probe

if params.len != 1 or params[0] == "-h" or params[0] == "--help" then exit(command_info("<b>probe [IP]</b>"))
if not is_valid_ip(params[0]) then exit("probe: invalid ip address")
if not get_shell.host_computer.is_network_active then exit("probe: can't connect. No internet access.")router = get_router(params[0])
ports = router.used_ports
devices = router.devices_lan_ip
print("\n<b>PORTS:</b>")
info = "PORT STATE SERVICE VERSION LAN"
for port in portsother_ip = port.get_lan_ipport_status = "Open"if port.is_closed thenport_status = "Closed"end ifinfo = info + "\n" + port.port_number + " " + port_status + " " + router.port_info(port) + " " + other_ip
end for
print(format_columns(info))
print("\n<b>DEVICES:</b>")
info = "DEVICE LAN STATE PORTS"
COMPUTERS = ""
ROUTERS = ""
SWITCHS = ""for device in devicesDP = router.device_ports(device)port_list = []for P in DPif typeof(P) != "port" then port_list = "Unreachable"breakend ifport_list = port_list + [P.port_number]end forport_list_str = "["for port in port_listport_list_str = port_list_str + str(port) + ","end forif(port_list_str == "[") then port_list_str = "[]"elseport_list_str = port_list_str[:-1] + "]"end ifnew_router = get_router(device)new_switch = get_switch(device)if new_router != null thenSTATE = new_router.firewall_rulesif STATE == [] thenSTATE = "None"elseSTATE = STATE[0].split(" ")[0]end ifif new_switch != null thenSWITCHS = SWITCHS + "SWITCH " + device + " " + STATE + " " + port_list_str + "\n"elseROUTERS = ROUTERS  + "ROUTER " + device + " " + STATE + " " + port_list_str + "\n"end ifend ifif new_switch == null and new_router == null thenif port_list != [] and port_list[0] == 8080 thenif device == router.local_ip thenSTATE = router.firewall_rulesif STATE == [] then STATE = "None"elseSTATE = "Unknown"end ifROUTERS = ROUTERS  + "ROUTER " + device + " " + STATE + " " + port_list_str + "\n"elseCOMPUTERS = COMPUTERS + "COMPUTER " + device + " " + "Null" + " " + port_list_str + "\n"end ifend if
end for
info = info + "\n" + COMPUTERS + "\n" + ROUTERS + "\n" + SWITCHS
print(format_columns(info))

使用方法

函数名【公网IP】

效果

可以扫描到比nmap更多的信息
nmap的

probe

routerpcscan

if params.len != 2 or params[0] == "-h" or params[0] == "--help" then exit("<b>Usage: "+program_path.split("/")[-1]+" [ip_address] [LAN_address]</b>")
metaxploit = include_lib("/lib/metaxploit.so")
if not metaxploit thenmetaxploit = include_lib(current_path + "/metaxploit.so")
end if
if not metaxploit then exit("Error: Can't find metaxploit library in the /lib path or the current folder")address = params[0]
net_session = metaxploit.net_use( address )
if not net_session then exit("Error: can't connect to net session")
libKernel = net_session.dump_libprint("\nFounded " + libKernel.lib_name + " "+ libKernel.version)if not libKernel then exit("Error: " + libName + " not found.")lanIp = params[1]kernel_router_exploits = metaxploit.scan(libKernel)lanIp = lanIp.split(".")
Head = lanIp[0]+"."+lanIp[1]+"."+lanIp[2]+"."
End = lanIp[-1].to_intGetKeyword = function()for kernel_router_exploit in kernel_router_exploitsresult_lists = metaxploit.scan_address(libKernel, kernel_router_exploit).split("Unsafe check: ")[1:]for result_list in result_liststarget_str = result_list.split(".")[0]target_key = target_str.split(" ")[-1]for _ in range(1, 255, 1)if _ != End thenresult = libKernel.overflow(kernel_router_exploit, target_key[3:-4], Head + str(_))if typeof(result) == "computer" thenreturn [kernel_router_exploit, target_key[3:-4]]else if typeof(result) != "null" and typeof(result) != "computer" thenbreakend ifend ifend forif typeof(result) != "null" and typeof(result) != "computer" then continueend forend for
end functionKey = GetKeyword()Output = ""for _ in range(1, 255, 1)if _ != End thenresult = libKernel.overflow(Key[0], Key[1], Head + str(_))if typeof(result) == "computer" thenOutput = Output + Head + str(_) + "\n"end ifend if
end for
clear_screen
if Output == "" then exit("<b>Fail...</b>")
elseprint("<b>Found Computers: </b>\n")print(Output)
end if

使用方法

函数名【公网IP】【路由器局域网IP】

效果

配合probe的扫描结果可搜寻该局域网路由器下的computer

【 Grey Hack 】加强版nmap相关推荐

【 Grey Hack 】综合工具 shellOs
目录交互界面基本功能本地攻击攻击本机远程攻击应用程序扫描功能更新IP并扫描深度扫描黑入功能类shell交互界面一些特殊命令 bounce run ScanPsw vim bui ...
【 Grey Hack 】大数四则运算
目录效果加减乘除乘方源码版本:Grey Hack v0.7.3619 - Alpha 在Gs中,位数大于15的整数将以科学计数法显示,故这里提供一种基于字符串加法的四则大数运算算法.由 ...
【 Grey Hack 】WIFI万能钥匙
目录脚本源码使用方法效果版本:Grey Hack v0.7.3618 - Alpha 脚本源码 computer = get_shell.host_computer status = &quo ...
【 Grey Hack 】记一次被黑经历
目录又被搞了版本:Grey Hack v0.7.3618 - Alpha 胆大包天的我黑进游戏内shop的IP后,顺着其上面的日志溯源到不少疑似其他玩家租的服务器,暂时没什么进展不久后回到桌面才 ...
【 Grey Hack 】万金油脚本：常见端口修改Password
目录脚本源码用法效果及示例版本:Grey Hack v0.7.3618 - Alpha 适用于SSH (22) 端口.FTP (21) 端口.HTTP (80) 端口.SMTP (25) 端口 ...
【 Grey Hack 】万金油脚本：原地提权工具
目录脚本源码用法效果及示例版本:Grey Hack v0.7.3618 - Alpha 脚本源码 metaxploit = include_lib("/lib/metaxploit. ...
【 Grey Hack 】反向Shell
目录调查准备反向shell 反向shell 提权版本:Grey Hack v0.7.3618 - Alpha 如图,本案例中目标IP尚未开放常见端口调查通过路由器获得目标PC的用户邮箱账号和 ...
【 Grey Hack 】万金油脚本：在路由器上获取shell
目录脚本源码用法效果及示例版本:Grey Hack v0.7.3618 - Alpha 脚本源码 if params.len != 2 or params[0] == "-h&quo ...
【 Grey Hack 】万金油脚本：从路由器获取Password
目录脚本源码用法效果及示例版本:Grey Hack v0.7.3618 - Alpha 脚本源码 if params.len != 2 or params[0] == "-h&quo ...

【 Grey Hack 】加强版nmap

目录

probe

使用方法

效果

routerpcscan

使用方法

效果

【 Grey Hack 】加强版nmap相关推荐

最新文章

热门文章