al0ne / vxscan Goto Github PK

python3写的综合扫描工具，主要用来存活验证，敏感文件探测(目录扫描/js泄露接口/html注释泄露)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。

License: Apache License 2.0

Python 97.98% HTML 2.02%

python python3 portscan tools pentest scan-tool security-tools waf fingerprint directory-scanning

vxscan's Introduction

vxscan's People

Contributors

Stargazers

Watchers

Forkers

toygang wooyun-evil kyhvedn j4ckzh0u victor0013 v1cker 12009 wucaishi stop1992 webvul shenliehuozhi a1418692409 djiangliu lengyun123456 liuliu2307 trojanazhen liu0tufang xuacker asdfkj1 rainism xiaoyaodashao lanpan999 f8syw5v springy1 huyanshuhan fengzihk difa12321 hades7777 zstreamer kenanat songofhack ajdecade gongwy zglaozhu hotsunrize shimxx lily110 vectornetworkteam cclauss hanlen520 weikety bitian westcityinstitute yangctc z3r023 manyoubaby123 kk-os lyy0755 summersnowwintercat skydownsnhit luo1994 hunterhawk bingpo benhe119 wooluo n3t1ab7 mypuppet aaq1adqwe mlynchcogent c0dak m4d3bug ooori redwifiteam rajivraj stjordanis yut0u sh1nu11bi 48h153k huayet tlcyeee liqiang0330 monkeyfx crazier9527 hhy5277 mlokas 42vision isees walker02 shadow3301 jy1989 qhxb ivybao0628 ii0 shaunstanislauslau m0w3n jerrynotme jesonfei yingyingguaier hockbase leaderyangzi xxsmile123 ilovecode2018 huangyuan666 nachoag76 02bx az0ne packqin 5up3rc soliontheroad lagartoplastico

vxscan's Issues

credentials input

Hi,

i need make an scan but after the port scan i get an error with "Access is denied due to invalid credentials" so i need to know how can i put credentials for the scan.

regards

Not working -

it is not working. it started but stops while pinging.

there is also no db folder, i had to create one. still not working

virustotal_python requirement error

Fresh install, uninstall and installing again, still have the same error.

Traceback (most recent call last):
File "Vxscan.py", line 30, in
from lib.common import start, bcolors
File "/opt/Vxscan/lib/common.py", line 13, in
from virustotal_python import Virustotal
File "/usr/local/lib/python3.5/dist-packages/virustotal_python/init.py", line 1, in
from virustotal_python.virustotal import Virustotal
File "/usr/local/lib/python3.5/dist-packages/virustotal_python/virustotal.py", line 27
print(f"Failed to import required modules: {err}")

安装psycopg2过程可能报错

解决方法
yum install -y postgresql-devel*

多域名扫描还是有问题

root@qA-year:~/Vxscan# python3 Vxscan.py -f hosts.txt

\ \ / /_ _____ ___ __ _ _ __
\ \ / /\ / / |/ / ` | ' \
\ V / > <_ \ (| (| | | | |
_/ /_/__/___,|| ||

PortScan：
[+] http:8080
[+] http:80
[+] http:443

Vuln：
[+] django url jump : http://XgXXX:8080
[+] http://XXX.XXX.com:8080 |XXX
[+] https://XXX.XXX.com |XXX
OS：
[+] Linux 3.2 - 3.8

running 162.181 seconds...

使用上的一点问题

有几个域名是禁ping的，所以扫描开始后直接就

1.1.1.1 is not alive

这种情况，有没有办法忽略这步检测啊。还有就是我想用代理来扫，有没有对应的参数啊，还是自己用proxychains来实现。

Thanks

Di tea to our big brother

继续来提BUG 7-1号的代码

202.101.164.75 is not alive

124.160.116.204 is not alive

PortScan：
[+] http:80
[+] http:443

Vuln：
[+] https://tj.dianping.com | 页面不存在 | 美团点评
OS：
[+] None

running 82.314 seconds...
root@qiang-year:/Vxscan# ls
db error.log hosts.txt lib LICENSE logo2.jpg logo.jpg README.md README.zh-CN.md report requirements.txt script Vxscan.py
root@qiang-year:/Vxscan# tail -500f error.log
2019-07-01 13:01:00,873 - /usr/lib/python3/dist-packages/urllib3/connection.py[line:360] - ERROR: Certificate did not match expected hostname: tj.dianping.com. Certificate: {'subject': ((('organizationalUnitName', 'Domain Control Validated'),), (('commonName', '.sankuai.com'),)), 'issuer': ((('countryName', 'US'),), (('stateOrProvinceName', 'Arizona'),), (('localityName', 'Scottsdale'),), (('organizationName', 'GoDaddy.com, Inc.'),), (('organizationalUnitName', 'http://certs.godaddy.com/repository/'),), (('commonName', 'Go Daddy Secure Certificate Authority - G2'),)), 'version': 3, 'serialNumber': '9292B75E6D7D9B3A', 'notBefore': 'Jun 18 03:12:13 2019 GMT', 'notAfter': 'Jul 11 02:56:01 2020 GMT', 'subjectAltName': (('DNS', '.sankuai.com'), ('DNS', 'sankuai.com')), 'OCSP': ('http://ocsp.godaddy.com/',), 'caIssuers': ('http://certificates.godaddy.com/repository/gdig2.crt',), 'crlDistributionPoints': ('http://crl.godaddy.com/gdig2s1-1180.crl',)}
2019-07-01 13:01:00,975 - /usr/lib/python3/dist-packages/urllib3/connection.py[line:360] - ERROR: Certificate did not match expected hostname: tj.dianping.com. Certificate: {'subject': ((('organizationalUnitName', 'Domain Control Validated'),), (('commonName', '.sankuai.com'),)), 'issuer': ((('countryName', 'US'),), (('stateOrProvinceName', 'Arizona'),), (('localityName', 'Scottsdale'),), (('organizationName', 'GoDaddy.com, Inc.'),), (('organizationalUnitName', 'http://certs.godaddy.com/repository/'),), (('commonName', 'Go Daddy Secure Certificate Authority - G2'),)), 'version': 3, 'serialNumber': '9292B75E6D7D9B3A', 'notBefore': 'Jun 18 03:12:13 2019 GMT', 'notAfter': 'Jul 11 02:56:01 2020 GMT', 'subjectAltName': (('DNS', '.sankuai.com'), ('DNS', 'sankuai.com')), 'OCSP': ('http://ocsp.godaddy.com/',), 'caIssuers': ('http://certificates.godaddy.com/repository/gdig2.crt',), 'crlDistributionPoints': ('http://crl.godaddy.com/gdig2s1-1180.crl',)}
2019-07-01 13:01:00,978 - /usr/lib/python3/dist-packages/urllib3/connection.py[line:360] - ERROR: Certificate did not match expected hostname: tj.dianping.com. Certificate: {'subject': ((('organizationalUnitName', 'Domain Control Validated'),), (('commonName', '.sankuai.com'),)), 'issuer': ((('countryName', 'US'),), (('stateOrProvinceName', 'Arizona'),), (('localityName', 'Scottsdale'),), (('organizationName', 'GoDaddy.com, Inc.'),), (('organizationalUnitName', 'http://certs.godaddy.com/repository/'),), (('commonName', 'Go Daddy Secure Certificate Authority - G2'),)), 'version': 3, 'serialNumber': '9292B75E6D7D9B3A', 'notBefore': 'Jun 18 03:12:13 2019 GMT', 'notAfter': 'Jul 11 02:56:01 2020 GMT', 'subjectAltName': (('DNS', '.sankuai.com'), ('DNS', 'sankuai.com')), 'OCSP': ('http://ocsp.godaddy.com/',), 'caIssuers': ('http://certificates.godaddy.com/repository/gdig2.crt',), 'crlDistributionPoints': ('http://crl.godaddy.com/gdig2s1-1180.crl',)}
2019-07-01 13:01:01,213 - /usr/lib/python3/dist-packages/urllib3/connection.py[line:360] - ERROR: Certificate did not match expected hostname: tj.dianping.com. Certificate: {'subject': ((('organizationalUnitName', 'Domain Control Validated'),), (('commonName', '.sankuai.com'),)), 'issuer': ((('countryName', 'US'),), (('stateOrProvinceName', 'Arizona'),), (('localityName', 'Scottsdale'),), (('organizationName', 'GoDaddy.com, Inc.'),), (('organizationalUnitName', 'http://certs.godaddy.com/repository/'),), (('commonName', 'Go Daddy Secure Certificate Authority - G2'),)), 'version': 3, 'serialNumber': '9292B75E6D7D9B3A', 'notBefore': 'Jun 18 03:12:13 2019 GMT', 'notAfter': 'Jul 11 02:56:01 2020 GMT', 'subjectAltName': (('DNS', '.sankuai.com'), ('DNS', 'sankuai.com')), 'OCSP': ('http://ocsp.godaddy.com/',), 'caIssuers': ('http://certificates.godaddy.com/repository/gdig2.crt',), 'crlDistributionPoints': ('http://crl.godaddy.com/gdig2s1-1180.crl',)}
2019-07-01 13:01:02,768 - /usr/lib/python3/dist-packages/urllib3/connection.py[line:360] - ERROR: Certificate did not match expected hostname: tj.dianping.com. Certificate: {'subject': ((('organizationalUnitName', 'Domain Control Validated'),), (('commonName', '.sankuai.com'),)), 'issuer': ((('countryName', 'US'),), (('stateOrProvinceName', 'Arizona'),), (('localityName', 'Scottsdale'),), (('organizationName', 'GoDaddy.com, Inc.'),), (('organizationalUnitName', 'http://certs.godaddy.com/repository/'),), (('commonName', 'Go Daddy Secure Certificate Authority - G2'),)), 'version': 3, 'serialNumber': '9292B75E6D7D9B3A', 'notBefore': 'Jun 18 03:12:13 2019 GMT', 'notAfter': 'Jul 11 02:56:01 2020 GMT', 'subjectAltName': (('DNS', '.sankuai.com'), ('DNS', 'sankuai.com')), 'OCSP': ('http://ocsp.godaddy.com/',), 'caIssuers': ('http://certificates.godaddy.com/repository/gdig2.crt',), 'crlDistributionPoints': ('http://crl.godaddy.com/gdig2s1-1180.crl',)}
2019-07-01 13:01:29,696 - Vxscan.py[line:338] - ERROR: local variable 'address' referenced before assignment
Traceback (most recent call last):
File "Vxscan.py", line 324, in pool
name, wafresult = start(host)
File "/root/Vxscan/lib/common.py", line 213, in start
'Address': address,
UnboundLocalError: local variable 'address' referenced before assignment

import error

Traceback (most recent call last):
File "Vxscan.py", line 11, in
from lib.options import options
File "/media/root/KALI2/Vxscan/lib/options.py", line 8, in
from lib.common import start
File "/media/root/KALI2/Vxscan/lib/common.py", line 12, in
from lib.web_info import web_info
File "/media/root/KALI2/Vxscan/lib/web_info.py", line 10, in
from plugins.ActiveReconnaissance.check_waf import checkwaf
ModuleNotFoundError: No module named 'plugins.ActiveReconnaissance'
even the folders are in proper order the script cannot find its import locations

扫描结束后生成的报告是空白的

Undefined names in pyh.py

flake8 testing of https://github.com/al0ne/Vxscan on Python 3.7.1

$ flake8 . --count --select=E9,F63,F72,F82 --show-source --statistics

./lib/pyh.py:143:11: F821 undefined name 'a'
    out = a(img(src='http://www.w3.org/Icons/valid-xhtml10',
          ^
./lib/pyh.py:143:13: F821 undefined name 'img'
    out = a(img(src='http://www.w3.org/Icons/valid-xhtml10',
            ^
./lib/pyh.py:152:17: F821 undefined name 'head'
        self += head()
                ^
./lib/pyh.py:153:17: F821 undefined name 'body'
        self += body()
                ^
./lib/pyh.py:155:22: F821 undefined name 'title'
        self.head += title(name)
                     ^
./lib/pyh.py:158:28: F821 undefined name 'head'
        if isinstance(obj, head) or isinstance(obj, body):
                           ^
./lib/pyh.py:158:53: F821 undefined name 'body'
        if isinstance(obj, head) or isinstance(obj, body):
                                                    ^
./lib/pyh.py:160:30: F821 undefined name 'meta'
        elif isinstance(obj, meta) or isinstance(obj, link):
                             ^
./lib/pyh.py:160:55: F821 undefined name 'link'
        elif isinstance(obj, meta) or isinstance(obj, link):
                                                      ^
./lib/pyh.py:170:26: F821 undefined name 'script'
            self.head += script(type='text/javascript', src=f)
                         ^
./lib/pyh.py:174:26: F821 undefined name 'link'
            self.head += link(rel='stylesheet', type='text/css', href=f)
                         ^
./lib/pyh.py:181:26: F821 undefined name 'style'
            self.head += style(txt, type="text/css")
                         ^
./lib/pyh.py:187:26: F821 undefined name 'script'
            self.head += script(txt, type="text/javascript")
                         ^
./script/solr_unauthorized_access.py:28:16: F632 use ==/!= to compare str, bytes, and int literals
            if g.status_code is 200 and 'Solr Admin' in g.content and 'Dashboard' in g.content:
               ^
1     F632 use ==/!= to compare str, bytes, and int literals
13    F821 undefined name 'a'
14

E901,E999,F821,F822,F823 are the "showstopper" flake8 issues that can halt the runtime with a SyntaxError, NameError, etc. These 5 are different from most other flake8 issues which are merely "style violations" -- useful for readability but they do not effect runtime safety.

F821: undefined name name
F822: undefined name name in __all__
F823: local variable name referenced before assignment
E901: SyntaxError or IndentationError
E999: SyntaxError -- failed to compile a file into an Abstract Syntax Tree

运行问题

我用的python3.7，运行端口跑出来了，操作系统出来了，就自动停止了，怎么回事呢，

安装依赖uvloop是报错，不支持windows，有什么好的解决办法嘛？

uvloop does not support Windows at the moment

使用绝对路径执行命令时，会出现以下错误

python3 /Users/admin/Documents/hack/SRC/src/lib/Vxscan/Vxscan.py -u darkless.cn -s vxscan

ERROR:root:[Errno 2] No such file or directory: 'data/apps.json'
Traceback (most recent call last):
  File "/Users/admin/Documents/hack/SRC/src/lib/Vxscan/lib/web_info.py", line 28, in web_info
    webinfo = WebPage(r.url, r.text, r.headers).info()
  File "/Users/admin/Documents/hack/SRC/src/lib/Vxscan/plugins/PassiveReconnaissance/wappalyzer.py", line 53, in __init__
    wappalyzer = Wappalyzer()
  File "/Users/admin/Documents/hack/SRC/src/lib/Vxscan/plugins/PassiveReconnaissance/wappalyzer.py", line 130, in __init__
    with open("data/apps.json", 'rb') as fd:
FileNotFoundError: [Errno 2] No such file or directory: 'data/apps.json'
ERROR:root:[Errno 2] No such file or directory: 'report/report.htm'
Traceback (most recent call last):
  File "/Users/admin/Documents/hack/SRC/src/lib/Vxscan/Vxscan.py", line 28, in <module>
    options()
  File "/Users/admin/Documents/hack/SRC/src/lib/Vxscan/lib/options.py", line 65, in options
    gener()
  File "/Users/admin/Documents/hack/SRC/src/lib/Vxscan/report.py", line 353, in gener
    with open('report/report.htm', 'r', encoding='utf-8') as f, open(name, 'w') as f1:
FileNotFoundError: [Errno 2] No such file or directory: 'report/report.htm'

为什么扫描生产的HTML报告用浏览器打开是空白的

请教一两个问题

你好，我想问下，dict.txt 这个字典是有什么作用？是常见的web路径么？
还有script文件下，可以自己添加自己写的poc么？如果自己写好，扫描的时候怎么调用？

Vxscan as a webservice

Hi @al0ne ,

Hope you are all well !

Would it be complicated to create a web-service mode for Vxscan with a celery queue ?

Thanks for any insights or inputs about that.

Cheers,
Luc Michalski

不能直接扫多个ip吗

扫多个ip的时候，直接就
[] https://github.com/al0ne/Vxscan
[] Scanning POC: True
[] Threads: 100
[] Target quantity: 201
[] Scanning Dir: True
[] Ping: True
[] CHECK_DB: False
[] Socks5 Proxy: ()

running 0.022 seconds...

就不继续扫描了啊？

之前说的问题还是存在哦

产生报告时的代码有问题

report.py中把dbname写死了，如果用户使用了-s参数指定数据库名称，导出的报告就是空白的。

拉取不到安装包

└─# wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
--2023-01-31 02:17:17-- https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
Resolving geolite.maxmind.com (geolite.maxmind.com)... failed: Name or service not known.
wget: unable to resolve host address ‘geolite.maxmind.com’

大佬们，这个问题怎么解决呢

ModuleNotFoundError: No module named 'lib.cli_output'

测试发现报错：ModuleNotFoundError: No module named 'lib.cli_output'
解决的方法：在目录lib下创建空文件__init__.py

分析：每一个包目录下面都会有一个__init__.py的文件，这个文件是必须存在的，否则，Python就把这个目录当成普通目录(文件夹)，而不是一个包。init.py可以是空文件，也可以有Python代码，因为__init__.py本身就是一个模块，而它的模块名就是对应包的名字。调用包就是执行包下的__init__.py文件。

=====补充====
树莓派2B+ （单纯的Arm版的Linux系统，基于Debian）+Python 3.7.3
可能我是个例吧，-_-||

URLS bug

每次扫描到的敏感文件都不一样

import socks 出错

我下载了 https://sourceforge.net/projects/socksipy/?source=typ_redirect 官方 sock.py，放在python3.6 的Lib 文件夹下

运行 python Vxcan.py -u http://127.0.0.1:808/upload-labs-master

运行时报错

File "E:\software\python3.6\lib\socks.py", line 199
raise Socks5AuthError,((3,_socks5autherrors[3]))

扫描网站没相应， DNS operation timed out

SyntaxError: invalid syntax

Hi, my system using Ubuntu 16.04 LTS, and i'm getting this problem when i'm running this command > "python3 Vxscan.py -h"
can u guide me please how to solve this issue? Thanks.

Traceback (most recent call last):
File "Vxscan.py", line 31, in
from lib.common import start, bcolors
File "/home/xxx/vxscan/Vxscan/lib/common.py", line 13, in
from virustotal_python import Virustotal
File "/home/xxx/.local/lib/python3.5/site-packages/virustotal_python/init.py", line 1, in
from virustotal_python.virustotal import Virustotal
File "/home/xxx/.local/lib/python3.5/site-packages/virustotal_python/virustotal.py", line 27
print(f"Failed to import required modules: {err}")
^

Running setup.py install for pycrypto ... error

win 10，python3.7，报错如题，请问有遇到的吗？如何解决的

ModuleNotFoundError: No module named '_cffi_backend'

Traceback (most recent call last):
File "Vxscan.py", line 11, in
from lib.options import options
File "/var/ios/Vxscan-master/lib/options.py", line 8, in
from lib.common import start
File "/var/ios/Vxscan-master/lib/common.py", line 10, in
from lib.verify import verify_https
File "/var/ios/Vxscan-master/lib/verify.py", line 9, in
from lib.Requests import Requests
File "/var/ios/Vxscan-master/lib/Requests.py", line 10, in
import OpenSSL
File "/usr/lib/python3/dist-packages/OpenSSL/init.py", line 8, in
from OpenSSL import crypto, SSL
File "/usr/lib/python3/dist-packages/OpenSSL/crypto.py", line 12, in
from cryptography import x509
File "/usr/lib/python3/dist-packages/cryptography/x509/init.py", line 8, in
from cryptography.x509.base import (
File "/usr/lib/python3/dist-packages/cryptography/x509/base.py", line 16, in
from cryptography.x509.extensions import Extension, ExtensionType
File "/usr/lib/python3/dist-packages/cryptography/x509/extensions.py", line 18, in
from cryptography.hazmat.primitives import constant_time, serialization
File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/constant_time.py", line 9, in
from cryptography.hazmat.bindings._constant_time import lib
ModuleNotFoundError: No module named '_cffi_backend'

报错如上

程序运行后一闪而过就完成怎么解决？

已经禁止ping了，还是不行。