指纹,默认为使用默认指纹
	WebFingerprintRules []*webfingerprint.WebRule

	// 并发池的大小配置(单体不生效)
	PoolSize int

	// 为端口扫描设置代理
	Proxies []string

	// 在同一个引擎进程内,可以缓存
	EnableCache bool

	// 设置数据库缓存,可以跨进程
	EnableDatabaseCache bool

	// Exclude
	ExcludeHostsFilter *hostsparser.HostsParser
	ExcludePortsFilter *filter.StringFilter
}

func NewConfig

func NewConfig(options ...ConfigOption) *Config

func (*Config) CanScanTCP

func (c *Config) CanScanTCP() bool

func (*Config) CanScanUDP

func (c *Config) CanScanUDP() bool

func (*Config) Configure

func (c *Config) Configure(ops ...ConfigOption)

func (*Config) GenerateWebFingerprintConfigOptions

func (f *Config) GenerateWebFingerprintConfigOptions() []webfingerprint.ConfigOption

func (*Config) IsFiltered

func (c *Config) IsFiltered(host string, port int) bool

type ConfigOption

type ConfigOption func(config *Config)

func WithActiveMode

func WithActiveMode(raw bool) ConfigOption

func WithCache

func WithCache(b bool) ConfigOption

func WithDatabaseCache

func WithDatabaseCache(b bool) ConfigOption

func WithDisableWebFingerprint

func WithDisableWebFingerprint(t bool) ConfigOption

func WithExcludeHosts

func WithExcludeHosts(hosts string) ConfigOption

func WithExcludePorts

func WithExcludePorts(ports string) ConfigOption

func WithFingerprintDataSize

func WithFingerprintDataSize(size int) ConfigOption

func WithFingerprintRule

func WithFingerprintRule(rules map[*NmapProbe][]*NmapMatch) ConfigOption

func WithForceEnableWebFingerprint

func WithForceEnableWebFingerprint(b bool) ConfigOption

func WithNmapRule

func WithNmapRule(i interface{}) ConfigOption

func WithOnlyEnableWebFingerprint

func WithOnlyEnableWebFingerprint(b bool) ConfigOption

func WithPoolSize

func WithPoolSize(size int) ConfigOption

func WithProbeTimeout

func WithProbeTimeout(timeout time.Duration) ConfigOption

func WithProbeTimeoutHumanRead

func WithProbeTimeoutHumanRead(f float64) ConfigOption

func WithProbesConcurrentMax

func WithProbesConcurrentMax(m int) ConfigOption

func WithProbesMax

func WithProbesMax(m int) ConfigOption

func WithProxy

func WithProxy(proxies ...string) ConfigOption

func WithRarityMax

func WithRarityMax(rarity int) ConfigOption

func WithTransportProtos

func WithTransportProtos(protos ...TransportProto) ConfigOption

func WithWebFingerprintRule

func WithWebFingerprintRule(i interface{}) ConfigOption

func WithWebFingerprintUseAllRules

func WithWebFingerprintUseAllRules(b bool) ConfigOption

type DataBlock

type DataBlock struct {
	Name    string
	Content []byte
	Option  []byte
}

type FingerprintInfo

type FingerprintInfo struct {
	IP               string                           `json:"ip"`
	Port             int                              `json:"port"`
	Proto            TransportProto                   `json:"proto"`
	ServiceName      string                           `json:"service_name"`
	ProductVerbose   string                           `json:"product_verbose"`
	Info             string                           `json:"info"`
	Version          string                           `json:"version"`
	Hostname         string                           `json:"hostname"`
	OperationVerbose string                           `json:"operation_verbose"`
	DeviceType       string                           `json:"device_type"`
	CPEs             []string                         `json:"cpes"`
	Raw              string                           `json:"raw"`
	Banner           string                           `json:"banner"`
	CPEFromUrls      map[string][]*webfingerprint.CPE `json:"cpe_from_urls"`
	HttpFlows        []*HTTPFlow                      `json:"http_flows"`
}

func ToFingerprintInfo

func ToFingerprintInfo(rule *NmapMatch, match *regexp2.Match) *FingerprintInfo

func (*FingerprintInfo) FromRegexp2Match

func (f *FingerprintInfo) FromRegexp2Match(match *regexp2.Match)

type HTTPFlow

type HTTPFlow struct {
	StatusCode     int                   `json:"status_code"`
	IsHTTPS        bool                  `json:"is_https"`
	RequestHeader  []byte                `json:"request_header"`
	RequestBody    []byte                `json:"request_body"`
	ResponseHeader []byte                `json:"response_header"`
	ResponseBody   []byte                `json:"response_body"`
	CPEs           []*webfingerprint.CPE `json:"cp_es"`
}

type MatchResult

type MatchResult struct {
	Target      string           `json:"target"`
	Port        int              `json:"port"`
	State       PortState        `json:"state"`
	Reason      string           `json:"reason"`
	Fingerprint *FingerprintInfo `json:"fingerprint"`
}

func GetMatchResultCache

func GetMatchResultCache(addr string) *MatchResult

func GetMatchResultDatabaseCache

func GetMatchResultDatabaseCache(addr string) *MatchResult

func (*MatchResult) GetBanner

func (m *MatchResult) GetBanner() string

func (*MatchResult) GetCPEs

func (m *MatchResult) GetCPEs() []string

func (*MatchResult) GetDomains

func (m *MatchResult) GetDomains() []string

func (*MatchResult) GetHtmlTitle

func (m *MatchResult) GetHtmlTitle() string

func (*MatchResult) GetProto

func (m *MatchResult) GetProto() TransportProto

func (*MatchResult) GetServiceName

func (m *MatchResult) GetServiceName() string

func (*MatchResult) HaveDialFailed

func (m *MatchResult) HaveDialFailed() bool

func (*MatchResult) IsOpen

func (m *MatchResult) IsOpen() bool

func (*MatchResult) Merge

func (m *MatchResult) Merge(f *MatchResult)

func (*MatchResult) String

func (m *MatchResult) String(schemaForce ...string) string

func (*MatchResult) Tidy

func (m *MatchResult) Tidy()

type Matcher

type Matcher struct {
	Config *Config
	// contains filtered or unexported fields
}

func NewDefaultFingerprintMatcher

func NewDefaultFingerprintMatcher(config *Config) (*Matcher, error)

func NewFingerprintMatcher

func NewFingerprintMatcher(rules map[*NmapProbe][]*NmapMatch, config *Config) (*Matcher, error)

func (*Matcher) Match

func (f *Matcher) Match(host string, port int, options ...ConfigOption) (result *MatchResult, err error)

func (*Matcher) MatchWithContext

func (f *Matcher) MatchWithContext(ctx context.Context, host string, port int, options ...ConfigOption) (result *MatchResult, err error)

type MatcherResultAnalysis

type MatcherResultAnalysis struct {
	TotalScannedPort         int                 `json:"total_scaned_port"`
	TotalOpenPort            int                 `json:"total_open_port"`
	TargetOpenPortCountMap   map[string]int      `json:"target_open_port_count_map"`
	TargetClosedPortCountMap map[string]int      `json:"target_closed_port_count_map"`
	ClosedPort               []string            `json:"closed_port"`
	OpenPortCPEMap           map[string][]string `json:"open_port_cpe_map"`
	OpenPortServiceMap       map[string]string   `json:"open_port_service_map"`
}

func MatcherResultsToAnalysis

func MatcherResultsToAnalysis(res []*MatchResult) *MatcherResultAnalysis

func (*MatcherResultAnalysis) Show

func (s *MatcherResultAnalysis) Show()

func (*MatcherResultAnalysis) ToJson

func (s *MatcherResultAnalysis) ToJson(file string)

type NmapMatch

type NmapMatch struct {
	ServiceName string `json:"service_name"`

	// m//
	MatchRule *regexp.Regexp `json:"match_rule"`

	// p//
	ProductVerbose string `json:"product_verbose"`

	// i//
	Info string `json:"info"`

	// v//
	Version string `json:"version_verbose"`

	// h
	Hostname string `json:"hostname"`

	// o
	OperationVerbose string `json:"operation_verbose"`

	// d
	DeviceType string `json:"device_type"`

	// From CPE
	CPEs []string `json:"cpes"`

	Raw string `json:"raw"`
}

func ParseNmapMatch

func ParseNmapMatch(raw string) ([]*NmapMatch, error)

type NmapProbe

type NmapProbe struct {
	Index        int            `json:"index"`
	Rarity       int            `json:"rarity"`
	DefaultPorts []int          `json:"default_ports"`
	Proto        TransportProto `json:"proto"`
	Name         string         `json:"probe_name"`
	Payload      string         `json:"payload"`
	Raw          string         `json:"raw"`
}

func ParseNmapProbe

func ParseNmapProbe(raw string) ([]*NmapProbe, error)

type Pool

type Pool struct {
	// contains filtered or unexported fields
}

func NewExecutingPool

func NewExecutingPool(
	ctx context.Context,
	size int,
	targetStream chan *PoolTask,
	config *Config,
) (*Pool, error)

func (*Pool) AddCallback

func (p *Pool) AddCallback(cb PoolCallback)

func (*Pool) Close

func (p *Pool) Close()

func (*Pool) Run

func (p *Pool) Run() error

func (*Pool) Submit

func (p *Pool) Submit(t *PoolTask, async bool) bool

type PoolCallback

type PoolCallback func(matcherResult *MatchResult, err error)

type PoolTask

type PoolTask struct {
	Host    string
	Port    int
	Urls    []string
	Options []ConfigOption
	// contains filtered or unexported fields
}

func (*PoolTask) WithContext

func (t *PoolTask) WithContext(ctx context.Context) *PoolTask

type PortState

type PortState string
var (
	OPEN    PortState = "open"
	CLOSED  PortState = "closed"
	UNKNOWN PortState = "unknown"
)

func (*PortState) String

func (p *PortState) String() string

type Rule

type Rule struct {
	Type        string
	ServiceName string
	DataBlocks  map[byte]*DataBlock
	CpeBlocks   []*DataBlock
}

type RuleBlock

type RuleBlock struct {
	Probe   *NmapProbe
	Matched []*NmapMatch
}

type TransportProto

type TransportProto string
var (
	TCP TransportProto = "tcp"
	UDP TransportProto = "udp"
)

func ParseStringToProto

func ParseStringToProto(protos ...interface{}) []TransportProto

Directories

Path Synopsis
cmd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL