目錄

• probe
• • 使用方法
  • 效果
• routerpcscan
• • 使用方法
  • 效果

版本：Grey Hack v0.7.3618 - Alpha

---

probe

if params.len != 1 or params[0] == "-h" or params[0] == "--help" then exit(command_info("<b>probe [IP]</b>")) if not is_valid_ip(params[0]) then exit("probe: invalid ip address") if not get_shell.host_computer.is_network_active then exit("probe: can't connect. No internet access.")router = get_router(params[0]) ports = router.used_ports devices = router.devices_lan_ip print("\n<b>PORTS:</b>") info = "PORT STATE SERVICE VERSION LAN" for port in portsother_ip = port.get_lan_ipport_status = "Open"if port.is_closed thenport_status = "Closed"end ifinfo = info + "\n" + port.port_number + " " + port_status + " " + router.port_info(port) + " " + other_ip end for print(format_columns(info)) print("\n<b>DEVICES:</b>") info = "DEVICE LAN STATE PORTS" COMPUTERS = "" ROUTERS = "" SWITCHS = ""for device in devicesDP = router.device_ports(device)port_list = []for P in DPif typeof(P) != "port" then port_list = "Unreachable"breakend ifport_list = port_list + [P.port_number]end forport_list_str = "["for port in port_listport_list_str = port_list_str + str(port) + ","end forif(port_list_str == "[") then port_list_str = "[]"elseport_list_str = port_list_str[:-1] + "]"end ifnew_router = get_router(device)new_switch = get_switch(device)if new_router != null thenSTATE = new_router.firewall_rulesif STATE == [] thenSTATE = "None"elseSTATE = STATE[0].split(" ")[0]end ifif new_switch != null thenSWITCHS = SWITCHS + "SWITCH " + device + " " + STATE + " " + port_list_str + "\n"elseROUTERS = ROUTERS + "ROUTER " + device + " " + STATE + " " + port_list_str + "\n"end ifend ifif new_switch == null and new_router == null thenif port_list != [] and port_list[0] == 8080 thenif device == router.local_ip thenSTATE = router.firewall_rulesif STATE == [] then STATE = "None"elseSTATE = "Unknown"end ifROUTERS = ROUTERS + "ROUTER " + device + " " + STATE + " " + port_list_str + "\n"elseCOMPUTERS = COMPUTERS + "COMPUTER " + device + " " + "Null" + " " + port_list_str + "\n"end ifend if end for info = info + "\n" + COMPUTERS + "\n" + ROUTERS + "\n" + SWITCHS print(format_columns(info))

使用方法

函數(shù)名 【公網(wǎng)IP】

效果

可以掃描到比nmap更多的信息
nmap的

probe

routerpcscan

if params.len != 2 or params[0] == "-h" or params[0] == "--help" then exit("<b>Usage: "+program_path.split("/")[-1]+" [ip_address] [LAN_address]</b>") metaxploit = include_lib("/lib/metaxploit.so") if not metaxploit thenmetaxploit = include_lib(current_path + "/metaxploit.so") end if if not metaxploit then exit("Error: Can't find metaxploit library in the /lib path or the current folder")address = params[0] net_session = metaxploit.net_use( address ) if not net_session then exit("Error: can't connect to net session") libKernel = net_session.dump_libprint("\nFounded " + libKernel.lib_name + " "+ libKernel.version)if not libKernel then exit("Error: " + libName + " not found.")lanIp = params[1]kernel_router_exploits = metaxploit.scan(libKernel)lanIp = lanIp.split(".") Head = lanIp[0]+"."+lanIp[1]+"."+lanIp[2]+"." End = lanIp[-1].to_intGetKeyword = function()for kernel_router_exploit in kernel_router_exploitsresult_lists = metaxploit.scan_address(libKernel, kernel_router_exploit).split("Unsafe check: ")[1:]for result_list in result_liststarget_str = result_list.split(".")[0]target_key = target_str.split(" ")[-1]for _ in range(1, 255, 1)if _ != End thenresult = libKernel.overflow(kernel_router_exploit, target_key[3:-4], Head + str(_))if typeof(result) == "computer" thenreturn [kernel_router_exploit, target_key[3:-4]]else if typeof(result) != "null" and typeof(result) != "computer" thenbreakend ifend ifend forif typeof(result) != "null" and typeof(result) != "computer" then continueend forend for end functionKey = GetKeyword()Output = ""for _ in range(1, 255, 1)if _ != End thenresult = libKernel.overflow(Key[0], Key[1], Head + str(_))if typeof(result) == "computer" thenOutput = Output + Head + str(_) + "\n"end ifend if end for clear_screen if Output == "" then exit("<b>Fail...</b>") elseprint("<b>Found Computers: </b>\n")print(Output) end if

使用方法

函數(shù)名 【公網(wǎng)IP】【路由器局域網(wǎng)IP】

效果

配合probe的掃描結(jié)果可搜尋該局域網(wǎng)路由器下的computer

創(chuàng)作挑戰(zhàn)賽新人創(chuàng)作獎(jiǎng)勵(lì)來(lái)咯，堅(jiān)持創(chuàng)作打卡瓜分現(xiàn)金大獎(jiǎng)

總結(jié)

以上是生活随笔為你收集整理的【 Grey Hack 】加强版nmap的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。