昨天叫LIVING帮忙扫描几个IP 覆盖全部端口~~~他老抱怨说XSCAN支持多核CPU不理想,整天出错!我郁闷之下开发了个WEBSHELL上面扫描的程序,直接把IP 添加到 作业系统那里~让服务器自动扫描!即使我们关了浏览器...!我们过N天之后上去看看扫描结果就OK~~ 不用管它了 自己忙自己的事!....
平台兼容: RESIN TOMCAT WEBLOGIC WEBSPHERE JBOSS
程序未来展望:开发对于数据库暴力破解 ,SSH暴力破解 , MD5暴力破解!多个WEBSHELL通讯进行分布式
以下为代码:
<%@page import="java.util.*,java.io.*,java.net.*" %>
<%@page pageEncoding="gbk"%>
<%!
//author : kj021320(nonamed)
//blog : http://blog.csdn.net/kj021320/
ArrayList threadScheduler=new ArrayList();//JOB Scheduler
public class JobConsole{
ArrayList subThreadsPool=new ArrayList();//sub Threads pool
public int port;//开始端口
public int endPort;//结束端口
public int state=0;//0进行 1暂停 2停止
public String host;//IP地址
public String errMsg="";//错误信息
public StringBuffer succMsg=new StringBuffer();//成功信息
public int threadCount=0;
public void start(){
for(int c=1;c<=threadCount;c++){
ScanThread st=new ScanThread();
st.parent=this;
subThreadsPool.add(st);
st.start();
st=null;
}
}
}
//创建一个扫描的线程类
public class ScanThread extends Thread{
public JobConsole parent;
public int port;//开始端口
public void run(){
for(;port<=parent.endPort;){
synchronized(parent){port=parent.port++;}//同步处理端口问题
while(parent.state==1){
try{Thread.sleep(3000);}catch(Exception e){parent.errMsg=e.getMessage();}
}
if(parent.state==2){return;}
try {
Socket s=new Socket(parent.host,port);
synchronized(parent.succMsg){
parent.succMsg.append(port+",");
}
s.close();
} catch (UnknownHostException e) {
parent.endPort=0;
synchronized(parent.errMsg){
parent.errMsg=e.getMessage();
}
} catch (IOException e) {
}
}
parent.state=2;
}
}
%>
<%
//System.out.println(request.getQueryString());
String action = request.getParameter("Action");
if(action!=null&&!"".equals(action)){
if("AddToScan".equals(action)){
String host=request.getParameter("host");//取得主机名字
String port=request.getParameter("port");//取得开始port
String endPort=request.getParameter("endPort");//取得结束port
String thread=request.getParameter("thread");//取得线程
JobConsole jc=new JobConsole();
jc.host=host;
jc.port=Integer.parseInt(port);
jc.endPort=Integer.parseInt(endPort);
jc.threadCount=Integer.parseInt(thread);
threadScheduler.add(jc);
jc.start();
jc=null;
}else if("del".equals(action)){
int num=Integer.parseInt(request.getParameter("id"));
JobConsole jc=(JobConsole)threadScheduler.remove(num);
jc.state=2;//更改状态为stop
jc.subThreadsPool.clear();//清楚线程池里面的所有线程
jc=null;
System.gc();
}else if("Run".equals(action)){
int num=Integer.parseInt(request.getParameter("id"));
JobConsole jc=(JobConsole)threadScheduler.get(num);
jc.state=0;//running 状态
jc.start();//重新开始
jc=null;
System.gc();//清除垃圾
}else if("Pause".equals(action)){
int num=Integer.parseInt(request.getParameter("id"));
JobConsole jc=(JobConsole)threadScheduler.get(num);
jc.state=1;//pause 状态
jc=null;
System.gc();//清除垃圾
}else if("Continue".equals(action)){
int num=Integer.parseInt(request.getParameter("id"));
JobConsole jc=(JobConsole)threadScheduler.get(num);
jc.state=0;//running 状态
jc=null;
System.gc();//清除垃圾
}else{
out.println("<TABLE><TR><TD>JOB</TD><TD>THREAD</TD><TD>STATE</TD><TD>HOST</TD><TD>SCANNING...</TD><TD>END PORT</TD><TD>SUCC MSG</TD><TD>ERR MSG</TD><TD>ACTION</TD></TR>");
int count=threadScheduler.size();
for(int i=0;i<count;i++){
JobConsole jc=(JobConsole)threadScheduler.get(i);
String scanState="";
String operate="";
switch(jc.state){
case 0:scanState="running";operate="<input type=button value=Pause onclick=/"ThreadOperate('Pause',"+i+")/">";break;
case 1:scanState="pause";operate="<input type=button value=Continue onclick=/"ThreadOperate('Continue',"+i+")/">";break;
case 2:scanState="stop";operate="<input type=button value=Run onclick=/"ThreadOperate('Run',"+i+")/">";break;
}
out.println("<TR><TD>"+i+"</TD><TD>"+jc.threadCount+"</TD>");
out.println("<TD>"+scanState+"</TD><TD>"+jc.host+"</TD><TD>"+(jc.port-1)+"</TD><TD>"+jc.endPort+"</TD>");
out.println("<TD>"+jc.succMsg+"</TD><TD>"+jc.errMsg+"</TD><TD><input type=button value=Drop onclick='DropThread("+i+");'>"+operate+"</TD></TR>");
jc=null;
}
out.println("<TR><TD></TD><TD></TD><TD></TD><TD></TD><TD></TD></TR></TABLE>");
}
return;
}
%>
<HTML xmlns:v="urn:schemas-microsoft-com:vml">
<HEAD>
<TITLE>ISTO Extreme JScanning 1.0</TITLE>
<style type="text/css">
v/:*{behavior:url(#default#VML);position:absolute;}
body,td{font-size: 12px;}
body,td{font-size:12px;}
table{T:expression(this.border='1',this.borderColorLight='Black',this.borderColorDark='White');}
input,select{font-size:12px;color:#000000;}
input{border-color:"#000000";color:#008800;background-color:#333333;}
body{margin-left:0px;margin-top:0px;margin-right:0px;margin-bottom:0px;}
td{white-space:nowrap;}
a{color:black;text-decoration:none; color:#008800;}
</style>
<SCRIPT>
//common
String.prototype.trim = function()
{
return this.replace(/(^/s*)|(/s*$)/g, "");
}
String.prototype.ltrim = function()
{
return this.replace(/(^/s*)/g, "");
}
String.prototype.rtrim = function()
{
return this.replace(/(/s*$)/g, "");
}
function createXmlHttpRequest(){//create AJAX CONSOLES
if(window.ActiveXObject){
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}else if(window.XMLHttpRequst){
xmlHttp=new XMLHttpRequst();
}
}
//ref需要信息的组件
function getTheMessage(ref){
if(xmlHttp.readyState==4){
if(xmlHttp.status==200){
var replaceStr;
replaceStr=xmlHttp.responseText;
replaceStr=replaceStr.trim();
if(replaceStr!=""&&ref){
ref.innerHTML=replaceStr;
}
return replaceStr;
}else{
return "";
}
}else{
return "";
}
}
//str:connection HTTP URL
//code:eval the code
function openUrlXmlHttpRequstEval(str,code){
url=str;
createXmlHttpRequest();
xmlHttp.open("get",url,true);
xmlHttp.onreadystatechange=function tmp(){eval(code);};
xmlHttp.send();
}
//str:connection HTTP URL
//ref:replace the HTML consoles
function openUrlXmlHttpRequstReplace(str,ref){
url=str;
createXmlHttpRequest();
xmlHttp.open("get",url,true);
xmlHttp.onreadystatechange=function tmp(){getTheMessage(ref);};
xmlHttp.send();
}
</SCRIPT>
<SCRIPT>
//user define functions
//add to scan
function post(){
if(S.host.value!=""){
if(!isNaN(S.endPort.value)&&parseInt(S.endPort.value)<=65535){
if(!isNaN(S.port.value)&&parseInt(S.port.value)<=parseInt(S.endPort.value)&&parseInt(S.port.value)>0){
var url="?Action=AddToScan&host="+S.host.value+"&thread="+S.thread.value+"&port="+S.port.value+"&endPort="+S.endPort.value+"&"+Math.random();
openUrlXmlHttpRequstEval(url,"");S.port.value="";
S.host.value="";S.endPort.value="";
alert("add success");
}else{
alert("set start port error");
}
}else{
alert("set end port error");
}
}else{
alert("HOST can't empty");
}
}
//view pool
function viewSchedulerPool(){
openUrlXmlHttpRequstReplace("?Action="+Math.random(),document.all.pool);
}
//drop the scanning Thread
function DropThread(num){
if(confirm('Are U sure?')){
var url="?Action=del&id="+num+"&"+Math.random();
openUrlXmlHttpRequstEval(url,"");
}
}
function ThreadOperate(ope,id){
if(confirm('Are U sure?')){
var url="?Action="+ope+"&id="+id+"&"+Math.random();
openUrlXmlHttpRequstEval(url,"");
}
}
setInterval("viewSchedulerPool()",3000);
</Script>
</HEAD>
<BODY text=#00ff00 vLink=#008000 aLink=#008000 link=#008000 bgColor=#000000 >
<CENTER>
Scheduler Pool:
<div id=pool></div>
<HR>
<FORM METHOD=POST NAME='S'>
HOST:<INPUT TYPE="text" NAME="host">
START PORT:<INPUT TYPE="text" NAME="port" size="4" maxlength="5">
END PORT:<INPUT TYPE="text" NAME="endPort" size="4" maxlength="5">
THREAD:<SELECT NAME="thread"><OPTION value=1>1</OPTION><OPTION value=2>2</OPTION><OPTION value=3>3</OPTION><OPTION value=4>4</OPTION><OPTION value=5>5</OPTION><OPTION value=6>6</OPTION><OPTION value=7>7</OPTION><OPTION value=8>8</OPTION><OPTION value=9>9</OPTION><OPTION value=10>10</OPTION></SELECT>
<INPUT TYPE="button" value="AddToScan" NAME="Action" onclick="post();";>
</FORM>
</CENTER>
<v:Textbox id=istuFullname style='FONT-SIZE:30;Z-INDEX:3201;FILTER:alpha(opacity=100,style=2) blur(add=0,direction=14,strength=5) wave(add=1,freq=,lightstrength=5,phase=5,strength=2) glow(color=#d9f281,strength=3) ;LEFT:10%;COLOR:#f17a35;FONT-FAMILY:@黑体;TOP:35%' inset='5pt,5pt,5pt,5pt'> - = Information Security Technology Organization = - </v:Textbox>
<a onclick="javascript:window.open('http://www.isto.cn');">
<v:Textbox id=istu style="FONT-SIZE:80;Z-INDEX:3177;FILTER:alpha(opacity=100,style=2) blur(add=0,direction=14,strength=5) wave(add=1,freq=,lightstrength=5,phase=5,strength=8) glow(color=#cbb749,strength=1) invert;LEFT:23%;COLOR:black;WORD-BREAK:break-all;FONT-FAMILY:Arial Black;TOP:45%" inset="5pt,5pt,5pt,5pt" print="false">-= I.S.T.O =-</v:Textbox>
</a>
</BODY>
</HTML>