Golang写的一款子域名爆破工具
由于疫情的横行,只能躲在家里进行学习,根据这几天的学习成果,写了一款子域名爆破的工具。
该工具开源代码如下,哪里需要改进的可以自行修改,根据字典来爆破,支持多线程。
package main
import (
"bufio"
"fmt"
"net"
"net/http"
"os"
"strconv"
"strings"
"time"
)
type aoligei struct { // 结构体
Channel chan string
Domain string
Dict string
Num int
Taskend int
} //整体结构体
func (this *aoligei) Sondomain() (resurl string) { //域名生成器
var buffer=make([]byte,1024*9999)
file,err:=os.Open(this.Dict)
if err!=nil{
fmt.Println("文件不存在")
os.Exit(0)
}
f:=bufio.NewReader(file)
n,_:=f.Read(buffer)
url:=string(buffer[:n])
urlok:=strings.Split(url,"\r\n")
this.Num++
if this.Num>=len(urlok){
return "END"
}
if strings.Contains(this.Domain,"http"){
this.Domain=strings.Replace(this.Domain,"http://","",-1)
}
if strings.Contains(this.Domain,"https"){
this.Domain=strings.Replace(this.Domain,"https://","",-1)
}
resurl="http://" +urlok[this.Num]+"."+this.Domain
return
}// 该方法控制域名的生成
func (this *aoligei) Geturl() { //中枢处理器
Loop:
for {
select {
case value, ok := <-this.Channel:
if value!="END"{
if ok {
c := &http.Client{}
req, _ := http.NewRequest("GET", value, nil)
res, err := c.Do(req)
if err != nil {
} else {
code := res.Status
if code == "200 OK" {
var url string
if strings.Contains(value,"http"){
url=strings.Replace(value,"http://","",-1)
}
if strings.Contains(value,"https"){
url=strings.Replace(value,"https://","",-1)
}
conn,_:=net.Dial("ip:icmp",url)
add:=conn.RemoteAddr()
fmt.Printf("爆破成功>>>>>> domain:%s ip:%s SUCCESS\n",value,add)
_, err := os.Open("ok.txt")
if err != nil {
f, _ := os.OpenFile("ok.txt", os.O_RDWR|os.O_CREATE, 0666)
defer f.Close()
file := bufio.NewWriter(f)
file.WriteString(value + "\r\n")
file.Flush()
} else {
f, _ := os.OpenFile("ok.txt", os.O_RDWR|os.O_APPEND, 0666)
defer f.Close()
file := bufio.NewWriter(f)
file.WriteString(value + "\r\n")
file.Flush()
}
} else {
}
defer res.Body.Close()
}
}
}else{
this.Taskend++
break Loop
}
case <-time.After(time.Second*3):
}
}
}
func (this *aoligei) Putdomin(thread int)(end int){ //数据投入器
for{
this.Channel<-this.Sondomain()
if this.Taskend==thread{
end=889
}
return
}
}//投入channel管道里面
func test()(dict string,url string,thread int){
defer func() {
err:=recover()
if err!=nil{
fmt.Println("参数不能为空值,错误。BY:wineme")
os.Exit(0)
}
}()
if len(os.Args)==1{
fmt.Println(`子域名爆破[+++++]
作者:BY WINEME - ANONYMOUSE
BEAUTIFULE ON PRETTY DOG~
[程序.exe] -u URL -f DICTFILE.TXT -t THREAD
博客:https://www.cnblogs.com/wineme/ - 菜鸡一枚`)
os.Exit(0)
}
for k,v:=range os.Args{
if v=="-u"{
url=os.Args[k+1]
}
if v=="-t"{
a,_:=strconv.Atoi(os.Args[k+1])
thread=a
}
if v=="-f"{
dict=os.Args[k+1]
}
}
return
} //该方法收集用户输入的参数
func main() {
var Channel=make(chan string,50)
dict,url,thread:=test()
if dict==""||url==""||thread==0{
fmt.Println("参数不全,重新填写 BY:wineme")
os.Exit(0)
}
menu:=&aoligei{
Channel:Channel,
Domain:url,
Dict:dict,
}
typeword:="A,N,O,N,Y,M,O,U,S,E,—,—,—,—,—,—,—,—,W,I,N,E,M,E\n"
start:=strings.Split(typeword,",")
for i:=0;i<len(start);i++{
fmt.Printf("%s",start[i])
<-time.After(time.Millisecond*50)
}
typeword2:="2,0,1,3,年,/,/,/,/,/,/,/,/,|,\\,\\,\\,\\,\\,\\,\\,2,0,2,0,年\n"
start2:=strings.Split(typeword2,",")
for i:=0;i<len(start2);i++{
fmt.Printf("%s",start2[i])
<-time.After(time.Millisecond*50)
}
for i:=0;i<thread;i++{
go menu.Geturl()
}
for{
endok:=menu.Putdomin(thread)
if endok==889{
fmt.Println("爆破完毕,携程退出 BY:wineme")
typeword3:="I+N+ +Y+O+U+N+G+ +I+ +H+A+V+E+ +A+ +D+R+E+A+M+,+I+S+ +H+A+C+K+,+B+E+ +I+N+T+E+R+N+E+T+ +D+E+A+B+E+W+,+F+O+R+ +T+H+I+S+,+I+ +F+O+R+G+E+T+ +T+O+O+ +M+U+C+H+,+L+O+V+E+ +F+R+I+E+N+D+ +A+N+D+ +S+T+U+D+Y+,+B+U+T+ +I+ +D+O+N+'+T+ +R+E+G+R+E+T+,+B+E+C+A+U+S+E+ +I+ +T+H+I+N+K+ +T+H+I+S+ +I+ +P+A+Y+ +I+S+ +B+E+ +W+O+R+T+H+.+.+.+.+.+.+.+.+.+.+.+.+.+."
start3:=strings.Split(typeword3,"+")
for i:=0;i<len(start3);i++{
fmt.Printf("%s",start3[i])
<-time.After(time.Millisecond*50)
}
break
}
}
}
下面是程序的测试结果,确实可以爆破出东西来。
浙公网安备 33010602011771号