add: 端口指纹记录相应包banner

cmd/go-portScan.go

@@ -183,7 +183,7 @@ func run(c *cli.Context) error {
 		}
 		defer csvFile.Close()
 		csvWrite = csv.NewWriter(csvFile)
-		csvWrite.Write([]string{"IP", "PORT", "SERVICE", "HTTP_TITLE", "HTTP_STATUS", "HTTP_SERVER", "HTTP_TLS", "HTTP_FINGERS"})
+		csvWrite.Write([]string{"IP", "PORT", "SERVICE", "BANNER", "HTTP_TITLE", "HTTP_STATUS", "HTTP_SERVER", "HTTP_TLS", "HTTP_FINGERS"})
 	}
 
 	go func() {
@@ -197,13 +197,14 @@ func run(c *cli.Context) error {
 			}
 			myLog.Println(ret.String())
 			if csvWrite != nil {
-				line := []string{ret.Ip.String(), strconv.Itoa(int(ret.Port)), ret.Service, "", "", "", "", ""}
+				line := []string{ret.Ip.String(), strconv.Itoa(int(ret.Port)), ret.Service, "", "", "", "", "", ""}
+				line[3] = strings.NewReplacer("\\r", "\r", "\\n", "\n").Replace(strings.Trim(strconv.Quote(string(ret.Banner)), "\""))
 				if ret.HttpInfo != nil {
-					line[3] = ret.HttpInfo.Title
-					line[4] = strconv.Itoa(ret.HttpInfo.StatusCode)
-					line[5] = ret.HttpInfo.Server
-					line[6] = ret.HttpInfo.TlsCN
-					line[7] = strings.Join(ret.HttpInfo.Fingers, ",")
+					line[4] = ret.HttpInfo.Title
+					line[5] = strconv.Itoa(ret.HttpInfo.StatusCode)
+					line[6] = ret.HttpInfo.Server
+					line[7] = ret.HttpInfo.TlsCN
+					line[8] = strings.Join(ret.HttpInfo.Fingers, ",")
 				}
 				csvWrite.Write(line)
 				csvWrite.Flush()

core/port/fingerprint/fingerprint.go

@@ -45,7 +45,7 @@ var readBufPool = &sync.Pool{
 }
 
 // PortIdentify 端口识别
-func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Duration) (serviceName string, isDailErr bool) {
+func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Duration) (serviceName string, banner []byte, isDailErr bool) {
 
 	matchedRule := make(map[string]struct{})
 	// 记录对应服务已经进行过匹配
@@ -65,11 +65,11 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
 	if serviceNames, ok := portServiceOrder[_port]; ok {
 		for _, service := range serviceNames {
 			recordMatched(service)
-			sn, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
+			sn, banner, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
 			if sn != "" {
-				return sn, false
+				return sn, banner, false
 			} else if isDailErr {
-				return unknown, isDailErr
+				return unknown, banner, isDailErr
 			}
 		}
 	}
@@ -85,19 +85,20 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
 		address := fmt.Sprintf("%s:%d", ip, _port)
 		conn, _ = net.DialTimeout(network, address, dailTimeout)
 		if conn == nil {
-			return unknown, true
+			return unknown, banner, true
 		}
 		n, _ = read(conn, buf)
 		conn.Close()
 		if n != 0 {
+			banner = buf[:n]
 			for _, service := range onlyRecv {
 				_, ok := matchedRule[service]
 				if ok {
 					continue
 				}
 				for _, rule := range serviceRules[service].DataGroup {
 					if matchRuleWhithBuf(buf[:n], ip, _port, rule) {
-						return service, false
+						return service, banner, false
 					}
 				}
 
@@ -115,11 +116,11 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
 			continue
 		}
 		recordMatched(service)
-		sn, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
+		sn, banner, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
 		if sn != "" {
-			return sn, false
+			return sn, banner, false
 		} else if isDailErr {
-			return unknown, true
+			return unknown, banner, true
 		}
 	}
 
@@ -129,15 +130,15 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
 		if ok {
 			continue
 		}
-		sn, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
+		sn, banner, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
 		if sn != "" {
-			return sn, false
+			return sn, banner, false
 		} else if isDailErr {
-			return unknown, true
+			return unknown, banner, true
 		}
 	}
 
-	return unknown, false
+	return unknown, banner, false
 }
 
 // 指纹匹配函数
@@ -164,7 +165,7 @@ func matchRuleWhithBuf(buf, ip net.IP, _port uint16, rule ruleData) bool {
 }
 
 // 指纹匹配函数
-func matchRule(network string, ip net.IP, _port uint16, serviceName string, dailTimeout time.Duration) (serviceNameRet string, isDailErr bool) {
+func matchRule(network string, ip net.IP, _port uint16, serviceName string, dailTimeout time.Duration) (serviceNameRet string, banner []byte, isDailErr bool) {
 	var err error
 	var isTls bool
 	var conn net.Conn
@@ -236,6 +237,7 @@ func matchRule(network string, ip net.IP, _port uint16, serviceName string, dail
 			if n == 0 {
 				return
 			}
+			banner = buf[:n]
 			// 包含数据就正确
 			if matchRuleWhithBuf(buf[:n], ip, _port, rule) {
 				serviceNameRet = serviceName

core/port/port.go

@@ -101,6 +101,7 @@ type OpenIpPort struct {
 	Ip       net.IP
 	Port     uint16
 	Service  string
+	Banner   []byte
 	HttpInfo *HttpInfo
 }
 

core/port/syn/syn.go

@@ -317,7 +317,7 @@ func (ss *SynScanner) portProbeHandle() {
 			if _openIpPort.Port != 0 {
 				if ss.option.FingerPrint {
 					ss.WaitLimiter()
-					_openIpPort.Service, _ = fingerprint.PortIdentify("tcp", _openIpPort.Ip, _openIpPort.Port, 2*time.Second)
+					_openIpPort.Service, _openIpPort.Banner, _ = fingerprint.PortIdentify("tcp", _openIpPort.Ip, _openIpPort.Port, 2*time.Second)
 				}
 				if ss.option.Httpx && (_openIpPort.Service == "" || _openIpPort.Service == "http" || _openIpPort.Service == "https") {
 					ss.WaitLimiter()

core/port/tcp/tcp.go

@@ -67,7 +67,7 @@ func (ts *TcpScanner) Scan(ip net.IP, dst uint16) error {
 		}
 		var isDailErr bool
 		if ts.option.FingerPrint {
-			openIpPort.Service, isDailErr = fingerprint.PortIdentify("tcp", ip, dst, 2*time.Second)
+			openIpPort.Service, openIpPort.Banner, isDailErr = fingerprint.PortIdentify("tcp", ip, dst, 2*time.Second)
 			if isDailErr {
 				return
 			}