LadonGo

git0hub1 · Jan 14, 2021 · f6b461e · f6b461e
1 parent 036f90d
commit f6b461e
Show file tree

Hide file tree

Showing 7 changed files with 140 additions and 17 deletions.
diff --git a/Ladon.go b/Ladon.go
@@ -25,6 +25,7 @@ import (
 	"github.com/k8gege/LadonGo/exp"
 	"github.com/k8gege/LadonGo/dic"
 	//"github.com/k8gege/LadonGo/tcp"
+	"github.com/k8gege/LadonGo/redis"
 	"github.com/fatih/color"
 	"strings"
 	"log"
@@ -141,8 +142,18 @@ func Exploit() {
 
 }
 
-var isicmp bool
+func Noping() {
+	s:=""
+	if runtime.GOOS!="windows" {
+		s="./"
+	}
+	fmt.Println("\nNoping Example:")
+	fmt.Println(s+"Ladon noping 192.168.1.8 PortScan")
+	fmt.Println(s+"Ladon noping ip.txt PortScan")
+}
 
+var isicmp bool
+var ver="3.3"
 func incIP(ip net.IP) {
 	for j := len(ip) - 1; j >= 0; j-- {
 		ip[j]++
@@ -168,7 +179,7 @@ func GetUser(){
 var debugLog *log.Logger
 var scanports string
 func main() {
-	color.Green("LadonGo 3.2 by k8gege")
+	color.Green("LadonGo "+ver+" by k8gege")
 	fmt.Println("Arch: "+runtime.GOARCH+" OS: "+runtime.GOOS)
 	if icmp.IcmpOK("localhost") {
 	isicmp=true}
@@ -197,6 +208,10 @@ func main() {
 			FuncList()
 			os.Exit(0)
 		}
+		if SecPar=="NOPING"{
+			Noping()
+			os.Exit(0)
+		}
 		if SecPar=="BRUTEFOR"||SecPar=="BRUTE"||SecPar=="BRUTEFORCE"||SecPar=="BRUTE-FORCE"  {
 			BruteFor()
 			os.Exit(0)
@@ -376,7 +391,7 @@ func BScan(ScanType string,Target string){
 	ip = strings.Replace(ip, "/B", "", -1)
 	ips := strings.Split(ip,".")
 	ip = ips[0]+"."+ips[1]
-	for i:=1;i<256;i++ {
+	for i:=0;i<256;i++ {
 		ip:=fmt.Sprintf("%s.%d",ip,i)
 		fmt.Println("\nC_Segment: "+ip)
 		fmt.Println("=============================================")
@@ -388,7 +403,7 @@ func AScan(ScanType string,Target string){
 	ip = strings.Replace(ip, "/A", "", -1)
 	ips := strings.Split(ip,".")
 	ip = ips[0]
-	for i:=1;i<256;i++ {
+	for i:=0;i<256;i++ {
 		ip:=fmt.Sprintf("%s.%d",ip,i)
 		BScan(ScanType,ip)
 	}
@@ -431,13 +446,21 @@ func LadonScan(ScanType string,Target string) {
 		if icmp.IcmpOK(Target) {
 			if strings.Contains(scanports, ",") {
 				port.ScanPortBanners(Target,scanports)
+			} else if strings.Contains(scanports, "-") {
+				port.ScanPortBannerRange(Target,scanports)
+			} else if scanports!="" {
+				port.ScanPortBannerSingle(Target,scanports)
 			} else {
 				port.ScanPortBanner(Target)
 			}
 		} 
 		}else if ping.PingOK(Target) {
 			if strings.Contains(scanports, ",") {
 				port.ScanPortBanners(Target,scanports)
+			} else if strings.Contains(scanports, "-") {
+				port.ScanPortBannerRange(Target,scanports)
+			} else if scanports!="" {
+				port.ScanPortBannerSingle(Target,scanports)
 			} else {
 				port.ScanPortBanner(Target)
 			}
@@ -486,6 +509,8 @@ func LadonScan(ScanType string,Target string) {
 		oracle.SqlPlusScan(ScanType,Target)
 	} else if ScanType == "WINRMSCAN" {
 		winrm.WinrmScan(ScanType,Target)
+	} else if ScanType == "REDISSCAN" {
+		redis.RedisNullScan(ScanType,Target)
 	} else if ScanType == "HTTPBASICSCAN" ||ScanType == "BASICAUTHSCAN" ||ScanType == "401SCAN"  {
 		http.BasicAuthScan(ScanType,"http://"+Target)
 	} else {

diff --git a/REDISSCAN.Log b/REDISSCAN.Log
@@ -0,0 +1,6 @@
+2020/12/21 21:12:33 Found: 192.168.1.21 6379 ISOK
+2020/12/21 21:14:00 Found: 192.168.1.21 6379 ISOK
+2020/12/21 21:14:45 Found: 192.168.1.21 6379 ISOK
+2020/12/21 21:21:13 Found: 192.168.1.21 6379 ISOK
+2020/12/21 21:46:45 Found: 192.168.1.21 6379 ISOK
+2020/12/21 21:46:51 Found: 192.168.1.21 6379 ISOK
diff --git a/logger/logger.go b/logger/logger.go
@@ -32,34 +32,48 @@ func PrintIsok(ScanType,h ,u ,p string){
 		//} else
 		//{fmt.Println("\033[35mFound: "+h+" "+u+" "+p+" ISOK\033[0m")}
 		color.Magenta("Found: "+h+" "+u+" "+p+" ISOK")
-		logFile, err := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
-		if err != nil {
-			panic(err)
-		}
+		logFile, _ := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
+		//if err != nil {
+			//panic(err)
+		//}
 		log.SetOutput(logFile)
 		log.Println("Found: "+h+" "+u+" "+p+" ISOK")
 }
 
+func PrintIsok0(ScanType,h ,p string){
+		//if runtime.GOOS=="windows" {
+			//fmt.Println("Found: "+h+" "+u+" "+p+" ISOK")
+		//} else
+		//{fmt.Println("\033[35mFound: "+h+" "+u+" "+p+" ISOK\033[0m")}
+		color.Magenta("Found: "+h+" "+p+" ISOK")
+		logFile, _ := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
+		//if err != nil {
+			//panic(err)
+		//}
+		log.SetOutput(logFile)
+		log.Println("Found: "+h+" "+p+" ISOK")
+}
+
 func PrintIsok2(ScanType,h ,port,u ,p string){
 	//if runtime.GOOS=="windows" {
 		//fmt.Println("Found: "+h+" "+port+" "+u+" "+p+" ISOK")
 	//} else
 	//{fmt.Println("\033[35mFound: "+h+" "+port+" "+u+" "+p+" ISOK\033[0m")}
 	color.Magenta("Found: "+h+" "+u+" "+p+" ISOK")
-		logFile, err := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
-		if err != nil {
-			panic(err)
-		}
+		logFile, _ := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
+		//if err != nil {
+			//panic(err)
+		//}
 		log.SetOutput(logFile)
 		log.Println("Found: "+h+" "+port+" "+u+" "+p+" ISOK")
 }
 
 func PrintIsok3(ScanType,h ,port,u ,p , d string){
 	color.Magenta("Found: "+h+" "+u+" "+p+" "+d+" ISOK")
-		logFile, err := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
-		if err != nil {
-			panic(err)
-		}
+		logFile, _ := os.OpenFile(ScanType+".Log", os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0777)
+		//if err != nil {
+			//panic(err)
+		//}
 		log.SetOutput(logFile)
 		log.Println("Found: "+h+" "+port+" "+u+" "+p+" "+d+" ISOK")
 }
diff --git a/port.log b/port.log
@@ -0,0 +1 @@
+192.168.1.21	6379 Open
diff --git a/port/port.go b/port/port.go
@@ -141,7 +141,7 @@ func workerPort(tasks chan Workdist,debugLog *log.Logger){
 
 }
 
-var DefaultPorts = []int{21,22,23,25,80,443,8080,110,135,139,445,389,489,587,1433,1434,1521,1522,1723,2121,3306,3389,4899,5631,5632,5800,5900,7071,43958,65500,4444,8888,6789,4848,5985,5986,8081,8089,8443,10000,6379,7001,7002}
+var DefaultPorts = []int{21,22,23,25,80,443,8080,110,135,139,445,389,489,587,1433,1434,1521,1522,1723,2121,3000,3306,3389,4899,5631,5632,5800,5900,7071,43958,65500,4444,8888,6789,4848,5985,5986,8081,8089,8443,10000,6379,7001,7002}
 
 func ScanPort(host string){
 var wg sync.WaitGroup
@@ -182,4 +182,19 @@ for _, port:= range strings.Split(ports,",")  {
 //tcp.GetBanner(host,p)
 tcp.TcpBanner(host,port)
 }
+}
+
+func ScanPortBannerSingle(host,port string){	
+tcp.TcpBanner(host,port)
+}
+
+func ScanPortBannerRange(host,ports string){	
+port:=strings.Split(ports,"-") 
+p1, _ := strconv.Atoi(port[0])
+p2, _ := strconv.Atoi(port[1])
+
+for i := p1; i <= p2; i++ {
+    tcp.TcpBanner(host,strconv.Itoa(i))
+}
+
 }
diff --git a/redis/redis_auth.go b/redis/redis_auth.go
@@ -0,0 +1,40 @@
+package redis
+//Ladon Scanner for golang 
+//Author: k8gege
+//K8Blog: http://k8gege.org/Ladon
+//Github: https://github.com/k8gege/LadonGo
+import (
+    //"fmt"
+ 	"strconv"
+    "github.com/monnand/goredis"
+    "github.com/k8gege/LadonGo/port"
+    "github.com/k8gege/LadonGo/logger"
+)
+
+func RedisNullAuth(host string,iport int) (result bool) {
+     result = false
+if port.PortCheck(host,iport) {
+    var client goredis.Client
+    port:=strconv.Itoa(iport)
+    client.Addr = host+":"+port
+    err := client.Set("test", []byte("ISOK"))
+    if err != nil {
+        //panic(err)
+    }
+
+    res, _ := client.Get("test")
+	if string(res)=="ISOK" {	
+		result = true
+	}
+
+    client.Set("test", []byte("test"))
+}
+return result
+}
+
+func RedisNullScan(ScanType,host string) {
+if RedisNullAuth(host,6379) {
+	logger.PrintIsok0(ScanType,host,"6379")
+}
+
+}
diff --git a/update.txt b/update.txt
@@ -0,0 +1,22 @@
+3.3 2021.01.14
+[u] 修复无权限写文件时，结束密码爆破的BUG
+[u] 修复B段、A段漏扫0段的BUG
+[u] PortScan  增加Ruby on Rails默认WEB端口3000
+[+] RedisScan Redis未授权访问扫描
+[u] TcpBanner 范围端口 例子: Ladon ip/24 TcpBanner 80-89
+[u] PortScan  范围端口 例子: Ladon ip/24 PortScan 80-89
+[u] TcpBanner 指定端口 例子: Ladon ip/24 TcpBanner 80
+[u] PortScan  指定端口 例子: Ladon ip/24 PortScan 80
+
+3.2 2020.12.18
+[u] PortScan默认扫Banner 高亮显示SSH、HTTP、FTP服务
+[+] TcpBanner 自定义端口 例子: Ladon ip/24 TcpBanner 80,135,445
+[+] PortScan 自定义端口  例子: Ladon ip/24 PortScan 80,135,445
+[u] 修复ICMP误报的问题(icmp_seq=1 Destination Host Unreachable)
+
+#### TcpBanner
+ScanStart: 2020-12-18 02:30:33
+192.168.1.19 22 Open SSH-2.0-OpenSSH_5.1 
+192.168.1.145 22 Open SSH-2.0-OpenSSH_5.1 
+192.168.1.1 21 Open 220 Welcome to virtual FTP service.
+192.168.1.1 80 Open HTTP/1.1 200 OK Connection: Keep-Alive