[0.4] Modify json result refer to #19 and fix telnet

zhzyker · Jun 13, 2022 · a2a779f · a2a779f
1 parent 7a9b25c
commit a2a779f
Show file tree

Hide file tree

Showing 6 changed files with 50 additions and 172 deletions.
diff --git a/configs/config.go b/configs/config.go
@@ -1,6 +1,6 @@
 package configs
 
-var DefaultPorts = []int{21, 22, 23, 25, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 110, 135, 137, 138, 139, 143, 389, 443, 445, 587, 631, 800, 801, 808, 880, 888, 1000, 1024, 1025, 1080, 1099, 1389, 1433, 1521, 3306, 3307, 3388, 3389, 3443, 5800, 5900, 6379, 7000, 7001, 7007, 7010, 7788, 8000, 8001, 8002, 8003, 8004, 8005, 8006, 8007, 8008, 8009, 8010, 8011, 8030, 8060, 8070, 8080, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8092, 8093, 8094, 8095, 8096, 8097, 8098, 8099, 8161, 8175, 8188, 8189, 8443, 8445, 8448, 8554, 8800, 8848, 8880, 8881, 8888, 8899, 8983, 8989, 9000, 9001, 9002, 9008, 9010, 9043, 9060, 9080, 9081, 9082, 9083, 9084, 9085, 9086, 9087, 9088, 9089, 9090, 9091, 9092, 9093, 9094, 9095, 9096, 9097, 9099, 9443, 9600, 9628, 9800, 9999, 11001, 13443, 49155, 50050, 61616}
+var DefaultPorts = []int{21, 22, 23, 25, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 110, 135, 137, 138, 139, 143, 389, 443, 445, 587, 631, 800, 801, 808, 880, 888, 1000, 1024, 1025, 1080, 1099, 1389, 1433, 1521, 2383, 3306, 3307, 3388, 3389, 3443, 5000, 5357, 5560, 5800, 5900, 6379, 7000, 7001, 7007, 7010, 7788, 8000, 8001, 8002, 8003, 8004, 8005, 8006, 8007, 8008, 8009, 8010, 8011, 8030, 8060, 8070, 8080, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8092, 8093, 8094, 8095, 8096, 8097, 8098, 8099, 8161, 8175, 8188, 8189, 8200, 8443, 8445, 8448, 8554, 8800, 8848, 8880, 8881, 8888, 8899, 8983, 8989, 9000, 9001, 9002, 9008, 9010, 9043, 9060, 9080, 9081, 9082, 9083, 9084, 9085, 9086, 9087, 9088, 9089, 9090, 9091, 9092, 9093, 9094, 9095, 9096, 9097, 9099, 9443, 9600, 9628, 9800, 9999, 11001, 13443, 49155, 50050, 61616}
 
 var DefaultHeader = map[string]string{
 	"Accept-Language": "zh,zh-TW;q=0.9,en-US;q=0.8,en;q=0.7,zh-CN;q=0.6",

diff --git a/configs/rule.go b/configs/rule.go
@@ -1076,6 +1076,7 @@ var RuleData = []RuleLab{
 	{1, "Destoon", "body", "", InStr{"(content=\"destoon|destoon_moduleid)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Devaldi-FlexPaper", "body", "", InStr{"(login to the flexpaper console|href=\"http://flexpaper.devaldi.com/plugins.htm\")", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "devolo-dLAN-WIFI", "body", "", InStr{"(href=\"customization.css\")", "", ""}, ReqHttp{"", "", nil, ""}},
+	{3, "Dreamer-CMS", "header", "", InStr{"", "(dreamer-cms-(.*)=)", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "DFE-SCADA", "body", "", InStr{"(scada|536870912)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "DHC-OA", "body", "", InStr{"(src=\"/extcomponent/security/image/dhc.png\")", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Diagrams", "body", "", InStr{"(<link rel=\"canonical\" href=\"https://app.diagrams.net\">)", "", ""}, ReqHttp{"", "", nil, ""}},
@@ -4440,6 +4441,7 @@ var RuleData = []RuleLab{
 	{1, "YMail-Optical-Content-Reading", "body", "", InStr{"(/ymail/default/js/menu.js)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Ymhome-OA", "body", "", InStr{"(/yimioa.apk)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Yongyou-ism", "body", "", InStr{"(sheight*window.screen.deviceydpi)", "", ""}, ReqHttp{"", "", nil, ""}},
+	{3, "Yonyou-NC", "body", "", InStr{"(url=nccloud)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{3, "Yonyou-ERP", "body", "", InStr{"(login_main_bg|login_owner)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{3, "Yonyou-ERP-NC", "body", "", InStr{"(/nc/servlet/nc.ui.iufo.login.index)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{3, "Yonyou-GRP-U8", "body", "", InStr{"(window.location.replace(\"login.jsp?up=1\"))", "", ""}, ReqHttp{"", "", nil, ""}},
@@ -4454,7 +4456,7 @@ var RuleData = []RuleLab{
 	{3, "Yonyou-U8-cloud", "body", "", InStr{"(开启u8 cloud云端之旅)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Yonyou-Uclient", "body", "", InStr{"(http-equiv=refresh content=0;url=index.jsp)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Yonyou-UFIDA", "body", "", InStr{"(/system/login/login.asp?appid=)", "", ""}, ReqHttp{"", "", nil, ""}},
-	{1, "Yonyou-UFIDA-NC", "body", "", InStr{"(ufida|logo/images/|logo/images/ufida_nc.png|<div id=\"nc_text\">|<div id=\"nc_img\" onmouseover=\"overimage('nc');|产品登录界面|ufida nc)", "", ""}, ReqHttp{"", "", nil, ""}},
+	{1, "Yonyou-UFIDA-NC", "body", "", InStr{"(ufida|logo/images/|logo/images/ufida_nc.png|<div id=\"nc_text\">|<div id=\"nc_img\" onmouseover=\"overimage('nc');|ufida nc)", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Yottabyte-Company's-product", "body", "", InStr{"(class=\"btn btn-primary form-btn form-btn-login pull-right\")", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "Yottabyte-Rizhiyi", "body", "", InStr{"(href=\"/static/assets/yottaweb-elements/index.css\")", "", ""}, ReqHttp{"", "", nil, ""}},
 	{1, "YouHua-iEMOS_CW", "body", "", InStr{"(var id = document.getelementbyid(\"txtyhmm\").value)", "", ""}, ReqHttp{"", "", nil, ""}},

diff --git a/internal/output/output.go b/internal/output/output.go
@@ -1,45 +1,64 @@
 package output
 
 import (
+	"encoding/hex"
+	"encoding/json"
 	"fmt"
+	"github.com/zhzyker/dismap/internal/flag"
 	"github.com/zhzyker/dismap/pkg/logger"
 	"os"
+	"time"
 )
 
-func Open(Args map[string]interface{}) *os.File  {
-	o := Args["FlagOutput"].(string)
-	op, err :=  os.OpenFile(o, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0666)
-	if logger.DebugError(err) {
-		logger.Error(fmt.Sprintf("Failed to open file %s", logger.Red(o)))
+func Open(Args map[string]interface{}) *os.File {
+	if len(Args["FlagOutJson"].(string)) != 0 {
+		return openFile(Args["FlagOutJson"].(string))
+	} else {
+		return openFile(Args["FlagOutput"].(string))
 	}
-	return op
 }
 
 func Write(result map[string]interface{}, output *os.File) {
 	if result["status"].(string) == "close" {
 		return
 	}
-	JsonOutput(result, "save")
-	content := fmt.Sprintf("%s, %s, %s, %s, %s, %s",
-		logger.GetTime(),
-		result["type"],
-		result["protocol"],
-		logger.Clean(result["identify.string"].(string)),
-		result["uri"],
-		result["banner.string"])
-	var text = []byte(content + "\n")
-	_, err := output.Write(text)
-	if logger.DebugError(err) {
-		logger.Error(fmt.Sprintf("Target %s write failed", logger.Red(result["uri"])))
+	if len(flag.OutJson) != 0 {
+		result["banner.byte"] = hex.EncodeToString(result["banner.byte"].([]byte))
+		result["date"] = time.Now().Unix()
+		byteR, _ := json.Marshal(result)
+		writeContent(output, string(byteR))
+	} else {
+		content := fmt.Sprintf("%s, %s, %s, %s, %s, %s",
+			logger.GetTime(),
+			result["type"],
+			result["protocol"],
+			logger.Clean(result["identify.string"].(string)),
+			result["uri"],
+			result["banner.string"])
+		writeContent(output, content)
 	}
 }
 
 func Close(file *os.File) {
-	JsonOutput(nil, "write")
 	err := file.Close()
 	if logger.DebugError(err) {
 		logger.Error(fmt.Sprintf("Close file %s exception", logger.Red(file.Name())))
 	} else {
 		logger.Info("The identification results are saved in " + logger.Yellow(file.Name()))
 	}
 }
+
+func openFile(name string) *os.File {
+	osFile, err := os.OpenFile(name, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0666)
+	if logger.DebugError(err) {
+		logger.Error(fmt.Sprintf("Failed to open file %s", logger.Red(name)))
+	}
+	return osFile
+}
+
+func writeContent(file *os.File, content string) {
+	_, err := file.Write([]byte(content + "\n"))
+	if logger.DebugError(err) {
+		logger.Error(fmt.Sprintf("Write failed: %s", logger.Red(content)))
+	}
+}
diff --git a/internal/output/output_json.go b/internal/output/output_json.go
diff --git a/internal/protocol/discover.go b/internal/protocol/discover.go
@@ -4,6 +4,7 @@ import (
 	"github.com/zhzyker/dismap/internal/parse"
 	"github.com/zhzyker/dismap/internal/protocol/get"
 	"github.com/zhzyker/dismap/pkg/logger"
+	"time"
 )
 
 func isContainInt(items []int, item int) bool {
@@ -15,82 +16,10 @@ func isContainInt(items []int, item int) bool {
 	return false
 }
 
-/*
-func getTls(result map[string]interface{}, host string, port int, timeout int) bool {
-	b, err := get.TlsProtocol(host, port, timeout)
-	if err == nil {
-		result["type"] = "tls"
-		result["status"] = "open"
-		result["banner.byte"] = b
-		return true
-	}
-	return false
-}
-
-func getTcp(result map[string]interface{}, host string, port int, timeout int) bool {
-	b, err := get.TcpProtocol(host, port, timeout)
-	if err == nil {
-		result["type"] = "tcp"
-		result["status"] = "open"
-		result["banner.byte"] = b
-		return true
-	}
-	return false
-}
-
-func getUdp(result map[string]interface{}, host string, port int, timeout int) bool {
-	b, err := get.UdpProtocol(host, port, timeout)
-	if err == nil {
-		result["type"] = "udp"
-		result["status"] = "open"
-		result["banner.byte"] = b
-		return true
-	}
-	return false
-}
-
-func getInfo(result map[string]interface{}, host string, port int, timeout int, pt string) {
-	var udpPort = []int{53, 111, 123, 137, 138, 139, 12345}
-	switch pt {
-	case "":
-		if getTls(result, host, port, timeout) {
-			return
-		}
-		if getTcp(result, host, port, timeout) {
-			return
-		}
-		if isContainInt(udpPort, port) == true {
-			if getUdp(result, host, port, timeout) {
-				return
-			}
-		}
-	case "tls":
-		if getTls(result, host, port, timeout) {
-			return
-		}
-	case "tcp":
-		if getTcp(result, host, port, timeout) {
-			return
-		}
-	case "udp":
-		if getUdp(result, host, port, timeout) {
-			return
-		}
-	}
-	result["type"] = pt
-	result["status"] = "close"
-	result["banner.byte"] = make([]byte, 256)
-	return
-}
-
-*/
-
 func setResult(host string, port int, Args map[string]interface{}) map[string]interface{} {
-	//timeout := Args["FlagTimeout"].(int)
-	//scheme := Args["FlagMode"].(string)
-	//pt := Args["FlagType"].(string)
 	var banner []byte
 	result := map[string]interface{}{
+		"date":            time.Now().Unix(),
 		"status":          "None",
 		"banner.byte":     banner,
 		"banner.string":   "None",
@@ -104,36 +33,8 @@ func setResult(host string, port int, Args map[string]interface{}) map[string]in
 		"identify.bool":   false,
 		"identify.string": "None",
 	}
-	//(result, host, port, timeout, pt)
-	return result
-}
-
-/*
-func Discover(host string, port int, Args map[string]interface{}) map[string]interface{} {
-	result := setResult(host, port, Args)
-	if result["status"] != "open" {
-		return result
-	}
-	result["banner.string"] = parse.ByteToStringParse1(result["banner.byte"].([]byte))
-
-	if result["type"] == "tls" {
-		if JudgeTls(result, Args) {
-			return result
-		}
-	}
-	if result["type"] == "tcp" {
-		if JudgeTcp(result, Args) {
-			return result
-		}
-	}
-	if result["type"] == "udp" {
-		if JudgeUdp(result, Args) {
-			return result
-		}
-	}
 	return result
 }
-*/
 
 func DiscoverTls(host string, port int, Args map[string]interface{}) map[string]interface{} {
 	result := setResult(host, port, Args)

diff --git a/internal/protocol/judge/tcp_telnet.go b/internal/protocol/judge/tcp_telnet.go
@@ -1,8 +1,10 @@
 package judge
 
 import (
+	"encoding/hex"
 	"github.com/zhzyker/dismap/pkg/logger"
 	"regexp"
+	"strings"
 )
 
 func TcpTelnet(result map[string]interface{}) bool {
@@ -15,6 +17,9 @@ func TcpTelnet(result map[string]interface{}) bool {
 	if ok {
 		result["protocol"] = "telnet"
 		return true
+	} else if strings.Contains(hex.EncodeToString(buff[0:2]), "fffb") {
+		result["protocol"] = "telnet"
+		return true
 	}
 	return false
-}
+}