Zabbix

用于探测主机web端口和对应内容的脚本

2021-05-14  本文已影响0人  Your7Maxx

最近的测试项目中,由于目标的资产太庞大,3000+个IP,端口扫描情况也是多的难以下手,我首先先人工大概过了一遍敏感端口,一遍下来明显吃不消,这样的人力排查既费时又费力,还存在疏漏,所以写了个脚本,针对web进行内容进行探测,减少了人工确认的工作。

import nmap
import requests
import multiprocessing
from bs4 import BeautifulSoup

headers = {'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138    Safari/537.36'}
def scan_port(ip):
    nm=nmap.PortScanner()
    tmp=nm.scan(ip,'80','-sS -Pn')
    #print(tmp['scan'].items())
    #print('**'*10)
    for host,result in tmp['scan'].items():
        #print(host)
        #print(result['tcp'])
        if result['status']['state'] == 'up':
            for port in result['tcp']:
                if result['tcp'][port]['state'] == 'open':
                    print('ip: '+f'\033[35m{host}\033[0m'+' TCP端口号:'+str(port)+' state:'+result['tcp'][port]['state'] + ' service: '+result['tcp'][port]['name'])
                    get_content(host)

                    '''
                    print('状态:' + result['udp'][port]['state'])
                    print('原因:' + result['udp'][port]['reason'])
                    print('额外信息:' + result['udp'][port]['extrainfo'])
                    print('名字:' + result['udp'][port]['name'])
                    print('版本:' + result['udp'][port]['version'])
                    print('产品:' + result['udp'][port]['product'])
                    print('CPE:' + result['udp'][port]['cpe'])
                    print('脚本:' + result['udp'][port]['script'])
                    '''

def get_content(host):
    response = requests.get('http://' + host, headers=headers,verify=False)
    response.encoding = response.apparent_encoding
    soup = BeautifulSoup(response.text, 'lxml')
    if soup.title == None:
        print('content:'+f'\033[35m{response.text}\033[0m')
    else:
        print('content:' + f'\033[35m{soup.title.string}\033[0m')

if __name__ == '__main__':
     iplist=open("ipList.txt","r")
     for ip in iplist:
        ip=ip.strip('\n')
        scan_port(ip)
    print("All of the IP have been scanned ,Task Done")

效果如下:


image.png

其实还可以加上协程等方式提高脚本的运行速度,脚本有待改进,目前能用就行。

上一篇 下一篇

猜你喜欢

热点阅读