当前位置:网站首页>Ladongo open source full platform penetration scanner framework

Ladongo open source full platform penetration scanner framework

2020-11-07 21:28:27 Brother K8

brief introduction

LadonGo An open source penetration scanner framework , It can be easily detected in batches C paragraph 、B Segment survival host 、 fingerprint identification 、 Port scanning 、 Code explosion 、 High risk vulnerability detection, etc .1.0 Version contains 11 Module functions , High risk vulnerability detection MS17010、SmbGhost, Code explosion SmbScan、SshScan、FtpScan、MysqlScan, Survival detection / information gathering / fingerprint identification PingScan、IcmpScan,BannerScan、WeblogicScan, Port scanning PortScan.

Function module

Detection:
PingScan (Using system ping to detect Online hosts)
IcmpScan (Using ICMP Protocol to detect Online hosts)
BannerScan (Using HTTP Protocol to detect Banner hosts)
WeblogicScan (Using T3 Protocol to detect Weblogic hosts)
PortScan (Scan hosts open ports using TCP protocol)
MS17010 (Using SMB Protocol to detect MS17010 hosts))
SmbGhost (Using SMB Protocol to detect SmbGhost hosts))

BruteForce:
SmbScan (Using SMB Protocol to Brute-For 445 Port))
SshScan (Using SSH Protocol to Brute-For 22 Port))
FtpScan (Using FTP Protocol to Brute-For 21 Port))
MysqlScan (Using Mysql Protocol to Brute-For 3306 Port))

Source code compilation

go get github.com/k8gege/LadonGo
go build Ladon.go

Use the tutorial

help

Ladon help
Ladon Detection
Ladon BruteForce

usage

Ladon IP/ machine name /CIDR Scanning module

Example

information gathering 、 Vulnerability detection

Ping scanning C Segment survival host ( Arbitrary permissions )
Ladon 192.168.1.8/24 PingScan

ICMP scanning C Segment survival host ( Administrator rights )
Ladon 192.168.1.8/24 IcmpScan

SMB scanning C Duan yongzhilan MS17010 Vulnerability host
Ladon 192.168.1.8/24 MS17010

SMB scanning C Duan yongzhihei SmbGhost Vulnerability host
Ladon 192.168.1.8/24 SmbGhost

T3 scanning C Duan Kaikai WebLogic The host
Ladon 192.168.1.8/24 T3Scan

HTTP scanning C Duan Kaikai Web Site Banner
Ladon 192.168.1.8/24 BannerScan

Code explosion 、 Weak password

scanning C paragraph 445 port Windows Machine weak password
Ladon 192.168.1.8/24 SmbScan

scanning C paragraph 22 port Linux machine SSH Weak password
Ladon 192.168.1.8/24 SshScan

scanning C paragraph 21 port FTP Server weak password
Ladon 192.168.1.8/24 FtpScan

scanning C paragraph 3306 port Mysql Server weak password
Ladon 192.168.1.8/24 MysqlScan

Scanning speed

1. and Ladon equally ,ICMP Probe C The paragraph only needs 1 second
2.Ping scanning C It's about 11 second , Support arbitrary permissions
3. Other modules test themselves

Cross platform / The whole platform / The whole system

TestOn

Kali 2019
SUSE 10
CentOS 5.8
CentOS 6.8
Fedora5
XP、2003、Win7、Win8.1、Win10、2008 R2、2012 R2
RedHat5.7
BT5-R3 (Ubuntu 8)
MacOS 10.15

The above system test is successful , Other systems are not tested , If some systems do not support self compiling

MacOS x64 10.15

image

Linux

image

Windows

image

Download

LadonGo (ALL OS)

https://github.com/k8gege/LadonGo

Ladon (Windows & Cobalt Strike)

Version history : https://github.com/k8gege/Ladon/releases
7.0 edition :http://k8gege.org/Download
7.5 edition :K8 Small dense circle

Why use GO

existing Ladon Version is not compatible with some systems , The agent lost his bag again. It was very painful . although Python Version is also cross platform , But the compilation volume is big , Second, some dependent packages ( Rely on the underlying Library ) In some systems, it is very troublesome to install or even cannot install , Some compile can not be executed and other reasons . So I learned again these days GO, Learn now, sell now, use Golang rewrite Ladon frame , First add some functions to see the effect ,GO and PY It's pretty simple , When the frame is finished , Using the open source library, you can add several function modules in one go , And then measure 14 Program compatibility under operating systems , Regardless of performance 、 Volume 、 Compatibility is far away Python A few blocks , Most importantly, the compiled program can be executed on some old operating systems ,Python May be limited by py edition 、 Dependent packages or GCC、GLID、SSL Wait for the library version to affect ,Go It can solve these problems very well .

shortcoming : quite a lot API The library is not encapsulated or cannot be used at all , Want to achieve Ladon All or half of the functions of , It can't be done for two or three months , Such as Ladon Of OsScan The protocol used in the module is better than this LadonGo 1.0 current 11 More functions . If you use Python It would be very fast , Various dependency Libraries 、 All kinds of existing POC, Write the scan frame , If you change it a little bit, it's a very versatile scanner , But the goal PY Version low 、 The operating system is old , Local compilers can't run even if they're lost , You can't compile locally , So choose GO.

版权声明
本文为[Brother K8]所创,转载请带上原文链接,感谢