Skip to content

Commit

Permalink
add: 端口指纹记录相应包banner
Browse files Browse the repository at this point in the history
  • Loading branch information
XinRoom committed Dec 18, 2023
1 parent 08e0da1 commit 43f2964
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 23 deletions.
15 changes: 8 additions & 7 deletions cmd/go-portScan.go
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ func run(c *cli.Context) error {
}
defer csvFile.Close()
csvWrite = csv.NewWriter(csvFile)
csvWrite.Write([]string{"IP", "PORT", "SERVICE", "HTTP_TITLE", "HTTP_STATUS", "HTTP_SERVER", "HTTP_TLS", "HTTP_FINGERS"})
csvWrite.Write([]string{"IP", "PORT", "SERVICE", "BANNER", "HTTP_TITLE", "HTTP_STATUS", "HTTP_SERVER", "HTTP_TLS", "HTTP_FINGERS"})
}

go func() {
Expand All @@ -197,13 +197,14 @@ func run(c *cli.Context) error {
}
myLog.Println(ret.String())
if csvWrite != nil {
line := []string{ret.Ip.String(), strconv.Itoa(int(ret.Port)), ret.Service, "", "", "", "", ""}
line := []string{ret.Ip.String(), strconv.Itoa(int(ret.Port)), ret.Service, "", "", "", "", "", ""}
line[3] = strings.NewReplacer("\\r", "\r", "\\n", "\n").Replace(strings.Trim(strconv.Quote(string(ret.Banner)), "\""))
if ret.HttpInfo != nil {
line[3] = ret.HttpInfo.Title
line[4] = strconv.Itoa(ret.HttpInfo.StatusCode)
line[5] = ret.HttpInfo.Server
line[6] = ret.HttpInfo.TlsCN
line[7] = strings.Join(ret.HttpInfo.Fingers, ",")
line[4] = ret.HttpInfo.Title
line[5] = strconv.Itoa(ret.HttpInfo.StatusCode)
line[6] = ret.HttpInfo.Server
line[7] = ret.HttpInfo.TlsCN
line[8] = strings.Join(ret.HttpInfo.Fingers, ",")
}
csvWrite.Write(line)
csvWrite.Flush()
Expand Down
30 changes: 16 additions & 14 deletions core/port/fingerprint/fingerprint.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ var readBufPool = &sync.Pool{
}

// PortIdentify 端口识别
func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Duration) (serviceName string, isDailErr bool) {
func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Duration) (serviceName string, banner []byte, isDailErr bool) {

matchedRule := make(map[string]struct{})
// 记录对应服务已经进行过匹配
Expand All @@ -65,11 +65,11 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
if serviceNames, ok := portServiceOrder[_port]; ok {
for _, service := range serviceNames {
recordMatched(service)
sn, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
sn, banner, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
if sn != "" {
return sn, false
return sn, banner, false
} else if isDailErr {
return unknown, isDailErr
return unknown, banner, isDailErr
}
}
}
Expand All @@ -85,19 +85,20 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
address := fmt.Sprintf("%s:%d", ip, _port)
conn, _ = net.DialTimeout(network, address, dailTimeout)
if conn == nil {
return unknown, true
return unknown, banner, true
}
n, _ = read(conn, buf)
conn.Close()
if n != 0 {
banner = buf[:n]
for _, service := range onlyRecv {
_, ok := matchedRule[service]
if ok {
continue
}
for _, rule := range serviceRules[service].DataGroup {
if matchRuleWhithBuf(buf[:n], ip, _port, rule) {
return service, false
return service, banner, false
}
}

Expand All @@ -115,11 +116,11 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
continue
}
recordMatched(service)
sn, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
sn, banner, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
if sn != "" {
return sn, false
return sn, banner, false
} else if isDailErr {
return unknown, true
return unknown, banner, true
}
}

Expand All @@ -129,15 +130,15 @@ func PortIdentify(network string, ip net.IP, _port uint16, dailTimeout time.Dura
if ok {
continue
}
sn, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
sn, banner, isDailErr = matchRule(network, ip, _port, service, dailTimeout)
if sn != "" {
return sn, false
return sn, banner, false
} else if isDailErr {
return unknown, true
return unknown, banner, true
}
}

return unknown, false
return unknown, banner, false
}

// 指纹匹配函数
Expand All @@ -164,7 +165,7 @@ func matchRuleWhithBuf(buf, ip net.IP, _port uint16, rule ruleData) bool {
}

// 指纹匹配函数
func matchRule(network string, ip net.IP, _port uint16, serviceName string, dailTimeout time.Duration) (serviceNameRet string, isDailErr bool) {
func matchRule(network string, ip net.IP, _port uint16, serviceName string, dailTimeout time.Duration) (serviceNameRet string, banner []byte, isDailErr bool) {
var err error
var isTls bool
var conn net.Conn
Expand Down Expand Up @@ -236,6 +237,7 @@ func matchRule(network string, ip net.IP, _port uint16, serviceName string, dail
if n == 0 {
return
}
banner = buf[:n]
// 包含数据就正确
if matchRuleWhithBuf(buf[:n], ip, _port, rule) {
serviceNameRet = serviceName
Expand Down
1 change: 1 addition & 0 deletions core/port/port.go
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,7 @@ type OpenIpPort struct {
Ip net.IP
Port uint16
Service string
Banner []byte
HttpInfo *HttpInfo
}

Expand Down
2 changes: 1 addition & 1 deletion core/port/syn/syn.go
Original file line number Diff line number Diff line change
Expand Up @@ -317,7 +317,7 @@ func (ss *SynScanner) portProbeHandle() {
if _openIpPort.Port != 0 {
if ss.option.FingerPrint {
ss.WaitLimiter()
_openIpPort.Service, _ = fingerprint.PortIdentify("tcp", _openIpPort.Ip, _openIpPort.Port, 2*time.Second)
_openIpPort.Service, _openIpPort.Banner, _ = fingerprint.PortIdentify("tcp", _openIpPort.Ip, _openIpPort.Port, 2*time.Second)
}
if ss.option.Httpx && (_openIpPort.Service == "" || _openIpPort.Service == "http" || _openIpPort.Service == "https") {
ss.WaitLimiter()
Expand Down
2 changes: 1 addition & 1 deletion core/port/tcp/tcp.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ func (ts *TcpScanner) Scan(ip net.IP, dst uint16) error {
}
var isDailErr bool
if ts.option.FingerPrint {
openIpPort.Service, isDailErr = fingerprint.PortIdentify("tcp", ip, dst, 2*time.Second)
openIpPort.Service, openIpPort.Banner, isDailErr = fingerprint.PortIdentify("tcp", ip, dst, 2*time.Second)
if isDailErr {
return
}
Expand Down

0 comments on commit 43f2964

Please sign in to comment.