*原创作者:北风飘然@金乌网络安全实验室,本文属FreeBuf原创奖励计划,未经许可禁止转载
前言
初学web安全的时候,找漏洞都是用北极熊扫描器扫出来的网站title来有目的性的‘刷’漏洞,后来随着网络主机的交替,ip的改变,北极熊扫出来的title也越来越不准确了。
大约在一月初开始打算扫全网的80端口,其中半个月时间调用了差不多7、8台服务器去扫描,扫了接近一半的中国ip段。但是发现结果不是特别满意,后来又在GitHub上找到了一个项目:
https://github.com/nanshihui/Scan-T
这个就很不错,可惜只是Django和Nmap结合起来,模仿了类似Shodan的东西,但是只有主机信息识别,也不是很满足。
构思
最近在构思一个想法,现有的扫描器像awvs,AppScan,Nessus等都是基于web爬虫,然后根据爬取的地址去扫描。这样会给网站造成很大的负担,并且容易触发防火墙,被限制拒绝访问。
但是现有的poc有很多,如果扫描器开始是基于web指纹识别,如果识别出web指纹,然后针对web框架使用poc去验证,反而效果会更好。
那么问题来了,怎么识别web指纹呢?
1. 基于web网站独有的favicon.ico的md5 比对网站类型;
2. 基于规则识别web站特征去识别;
3. 基于爬虫爬出来的网站目录比对web信息。
利弊
再说说这三种方法的利弊。
第一种速度最快,但也是最不准确的一种。因为大部分的favicon.ico都可以去更改,那么就会造成很大的误差。
第二种特征去识别可以寻找网站的css 、js代码的命名规则,也可以找关键字,以及head cookie等等,但是弊端是收集这些规则会耗费很久的时间。
第三种感觉准确性比较高,但是如果改了目录结构就会造成问题,而且一部分网站有反爬虫机制,会造成一些困扰。
总体来看,最好的是三种结合在一起。但是想做成轻量级的,于是选择了第二种。
分析
首先规则是个问题,但是国内与Shodan,钟馗之眼相同的搜索引擎就很开源的把规则放了出来。
然后用爬虫爬下来。
大概有1412中可识别出来的。
这样就简单了。
url = input('输入要识别的网址')
if url.startswith('http://'):
url = url
else:
url = 'http://'+url
headers = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 UBrowser/6.0.1471.914 Safari/537.36'}
response = requests.get(url=url,headers=headers)
bresponse = BeautifulSoup(response.text,"lxml")
title = bresponse.findAll('title') #title
for i in title:
title = i.get_text()
head = response.headers
response = response.text
header = ''
for key in head.keys(): #将 header集合
header = header+key+':'+head[key]
print('收集主页信息完毕')先把信息收集出来,分成title、body以及header。
body = {'content="WordPress':'WordPress','wp-includes':'WordPress',
'pma_password':'phpMyAdmin',
'AdaptCMS':'AdaptCMS',
'TUTUCMS':'tutucms','Powered by TUTUCMS':'tutucms',
'Powered by 1024 CMS':'1024 CMS','1024 CMS (c)':'1024 CMS',
'Publish By JCms2010':'捷点 JCMS',
'webEdition':'webEdition',
'Powered by phpshe':'phpshe','phpshe':'phpshe',
'/theme/2009/image&login.asp':'北京清科锐华CEMIS',
'css/25yi.css':'25yi','Powered by 25yi':'25yi',
'/bundles/oroui/':'oroCRM',
'Powered by SeaCms':'海洋CMS','seacms':'海洋CMS',
'/images/v7/cms.css':'qibosoft v7',
'opac_two':'北创图书检索系统',
'dayrui/statics':'dayrui系列CMS',
'upload/moban/images/style.css':'ASP168 欧虎','default.php?mod=article&do=detail&tid':'ASP168 欧虎',
'Powered by FineCMS':'FineCMS','dayrui@gmail.com':'FineCMS','FineCMS':'FineCMS',}写一个rule的模块,里面分别把body、title、header以字典的形式分开来。
def scan_head():
headrule = rule.head
web_information = 0
for key in headrule.keys():
if '&' in key:
keys = re.split('&',key)
if re.search(keys[0],header,re.I) and re.search(keys[1],response,re.I) :
web_information = headrule[key]
break
else:
continue
else:
req = re.search(key,header,re.I)
if req:
web_information = headrule[key]
break
else:
continue
return web_information比对关键字输出。
最后结果如下。
import requests
from bs4 import BeautifulSoup
import re
import rule
import sys
url = input('输入要识别的网址')
if url.startswith('http://'):
url = url
else:
url = 'http://'+url
headers = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 UBrowser/6.0.1471.914 Safari/537.36'}
response = requests.get(url=url,headers=headers)
bresponse = BeautifulSoup(response.text,"lxml")
title = bresponse.findAll('title') #title
for i in title:
title = i.get_text()
head = response.headers
response = response.text
header = ''
for key in head.keys(): #将 header集合
header = header+key+':'+head[key]
print('收集主页信息完毕')
def scan_title():
titlerule = rule.title
web_information = 0
for key in titlerule.keys():
req = re.search(key,title,re.I)
if req:
web_information = titlerule[key]
break
else:
continue
return web_information
def scan_head():
headrule = rule.head
web_information = 0
for key in headrule.keys():
if '&' in key:
keys = re.split('&',key)
if re.search(keys[0],header,re.I) and re.search(keys[1],response,re.I) :
web_information = headrule[key]
break
else:
continue
else:
req = re.search(key,header,re.I)
if req:
web_information = headrule[key]
break
else:
continue
return web_information
def scan_body():
body = rule.body
web_information = 0
for key in body.keys():
if '&' in key:
keys = re.split('&',key)
if re.search(keys[0],response,re.I) and re.search(keys[1],response,re.I):
web_information = body[key]
break
else:
continue
else:
req = re.search(key,response,re.I)
if req:
web_information = body[key]
break
else:
continue
return web_information
def main():
web_information = scan_title()
if web_information == 0:
web_information = scan_head()
if web_information == 0:
web_information = scan_body()
if web_information == 0:
print('无能为力了')
sys.exit()
else:
print(web_information)
else:
print(web_information)
else:
print(web_information)
if __name__ == '__main__':
main()规则如下
body = {'content="WordPress':'WordPress','wp-includes':'WordPress',
'pma_password':'phpMyAdmin',
'AdaptCMS':'AdaptCMS',
'TUTUCMS':'tutucms','Powered by TUTUCMS':'tutucms',
'Powered by 1024 CMS':'1024 CMS','1024 CMS (c)':'1024 CMS',
'Publish By JCms2010':'捷点 JCMS',
'webEdition':'webEdition',
'Powered by phpshe':'phpshe','phpshe':'phpshe',
'/theme/2009/image&login.asp':'北京清科锐华CEMIS',
'css/25yi.css':'25yi','Powered by 25yi':'25yi',
'/bundles/oroui/':'oroCRM',
'Powered by SeaCms':'海洋CMS','seacms':'海洋CMS',
'/images/v7/cms.css':'qibosoft v7',
'opac_two':'北创图书检索系统',
'dayrui/statics':'dayrui系列CMS',
'upload/moban/images/style.css':'ASP168 欧虎','default.php?mod=article&do=detail&tid':'ASP168 欧虎',
'Powered by FineCMS':'FineCMS','dayrui@gmail.com':'FineCMS','FineCMS':'FineCMS',
'ASPCMS':'ASPCMS',
'/index.php/clasify/showone/gtitle/':'O2OCMS',
'CmsEasy':'CmsEasy',
'damicms':'大米CMS','大米CMS':'大米CMS',
'/Include/EcsServerApi.js':'易创思ecs',
'Osclass':'Osclass',
'm_ctr32':'IdeaCMS','Powered By IdeaCMS':'IdeaCMS',
'bit-xxzs':'Bit','xmlpzs/webissue.asp':'Bit',
'/css/mymps.css':'mymps','mymps':'mymps',
'ycportal/webpublish':'全国烟草系统',
'bx_css_async':'Dolphin',
'/tpl/Home/weimeng/common/css/':'微门户',
'DianCMS_用户登陆引用':'易点CMS','DianCMS_SiteName':'易点CMS',
'r/cms/www':'unknown cms rcms',
'技术支持:云因信息':'yunyin','<a href="../scrp/getpassword.cfm':'yunyin','/scrp/book.cfm" method="post':'yunyin',
'PDV_PAGENAME':'PHPWEB',
'Author" content="微普外卖点餐系统':'微普外卖点餐系统','Powered By 点餐系统':'微普外卖点餐系统','userfiles/shoppics/':'微普外卖点餐系统',
'content="jieqi cms':'jieqi',
'Powerd by AppCMS':'appcms',
'content="OURPHP':'ourphp','Powered by ourphp':'ourphp',
'content="eAdmin':'eadmin',
'Powered by FengCms':'fengcms','content="FengCms':'fengcms',
'content="DotNetNuke':'DotNetNuke','content=",DotNetNuke':'DotNetNuke',
'Power by DedeCms':'DedeCMS','Powered by&http://www.dedecms.com/':'DedeCMS','/templets/default/style/dedecms.css':'DedeCMS',
'Created by DotNetCMS':'Foosun','For Foosun':'Foosun','Powered by www.Foosun.net,Products:Foosun Content Manage system':'Foosun',
'/deptWebsiteAction.do':'某通用型政府cms',
'Powered by wuzhicms':'wuzhicms','content="wuzhicms':'wuzhicms',
'_files/jspxcms.css':'Jspxcms',
'NITC Web Marketing Service':'NITC','/images/nitc1.png':'NITC',
'reader/view_abstract.aspx':'E-Tiller',
'content="IMGCMS':'IMGCms','Powered by IMGCMS':'IMGCms',
'/r/cms/www/':'RCMS','jhtml':'RCMS',
'/js/jtbc.js':'JTBC(CMS)','content="JTBC':'JTBC(CMS)',
'Powered by TurboCMS':'TurboCMS','/cmsapp/zxdcADD.jsp':'TurboCMS','/cmsapp/count/newstop_index.jsp?siteid=':'TurboCMS',
'本系统由<span class="STYLE1" ><a href="http://www.firstknow.cn':'中国期刊先知网','<img src="images/logoknow.png"':'中国期刊先知网',
'/js/jPackageCss/jPackage.css':'贷齐乐p2p','src="/js/jPackage':'贷齐乐p2p',
'generator" content="Typecho':'Typecho','强力驱动&Typecho':'Typecho',
'content="BageCMS':'八哥CMS',
'content="动力启航,DTCMS':'dtcms',
'keyicms:keyicms':'科蚁CMS','Powered by <a href="http://www.keyicms.com':'科蚁CMS',
'web980':'DIYWAP','bannerNum':'DIYWAP',
'generator" content="Plone':'plone',
'app/Tpl/fanwe_1/images/lazy_loading.gif&index.php?ctl=article_cate':'方维众筹',
'css/css_whir.css':'万户网络',
'wsite-page-index':'weebly',
'content="niubicms':'牛逼cms',
'/Widgets/WidgetCollection/':'We7',
'/css/yxcms.css':'Yxcms','content="Yxcms':'Yxcms',
'Powered by Diferior':'Diferior',
'Powered by PHPVOD':'phpvod','content="phpvod':'phpvod',
'Dolibarr Development Team':'Dolibarr',
'Telerik.Web.UI.WebResource.axd':'Telerik Sitefinity','content="Sitefinity':'Telerik Sitefinity',
'main/building.cfm':'云因网上书店','href="../css/newscomm.css':'云因网上书店',
'content="tipask':'Tipask',
'yidacms.css':'yidacms',
'advfile/ad12.js':'XYCMS',
'powerd by&BEESCMS':'beeCMS','template/default/images/slides.min.jquery.js':'beeCMS',
'Powered by ESPCMS':'ESPCMS','infolist_fff&/templates/default/style/tempates_div.css':'ESPCMS',
'webplus':'webplus','高校网站群管理平台':'webplus',
'content="WeiPHP':'weiphp','/css/weiphp.css':'weiphp',
'publish by BoyowCMS':'BoyowCMS',
'generator" content="ezCMS':'concrete5','CCM_DISPATCHER_FILENAME':'concrete5',
'凡科互联网科技股份有限公司':'凡科建站','content="凡科':'凡科建站',
'/css/cmstop-common.css':'CMSTop','/js/cmstop-common.js':'CMSTop','cmstop-list-text.css':'CMSTop','<a class="poweredby" href="http://www.cmstop.com"':'CMSTop',
'Powered by Adxstudio':'ADXStudio','poweredbyadx.png':'ADXStudio',
'Powered by DouPHP':'DouPHP','controlBase&indexLeft':'DouPHP', #三个&未写方法 只效验前两个 &recommendProduct
'content="MetInfo':'MetInfo','powered_by_metinfo':'MetInfo','/images/css/metinfo.css':'MetInfo',
'chanzhi.js':'chanzhi','\>\<a href=.+www.chanzhi.org':'chanzhi',
'content="Drupal':'Drupal','jQuery.extend\(Drupal.settings':'Drupal','ace-drupal7prod&/sites/all/themes/':'Drupal', #/sites/all/modules/ /sites/default/files/
'Powered By PHPB2B':'phpb2b',
'Powered by&http://www.phpcms.cn':'PhpCMS','content=\"Phpcms':'PhpCMS','Powered by Phpcms':'PhpCMS','data/config.js':'PhpCMS',
'SiteServer CMS&http://www.siteserver.cn':'SiteServer','T_系统首页模板':'SiteServer','siteserver&sitefiles':'SiteServer',
'JEECMS&Powered by':'JEECMS',
'script src="http://code.zoomla.cn/':'逐浪zoomla','NodePage.aspx&body="Item':'逐浪zoomla','/style/images/win8_symbol_140x140.png':'逐浪zoomla',
'Powered by Phpmps':'phpmps','templates/phpmps/style/index.css':'phpmps',
'Powered by Dswjcms':'dswjcms','content="Dswjcms':'dswjcms',
'maccms:voddaycount':'苹果CMS',
'content="PageAdmin CMS':'PageAdmin','/e/images/favicon.ico':'PageAdmin',
'_ZCMS_ShowNewMessage':'ZCMS','zcms_skin':'ZCMS','ZCMS泽元内容管理':'ZCMS',
'NewsClass.asp?BigClass=企业新闻':'南方良精','HrDemand.asp':'南方良精','Aboutus.asp?Title=企业简介':'南方良精',
'lan12-jingbian-hong':'易普拉格科研管理系统','科研管理系统,北京易普拉格科技':'易普拉格科研管理系统',
'/ks_inc/common.js':'KesionCMS','publish by KesionCMS':'KesionCMS',
'Produced By 大汉网络':'大汉系统(Hanweb)','<a href=\'http://www.hanweb.com\' style=\'display:none\'>':'大汉系统(Hanweb)','<meta name=\'Generator\' content=\'大汉版通\'>':'大汉系统(Hanweb)',
'<meta name=\'Author\' content=\'大汉网络\'>':'大汉系统(Hanweb)','/jcms_files/jcms':'大汉系统(Hanweb)',
'bigSortProduct.asp?bigid':'北京阳光环球建站系统',
'content="NIUCMS':'niucms',
'index.php\?ac=link_more&index.php\?ac=news_list':'TCCMS', #未找到实例
'publico/template/&zonapie':'360webfacil 360WebManager','360WebManager Software':'360webfacil 360WebManager',
'labelOppInforStyle':'地平线CMS','search_result.aspx&frmsearch':'地平线CMS',
'FoxPHPScroll':'FoxPHP','FoxPHP_ImList':'FoxPHP','content="FoxPHP':'FoxPHP',
'var webroot=':'sdcms','/js/sdcms.js':'sdcms',
'/wcm/app/js':'TRS WCM','0;URL=/wcm':'TRS WCM','window.location.href = "//wcm";':'TRS WCM','forum\.trs\.com\.cn&wcm':'TRS WCM',
'/wcm" target="_blank':'TRS WCM','/wcm" target="_blank">管理':'TRS WCM',
'/templates/default/css/common.css&selectjobscategory':'74cms','Powered by <a href="http://www\.74cms\.com/':'74cms','content="74cms.com':'74cms','content="骑士CMS':'74cms',
'Generator" content="2z project':'2z project',
'generator" content="MediaWiki':'MediaWiki','/wiki/images/6/64/Favicon.ico':'MediaWiki','Powered by MediaWiki':'MediaWiki',
'/app/home/skins/default/style.css':'ThinkSAAS',
'content="Joomla':'Joomla','/media/system/js/core\.js&/media/system/js/mootools-core\.js':'Joomla',
'phpMyWind.com All Rights Reserved':'PHPMyWind','content="PHPMyWind':'PHPMyWind',
'semcms PHP':'SEMcms','sc_mid_c_left_c sc_mid_left_bt':'SEMcms',
'/Template/Ant/Css/AntHomeComm\.css':'小蚂蚁',
'content="171cms':'171cms',
'content="BAOCMS':'baocms',
'infoglueBox.png':'infoglue',
'power by bcms':'bluecms','bcms_plugin':'bluecms',
'content="MoMoCMS':'MoMoCMS','Powered BY MoMoCMS':'MoMoCMS',
'/css/global\.css&/twcms/theme/':'TWCMS',
'content="emlog"':'Emlog',
'GB_ROOT_DIR&maincontent.css':'HIMS 酒店云计算服务','HIMS酒店云计算服务':'HIMS 酒店云计算服务',
'GENERATOR" content="EasySite':'Easysite','Copyright 2009 by Huilan':'Easysite','_DesktopModules_PictureNews':'Easysite',
'页面加载中,请稍候&FrontEnd':'国家数字化学习资源中心系统',
}
head = {'X-Pingback':'WordPress','xmlrpc.php':'WordPress','wordpress_test_cookie':'WordPress',
'phpMyAdmin=':'phpMyAdmin=',
'adaptcms':'adaptcms',
'SS_MID&squarespace.net':'squarespace建站',
'X-Mas-Server':'TRS MAS',
'dr_ci_session':'dayrui系列CMS',
'http://www.cmseasy.cn/service_1.html':'CmsEasy',
'Osclass':'Osclass',
'clientlanguage':'unknown cms rcms',
'X-Powered-Cms: Twilight CMS':'TwilightCMS',
'IRe.CMS':'irecms',
'DotNetNukeAnonymous':'DotNetNuke',
'Easyweb CMS':'EasywebCMS',
'Kooboocms':'Kooboocms',
'Dnnoutputcache':'Dnnoutputcache',
'sisRapid':'SamanPortal',
'Eleanor CMS':'EleanorCMS',
'X-Tncms-Version':'Tncms',
'wb_session_id':'WebsiteBaker',
'UMI.CMS':'UMI.CMS',
'plone.content':'plone',
'intern.weebly.net':'weebly',
'X-Powered-Cms&WMSN':'WMSN',
'thinkphp':'ThinkPHP','think_template':'ThinkPHP',
'X-Powered-Cms:Bitrix Site Manager':'BitrixSiteManager',
'X-Powered-Cms:Techart CMS':'TechartCMS',
'X-Powered-Cms:BPanel CMS':'BPanelCMS',
'Sitecore CMS':'Sitecore',
'X-Powered-Cms:FOXI BIZzz':'FOXI',
'313CMS':'313自助建站',
'Synkron Via CMS':'SynkronVia',
'CONCRETE5':'concrete5',
'iAPPSCookie':'iAPPS',
'Requestsuccess4ajax':'unknown cms',
'anonprofile':'ADXStudio',
'Set-Cookie:frontsid':'chanzhi',
'X-Generator:Drupal':'Drupal',
'X-Powered-Cms:Subrion CMS':'SubrionCMS',
'supe_sid':'SupeSite',
'fe_typo_user': 'typo3',
'X-Powered-By:PigCms.com':'PigCms',
'ZKSID2':'ZikulaCMS',
'AntXiaouserslogin':'小蚂蚁',
'Power by: baocms':'baocms',
'EasySite-Compression':'Easysite',
'Mura CMS':'MuraCMS',
}
title = {'phpMyAdmin':'phpMyAdmin',
'seacms':'海洋CMS',
'Powered by ASPCMS':'ASPCMS',
'Powered by CmsEasy':'CmsEasy',
'大米CMS':'大米CMS',
'mymps':'mymps',
'jieqi cms':'jieqi',
'eadmin':'eadmin',
'Powerd by Jspxcms':'Jspxcms',
'Powered by EmpireCMS':'帝国 EmpireCMS',
'dtcms':'dtcms',
'publiccms':'PublicCMS',
'Powered by XYCMS':'XYCMS',
'Powered by ESPCMS':'ESPCMS',
'Powered by MetInfo':'MetInfo',
'Powered by SiteServer CMS':'SiteServer',
'Powered by JEECMS':'JEECMS',
'Powered by Npoint':'Npoint',
'Power By TCCMS':'TCCMS',
'Powered by deep soon':'地平线CMS',
'powered by sdcms':'sdcms',
'owered by 小蚂蚁.+网站系统':'小蚂蚁',
'171cms':'171cms',
'baocms':'baocms',
'infoglue':'infoglue',
}效果如下
感兴趣的小伙伴如果想要全部规则,可联系金乌实验室,联系方式:jinwu@jinwulab.com
*原创作者:北风飘然@金乌网络安全实验室,本文属FreeBuf原创奖励计划,未经许可禁止转载
- 上一篇:HTTP认证的底层技术简析与揭秘
- 下一篇:【实验】如何本地搭建Struts2框架对S2-045漏洞进行利用
关注我们 分享每日精选文章
0daybank
已有 30 条评论
赞一个,顺便问下这个动画是什么软件录制的。
我来躺枪了…我的那个是基于文件是否存在来判定的,没有进行MD5判定,所以确实存在不精准的情况….
@ hyc66 这样感觉对网站有点压力啊 还有这小编太坑了颜色~~~
小伙子,你很有想法!跟我学做菜吧!
和楼主的想法不谋而合
这不是我大佛法的规则么..我也爬过那么一两次..后来发现不满意。删除了
手工更新规则?
自己写了个半途而废的小插件,暂时没有楼主做大数据的宏大理想,而是转为以最快速度仅在前端完成对当前访问内容的指纹识别。
看完文章,以上想法我也都尝试过,最终也是结合各优点,综合起来利用了,并且全放在了前端里js完成。
因为,听说下雨天做扫描Spider与WebSocket搭配食用风味更佳~凳子7脸(。・∀・)ノ゙,所以顺便可以对同主机其他端口探测。
我的方案,是对站点主页引用的静态文件分块,再进行识别,加入对框架结构侧影描绘的评估+人工纠正。
虽然感觉我这思路对你的项目没啥帮助,但是我就是要说~因为我懒得写了,希望有人延伸思路写完让懒得一笔的我直接用~
一、规则条目及权重值:
1.readme&lisense&log内容;40
2.Frame&RefulAPI返回值;40
3.js&css内容;40
4.robots&paths内容;30
5.title&meta内容;20
6.favicon&powerBy内容;20
(7).其他全页关键字内容&人工判断(费时间,仅备选);10
二、内容判断方法(arraySize+MD5)和(arrayBin)两种方式:
1.arraySize+MD5符合则直接命中,否则进入分块判断(存在文件+符合MD5条件中靶);
2.arrayBin分20个块,分块采样再对比MD5,重合率过75%就命中(避免文件小改动造成脱靶);
三、规则,主选123456,附选7:
123中靶2条及以上,直接命中(权重>=80);
123权重<=40(1条中靶)并且456权重<=50(总权重<=90),加入附选7(耗时判断,加入7后,权重>=80中靶);
大面积脱靶时(权重<50 OR 存在返回但无法判断),列举已发现信息供人工干预(手动决定是否进行耗时的爆破,或弃权)。
四、规则库归档方法:
服务类型 -> 环境类型(系统类型) -> CMS类型 -> 版本 -> 规则
比如:
webServer -> php -> wordpress -> 4.7.3 -> readme.html blablabla…
|———-> asp -> aspcms -> 2.x.x -> /asp_admin/install/install.lock blablabla…
Firewall -> linux -> Barracuda -> 5.x.x -> blablabla…
Camra -> busybox -> hikvision -> 3.x.x -> blablabla…
|——> busybox -> 360 -> 2.1.x -> blablabla…
规则收集和流程优化是最麻烦的……反正这个工具我是写不下去了,再说twoB小姐姐4月就上steam了。
项目什么的先荒废一哈,等刷完一周目再来写完吧……
人造人小姐姐!(╯‵□′)╯︵俺来啦!
@ evil7 没有没有 我也没啥宏观理想 做着玩的 哥们你这个 感觉太沉重了 另外twoB小姐姐是什么啊 私信我带我开车
@ 浅风飘雪 尼尔:机械纪元的主角
@ 浅风飘雪 尼尔小姐姐都不认识,兄弟得吊销驾照啊~
@ evil7 好车
@ 浅风飘雪 steam求带,发链接加个友谊吧
@ qiudai 其实steam我就玩个饥荒 哈哈 别的加友谊还行
漏了一种情况,
没favicon.ico标签时,浏览器默认寻找跟目录下的favicon.ico
例如apple.com
git地址呢
全网ip扫描,默认端口以及全端口服务识别,获取网页标题,网页底部文字,网页关键字,入库分类,再去exp轮奸web,批量get/post注入,top2000端口字典爆破,自动提权。仅供参考。
@ 土豆 可以的 扫描的脚本我都已经写好了
@ pine 加Q1307822230
@ 土豆 干嘛==
@ 土豆 该项目已完成
表示看不懂
全是fofa的规则,完全不提fofa,这样好吗?
@ fofa 啊没提么 不好意思 微博私信过赵武大大了 github上也声明了~~~
@ pine github地址能发出来嘛,我想看下,谢谢。
@ test https://github.com/cuijianxiong/cmscan
"首先规则是个问题,但是国内与Shodan,钟馗之眼相同的搜索引擎就很开源的把规则放了出来。"
然后下面放的爬虫的图是爬的fofa的规则吧,这样好吗
https://github.com/nanshihui/Scan-T 只是开源了 扫描的框架,具体的指纹模型和攻击模型,还未公开, 你从截图就可以看得出来,只有nmap 是根本达不到截图中的效果
默默地问小工具在哪里啊
同问