fp

package
v1.3.5-alpha0802 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 2, 2024 License: AGPL-3.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	DefaultNmapServiceProbeRules     map[*NmapProbe][]*NmapMatch
	DefaultNmapServiceProbeRulesOnce sync.Once
	DefaultWebFingerprintRules       []*rule.FingerPrintRule
	DefaultWebFingerprintRulesOnce   sync.Once
)
View Source 
var FpMatchResultTTLCache = utils.NewTTLCache[*MatchResult](3 * time.Minute)
View Source 
var TCPDefault = make(map[int][]defaultPort)
View Source 
var UDPDefault = make(map[int][]defaultPort)

Functions

func ExtractBlockFromMatch 

func ExtractBlockFromMatch(raw string) []string

func FetchBannerFromHostPort 

func FetchBannerFromHostPort(baseCtx context.Context, packet2 []byte, host string, port interface{}, bufferSize int64, runtimeId string, proxy ...string) (bool, []*lowhttp.RedirectFlow, error)

func FileOrDirToWebRules 

func FileOrDirToWebRules(dir string) []*rule.FingerPrintRule

func GetDefaultNmapServiceProbeRules 

func GetDefaultNmapServiceProbeRules() (map[*NmapProbe][]*NmapMatch, error)

func GetDefaultTCPServiceName 

func GetDefaultTCPServiceName(port int) string

func GetDefaultUDPServiceName 

func GetDefaultUDPServiceName(port int) string

func GetDefaultWebFingerprintRules 

func GetDefaultWebFingerprintRules() ([]*rule.FingerPrintRule, error)

func GetRuleBlockByConfig 

func GetRuleBlockByConfig(currentPort int, config *Config) (emptyBlock *RuleBlock, blocks []*RuleBlock, ok bool)

func ParseNmapServiceProbeToRuleMap 

func ParseNmapServiceProbeToRuleMap(raw []byte) (result map[*NmapProbe][]*NmapMatch, err error)

func ParseNmapServiceProbesTxt 

func ParseNmapServiceProbesTxt(raw string) ([]*NmapProbe, []*NmapMatch, []string)

func SetMatchResultCache 

func SetMatchResultCache(addr string, result *MatchResult)

func SetMatchResultDatabaseCache 

func SetMatchResultDatabaseCache(addr string, result *MatchResult)

func UnquoteCStyleString 

func UnquoteCStyleString(raw string) (string, error)

Types

type Config 

type Config struct {
	// 针对那种传输层协议进行指纹识别?
	TransportProtos []TransportProto

	// 在主动模式发包的基础上进行探测控制
	// 稀有度越大,表示这个服务在现实存在的可能性越小
	// 取值范围为1-9
	// 默认值为 5
	RarityMax int

	/*
		Probe 为主动发送一些数据包来检测指纹信息的机制,以下选项可以控制 Probe 的使用
	*/
	// 主动模式,这个模式下,会主动发包进行探测指纹,(启用 Probe)
	// 默认值为 false
	ActiveMode bool

	// 默认每一个 Probe 的超时时间
	ProbeTimeout time.Duration

	// 发送 Probe 的数量限制,默认值为 5
	ProbesMax int

	// 发送 Probe 的并发量,默认值为 5
	ProbesConcurrentMax int

	// 指定规则
	FingerprintRules map[*NmapProbe][]*NmapMatch

	// 指纹检测时候取的数据大小,意味着多大的数据会参与到指纹识别中
	// 2048 为默认值
	// 主机指纹识别的时间与这个值成正比
	FingerprintDataSize int

	//
	// ForceEnableAllFingerprint 表示强制检测 Web 指纹
	ForceEnableAllFingerprint bool

	// OnlyEnableWebFingerprint 表示值进行 Web 指纹识别
	//    这个选项为 True 的时候,行为将会覆盖 ForceEnableAllFingerprint
	OnlyEnableWebFingerprint bool

	// 禁用专门的 Web 指纹扫描
	DisableWebFingerprint bool

	// 这个选项标志着,如果 Web 指纹检测中途已经检测出了某些指纹,也应该继续检测其他指纹
	WebFingerprintUseAllRules bool

	// 爬虫发现的最大 URL 数量,默认是 5 个
	CrawlerMaxUrlCount int

	// 使用指定的 WebRule 来测试 Web 指纹,默认为使用默认指纹
	WebFingerprintRules []*rule.FingerPrintRule

	// 并发池的大小配置(单体不生效)
	PoolSize int

	// 为端口扫描设置代理
	Proxies []string

	// 在同一个引擎进程内,可以缓存
	EnableCache bool

	// 设置数据库缓存,可以跨进程
	EnableDatabaseCache bool

	// Exclude
	ExcludeHostsFilter *hostsparser.HostsParser
	ExcludePortsFilter *utils.PortsFilter

	// Runtime id
	RuntimeId string

	// ctx
	Ctx context.Context

	// Disable default fingerprint
	DisableDefaultFingerprint    bool
	DisableDefaultIotFingerprint bool
	// contains filtered or unexported fields
}

func NewConfig 

func NewConfig(options ...ConfigOption) *Config

func (*Config) CanOnlyScanTCP added in v1.2.3 

func (c *Config) CanOnlyScanTCP() bool

func (*Config) CanScanTCP 

func (c *Config) CanScanTCP() bool

func (*Config) CanScanUDP 

func (c *Config) CanScanUDP() bool

func (*Config) Configure 

func (c *Config) Configure(ops ...ConfigOption)

func (*Config) GetFingerprintRules 

func (c *Config) GetFingerprintRules() map[*NmapProbe][]*NmapMatch

func (*Config) GetWebFingerprintRules 

func (c *Config) GetWebFingerprintRules() []*rule.FingerPrintRule

func (*Config) IsFiltered 

func (c *Config) IsFiltered(host string, port int) bool

type ConfigOption 

type ConfigOption func(config *Config)

func WithActiveMode 

func WithActiveMode(raw bool) ConfigOption

func WithCache 

func WithCache(b bool) ConfigOption

cache servicescan 的配置选项,设置本次扫描是否使用缓存 @param {bool} b 是否使用缓存 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.cache(true)) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithCtx added in v1.3.3 

func WithCtx(ctx context.Context) ConfigOption

func WithDatabaseCache 

func WithDatabaseCache(b bool) ConfigOption

databaseCache servicescan 的配置选项,设置本次扫描是否使用数据库缓存 @param {bool} b 是否使用数据库缓存 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.databaseCache(true)) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithDisableIotWebFingerprint 

func WithDisableIotWebFingerprint(t bool) ConfigOption

func WithDisableWebFingerprint 

func WithDisableWebFingerprint(t bool) ConfigOption

func WithExcludeHosts 

func WithExcludeHosts(hosts string) ConfigOption

excludeHosts servicescan 的配置选项,设置本次扫描排除的主机 @param {string} hosts 主机,支持逗号分割、CIDR、-的格式 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("192.168.1.1/24", "22-80,443,3389", servicescan.excludeHosts("192.168.1.1")) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithExcludePorts 

func WithExcludePorts(ports string) ConfigOption

excludePorts servicescan 的配置选项,设置本次扫描排除的端口 @param {string} ports 端口,支持逗号分割、-的格式 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.excludePorts("22,80")) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithFingerprintDataSize 

func WithFingerprintDataSize(size int) ConfigOption

func WithFingerprintRule 

func WithFingerprintRule(rules map[*NmapProbe][]*NmapMatch) ConfigOption

func WithForceEnableAllFingerprint added in v1.3.1 

func WithForceEnableAllFingerprint(b bool) ConfigOption

func WithNmapRule 

func WithNmapRule(i interface{}) ConfigOption

nmapRule servicescan 的配置选项,设置本次扫描使用的 Nmap 指纹规则 @param {interface{}} i Nmap 指纹规则

func WithOnlyEnableWebFingerprint 

func WithOnlyEnableWebFingerprint(b bool) ConfigOption

func WithPoolSize 

func WithPoolSize(size int) ConfigOption

concurrent servicescan 的配置选项,用于设置整体扫描并发 @param {int} size 并发数量 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.concurrent(100)) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithProbeTimeout 

func WithProbeTimeout(timeout time.Duration) ConfigOption

func WithProbeTimeoutHumanRead 

func WithProbeTimeoutHumanRead(f float64) ConfigOption

probeTimeout servicescan 的配置选项,设置每一个探测包的超时时间 @param {float64} f 超时时间,单位为秒 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.probeTimeout(5)) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithProbesConcurrentMax 

func WithProbesConcurrentMax(m int) ConfigOption

maxProbesConcurrent servicescan 的配置选项,设置本次扫描发送 Probe 的并发量,默认值为 5 @param {int} m 并发量 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.active(true), // 需要在主动发包的基础上 servicescan.maxProbes(50), // 设置本次扫描使用的最大探测包数量 servicescan.maxProbesConcurrent(10) // 设置本次扫描发送 Probe 的并发量 ) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithProbesMax 

func WithProbesMax(m int) ConfigOption

maxProbes servicescan 的配置选项,在主动模式发包的基础上设置本次扫描使用的最大探测包数量,默认值为 5 @param {int} m 最大探测包数量 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.active(true), // 需要在主动发包的基础上 servicescan.maxProbes(10) ) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithProxy 

func WithProxy(proxies ...string) ConfigOption

proxy servicescan 的配置选项,设置本次扫描使用的代理 @param {string} proxies 代理地址,支持 http 和 socks5 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.proxy("http://127.0.0.1:1080")) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithRarityMax 

func WithRarityMax(rarity int) ConfigOption

nmapRarityMax servicescan 的配置选项,设置本次扫描使用的 Nmap 指纹稀有度,在主动模式发包的基础上进行探测控制 稀有度越大,表示这个服务在现实存在的可能性越小,取值范围为 1-9,默认值为 5 @param {int} rarity 稀有度,取值范围为 1-9 @return {ConfigOption} 返回配置项 Example: ``` result, err = servicescan.Scan("127.0.0.1", "22-80,443,3389,161", servicescan.active(true), // 需要在主动发包的基础上通过稀有度进行筛选 servicescan.nmapRarityMax(9), ) die(err) 

for v := range result {
	fmt.Println(v.String())
}

```

func WithRuntimeId added in v1.3.3 

func WithRuntimeId(id string) ConfigOption

func WithTransportProtos 

func WithTransportProtos(protos ...TransportProto) ConfigOption

func WithWebFingerprintRule 

func WithWebFingerprintRule(i any) ConfigOption

webRule servicescan 的配置选项,设置本次扫描使用的 Web 指纹规则 @param {interface{}} i Web 指纹规则

func WithWebFingerprintUseAllRules 

func WithWebFingerprintUseAllRules(b bool) ConfigOption

type DataBlock 

type DataBlock struct {
	Name    string
	Content []byte
	Option  []byte
}

type FingerprintInfo 

type FingerprintInfo struct {
	IP               string                 `json:"ip"`
	Port             int                    `json:"port"`
	Proto            TransportProto         `json:"proto"`
	ServiceName      string                 `json:"service_name"`
	ProductVerbose   string                 `json:"product_verbose"`
	Info             string                 `json:"info"`
	Version          string                 `json:"version"`
	Hostname         string                 `json:"hostname"`
	OperationVerbose string                 `json:"operation_verbose"`
	DeviceType       string                 `json:"device_type"`
	CPEs             []string               `json:"cpes"`
	Raw              string                 `json:"raw"`
	Banner           string                 `json:"banner"`
	CPEFromUrls      map[string][]*rule.CPE `json:"cpe_from_urls"`
	HttpFlows        []*HTTPFlow            `json:"http_flows"`

	// tls info for fill...
	TLSInspectResults []*netx.TLSInspectResult
}

func ToFingerprintInfo 

func ToFingerprintInfo(rule *NmapMatch, match *regexp2.Match) *FingerprintInfo

func (*FingerprintInfo) FromRegexp2Match 

func (f *FingerprintInfo) FromRegexp2Match(match *regexp2.Match)

type HTTPFlow 

type HTTPFlow struct {
	StatusCode     int         `json:"status_code"`
	IsHTTPS        bool        `json:"is_https"`
	RequestHeader  []byte      `json:"request_header"`
	RequestBody    []byte      `json:"request_body"`
	ResponseHeader []byte      `json:"response_header"`
	ResponseBody   []byte      `json:"response_body"`
	CPEs           []*rule.CPE `json:"cp_es"`
}

type MatchResult 

type MatchResult struct {
	Target      string           `json:"target"`
	Port        int              `json:"port"`
	State       PortState        `json:"state"`
	Reason      string           `json:"reason"`
	Fingerprint *FingerprintInfo `json:"fingerprint"`
}

func GetMatchResultCache 

func GetMatchResultCache(addr string) *MatchResult

func GetMatchResultDatabaseCache 

func GetMatchResultDatabaseCache(addr string) *MatchResult

func (*MatchResult) GetBanner 

func (m *MatchResult) GetBanner() string

func (*MatchResult) GetCPEs 

func (m *MatchResult) GetCPEs() []string

func (*MatchResult) GetDomains 

func (m *MatchResult) GetDomains() []string

func (*MatchResult) GetFuzzRequest added in v1.2.4 

func (m *MatchResult) GetFuzzRequest() *mutate.FuzzHTTPRequest

func (*MatchResult) GetHtmlTitle 

func (m *MatchResult) GetHtmlTitle() string

func (*MatchResult) GetProto 

func (m *MatchResult) GetProto() TransportProto

func (*MatchResult) GetRequestRaw added in v1.2.4 

func (m *MatchResult) GetRequestRaw() (bool, []byte)

func (*MatchResult) GetResponseRaw added in v1.2.4 

func (m *MatchResult) GetResponseRaw() []byte

func (*MatchResult) GetServiceName 

func (m *MatchResult) GetServiceName() string

func (*MatchResult) HaveDialFailed 

func (m *MatchResult) HaveDialFailed() bool

func (*MatchResult) IsOpen 

func (m *MatchResult) IsOpen() bool

func (*MatchResult) Merge 

func (m *MatchResult) Merge(f *MatchResult)

func (*MatchResult) String 

func (m *MatchResult) String(schemaForce ...string) string

func (*MatchResult) Tidy 

func (m *MatchResult) Tidy()

type Matcher 

type Matcher struct {
	Config *Config
	// contains filtered or unexported fields
}

func NewDefaultFingerprintMatcher 

func NewDefaultFingerprintMatcher(config *Config) (*Matcher, error)

func NewFingerprintMatcher 

func NewFingerprintMatcher(rules map[*NmapProbe][]*NmapMatch, config *Config) (*Matcher, error)

func (*Matcher) Match 

func (f *Matcher) Match(host string, port int, options ...ConfigOption) (result *MatchResult, err error)

func (*Matcher) MatchWithContext 

func (f *Matcher) MatchWithContext(ctx context.Context, host string, port int, options ...ConfigOption) (result *MatchResult, err error)

type MatcherResultAnalysis 

type MatcherResultAnalysis struct {
	TotalScannedPort         int                 `json:"total_scaned_port"`
	TotalOpenPort            int                 `json:"total_open_port"`
	TargetOpenPortCountMap   map[string]int      `json:"target_open_port_count_map"`
	TargetClosedPortCountMap map[string]int      `json:"target_closed_port_count_map"`
	ClosedPort               []string            `json:"closed_port"`
	OpenPortCPEMap           map[string][]string `json:"open_port_cpe_map"`
	OpenPortServiceMap       map[string]string   `json:"open_port_service_map"`
}

func MatcherResultsToAnalysis 

func MatcherResultsToAnalysis(res []*MatchResult) *MatcherResultAnalysis

func (*MatcherResultAnalysis) Show 

func (s *MatcherResultAnalysis) Show()

func (*MatcherResultAnalysis) ToJson 

func (s *MatcherResultAnalysis) ToJson(file string)

type NmapMatch 

type NmapMatch struct {
	ServiceName string `json:"service_name"`

	// m//
	MatchRule lazyRegexpInterface `json:"match_rule"`

	// p//
	ProductVerbose string `json:"product_verbose"`

	// i//
	Info string `json:"info"`

	// v//
	Version string `json:"version_verbose"`

	// h
	Hostname string `json:"hostname"`

	// o
	OperationVerbose string `json:"operation_verbose"`

	// d
	DeviceType string `json:"device_type"`

	// From CPE
	CPEs []string `json:"cpes"`

	Raw string `json:"raw"`
}

func ParseNmapMatch 

func ParseNmapMatch(raw string) ([]*NmapMatch, error)

type NmapProbe 

type NmapProbe struct {
	Index        int            `json:"index"`
	Rarity       int            `json:"rarity"`
	DefaultPorts []int          `json:"default_ports"`
	Proto        TransportProto `json:"proto"`
	Name         string         `json:"probe_name"`
	Payload      string         `json:"payload"`
	Raw          string         `json:"raw"`
}

func ParseNmapProbe 

func ParseNmapProbe(raw string) ([]*NmapProbe, error)

type Pool 

type Pool struct {
	// contains filtered or unexported fields
}

func NewExecutingPool 

func NewExecutingPool(
	ctx context.Context,
	size int,
	targetStream chan *PoolTask,
	config *Config,
) (*Pool, error)

func (*Pool) AddCallback 

func (p *Pool) AddCallback(cb PoolCallback)

func (*Pool) Close 

func (p *Pool) Close()

func (*Pool) Run 

func (p *Pool) Run() error

func (*Pool) Submit 

func (p *Pool) Submit(t *PoolTask, async bool) bool

type PoolCallback 

type PoolCallback func(matcherResult *MatchResult, err error)

type PoolTask 

type PoolTask struct {
	Host    string
	Port    int
	Urls    []string
	Options []ConfigOption
	// contains filtered or unexported fields
}

func (*PoolTask) WithContext 

func (t *PoolTask) WithContext(ctx context.Context) *PoolTask

type PortState 

type PortState string
var (
	OPEN    PortState = "open"
	CLOSED  PortState = "closed"
	UNKNOWN PortState = "unknown"
)

func (*PortState) String 

func (p *PortState) String() string

type Rule 

type Rule struct {
	Type        string
	ServiceName string
	DataBlocks  map[byte]*DataBlock
	CpeBlocks   []*DataBlock
}

type RuleBlock 

type RuleBlock struct {
	Probe   *NmapProbe
	Matched []*NmapMatch
}

func GetRuleBlockByServiceName added in v1.2.3 

func GetRuleBlockByServiceName(serviceName string, config *Config) (blocks []*RuleBlock)

type TransportProto 

type TransportProto string
var (
	TCP TransportProto = "tcp"
	UDP TransportProto = "udp"
)

func ParseStringToProto 

func ParseStringToProto(protos ...interface{}) []TransportProto

Source Files

View all Source files

Directories

Path Synopsis
cmd
scanfpcmd
parsers
rule
rule_resources
utils

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.