eviltik / evilscan Goto Github PK
View Code? Open in Web Editor NEWNodeJS Simple Network Scanner
Home Page: https://github.com/eviltik/evilscan
License: MIT License
NodeJS Simple Network Scanner
Home Page: https://github.com/eviltik/evilscan
License: MIT License
Having issue with the scan speed, tried on 4 different servers, but the story is the same,
Sample: evilscan xx.xxx.xx.0/24 --port=1-10000 --concurrency 5000 --progress
every 1% takes about 2 minutes to scan, --concurrency value doesn't seem to have any effect on the speed.
Tried "ulimit -u unlimited" command, with no positive result either.
Try to detect socks proxy when scanning.
Something like
cat myIpList.txt | evilscan --ports=21
I receive this error if I try to use evilscan as module with a target different than a valid IP/Network address:
var evilscan = require('evilscan'),
options = {
target: 'fhjgfjhfhf',
port: 22,
status: 'TROU',
banner: true,
display: 'json'
},
scanner = new evilscan(options);
scanner.run();
node_modules/evilscan/main.js:390
this.q.run();
^TypeError: Cannot read property 'run' of undefined
Reports options to generate PDF (HTML ?) reports for the scan session.
--raw
JSON.stringify the Buffer object of the banner
A port scan reports closed ports as 'close', rather than 'closed'
Hi there,
I tried to run the scanner in a continuous way - by re-starting the scan (via scanner.run() ) within the "done" callback.
However, it seams the module is only made for a single scan, all subsequent calls of scanner.run() result in an immediate call of the "done" callback without having run a scan.
When I reinitialize the evilscan module for every new round, I run into another problem which gives the following output after 11 rounds:
(node) warning: possible EventEmitter memory leak detected. 11 SIGUSR2 listeners added. Use emitter.setMaxListeners() to increase limit.
Trace
at process.addListener (events.js:239:17)
After a few more rounds even the reinstantiation of the evilscan module is not working anymore (Does not scan anymore and throws the "done" callback immediately )
Any ideas on how to overcome this? :-)
I'm running it on a RPI2:
Linux rpi2 4.1.13-v7+ #826 SMP PREEMPT Fri Nov 13 20:19:03 GMT 2015 armv7l GNU/Linux
By default, banner length is 150 chars.
Implement --banner=XX were XX is the maximum length of the grabbed banner
--banner will output banner in result when available
Ascii only, unicode chars translation, limited at 150 chars for the moment.
Tired to wait without knowing of the process is not stalled.
--progress
Will show where the process is every seconds, with that format:
_timeStart:1370884852498,
_timeElapsed:1000,
_jobsTotal:98295,
_jobsRunning:800,
_jobsDone:7,
_progress:0,
_concurrency:800,
_status:"Running",
_message:"Scanned 122.99.128.254:21"
Hi, I'm adding Evilscan to my VoIP security tool (https://github.com/jesusprubio/bluebox-ng) but I've a problem running the provided example of use included in the README.
$ node scan.js
/usr/lib/node_modules/evilscan/main.js:39
cb(self);
It's curious because in the command line It's working ok for me:
$ evilscan 192.168.122.59 --port=21,22,23,80,5060.5065
192.168.122.59|5060|open
192.168.122.59|22|open
Any idea please? :)
What am I doing wrong?
I installed it into my node project.
I'm getting this strange error when running the script from another script
TypeError: Cannot read property 'concurrency' of undefined at evilscan.init (/home/lluiscab/electron-boilerplate-master/boilerplate/node_modules/evilscan/main.js:189:36) at /home/lluiscab/electron-boilerplate-master/boilerplate/node_modules/evilscan/main.js:35:18
My settings
`var scanner = new evilscan({
target: conf.get('server.ip') + '/' + conf.get('server.mask'),
port: conf.get('server.port'),
status:'O',
concurrency: 50
});
scanner.on('result',function(data) {
console.log(data);
});
scanner.on('error',function(err) {
throw new Error(data.toString());
});
scanner.on('done', function() {
scanning = false;
});`
`
Hello,
I want to grab HTTP responses via banner but it couldnt give me these responses. Is there any bug or missing implementation?
And could we give different timeout for banner grabbing?
Thanks
Hi ,
Thanks for the great work !! could you tell me how to scan the ip addresses ? I can see that you are scanning ports in your Readme . what if i want to scan ips ?
Thanks
globally installed evilscan --version does not work because you want to read package.json but it should be psuedo: __dirname package.sjon
line 179: var package = JSON.parse(fs.readFileSync('package.json'));
Actualy, cidr is supported, i.e we can
evilscan 192.168.0.0/24 --port=21
Should be great we can support ip range but not cidr, i.e
evilscan 192.168.0.10-192.168.0.20 --port=21
Hi,
When I tried running:
evilscan xxx.xx.xxx.xxx --port=80 --banner
I get the following:
/usr/local/lib/node_modules/evilscan/bin/evilscan.js:14
let scan = new evilscan(options);
^^^
SyntaxError: Block-scoped declarations (let, const, function, class) not yet supported outside strict mode
at exports.runInThisContext (vm.js:53:16)
at Module._compile (module.js:374:25)
at Object.Module._extensions..js (module.js:417:10)
at Module.load (module.js:344:32)
at Function.Module._load (module.js:301:12)
at Function.Module.runMain (module.js:442:10)
at startup (node.js:136:18)
at node.js:966:3
Line 29 in d311ea9
Sometimes it finds my device, sometimes it doesn't... very intermittent from scan to scan.
Is the device doing something that could be causing this?
implement --help !
kill SIGUSR1 one time will pause the process
kill SIGUSR1 one more time will unpause it
In a first time, "tcpconnect" subclass was tested.
Now time to switch to "evliscan" main class testing.
Something like
evilscan --fileport=/path/to/port.list.txt
port.list.txt will basicaly contains something like
21-23
8080
Seem's SIGUSR1 is reserved by nodejs itself for debugging purpose.
Let's use SIGUSR2.
Support one or more socks proxy for a scanning session
socks v5 first
Something like
evilscan --filehost=/path/to/ip.list.txt
ip.list.txt will basicaly contains something like
192.168.0.10 - 192.168.0.20
192.168.0.254
10.34.100.0/24
i have an error with evilscan by scaner all multi IP.
JavaScript heap out of memory.
how to set config time start Separated by a period of time
to be more readable ...
Need to develop an agent. But .. eval is evil isn't it ?
Perhaps more related to evilprobe project.
Long term.
net.createConnection got allowHalfOpen option ! cool ! it's evil !!
Atm (<0.0.6), only pure tcp connect is supported.
The code is a big shit, need to be completely refactored.
The scanner must be used as a standard nodejs lib pff !!
When i send the command:
evilscan 192.168.1.0/24
it returns me all the hosts from 192.168.1.1 to 192.168.1.255 ... what am i doing wrong? I'm on windows 10.
--geo
Will add country/city/longitude/latitude in the output
Rewrite everything with ES6 syntax and class
Of course, this package is deprecated. Should be replaced with minimist in v2.
have you guys ever meet this error when running CLI ?
$ evilscan 192.168.1.0/24 --port=8080
then error happend:
(libuv) Failed to create kqueue (24)
events.js:72
throw er; // Unhandled 'error' event
^
Error: write EBADF
at errnoException (net.js:901:11)
at WriteStream.Socket._write (net.js:643:26)
at doWrite (_stream_writable.js:219:10)
at writeOrBuffer (_stream_writable.js:209:5)
at WriteStream.Writable.write (_stream_writable.js:180:11)
at WriteStream.Socket.write (net.js:613:40)
at null.<anonymous> (/usr/local/lib/node_modules/evilscan/bin/evilscan.js:19:28)
at EventEmitter.emit (events.js:95:17)
at /usr/local/lib/node_modules/evilscan/main.js:377:18
at /usr/local/lib/node_modules/evilscan/node_modules/async/lib/async.js:229:13
node version: v0.10.12
npm version: 1.2.32
evilscan version: lastest (0.0.9)
es-test\node_modules\evilscan\main.js:388
this.q.run();
^
TypeError: Cannot read property 'run' of undefined
at evilscan.run (es-test\node_modules\evilscan\main.js:388:11)
I ran into this using the test code provided in README.md
. Curiously enough I can run the cli tool installed through npm install -g evilscan
.
$ evilscan 127.0.0.1 --port=80
127.0.0.1|80|open
From some light troubleshooting, it looks like the async.series
callback from options.parse
never executes, so self.init
from main.js is never executed, so this.q
is never defined.
tests are ok, push that on npm, sorry for delay
Wondering more options like :
--screen (like the spec output of mocha)
--xml (if i really had nothing to do ...)
option --whoami will produce, when possible, what is behind an opened port.Example
{iam:"socks proxy"}.
{iam:"http server"}.
{iam:"tor proxy"}.
The lookup will be first based on the IANA official port list, then, have to go deeper in the scan and test different protocol ..
Not a little thing. Wondering if this job should be more related to another hypothetical tool. i.e
root@debian~# evilscan 192.168.0/14 --port=0-65535 --json | evilsomething --json
{"ip":"192.168.1.254","port":"80","iam":"http server"}
If you specify something like 192.0.0.0/8, you will be alert that to many ip addr will be scanned and the scan will not run. You are suppose to override this using --hugescan option. But 2 things append :
FATAL ERROR: JS Allocation failed - process out of memory
I have to investigate more and play with qjobs to see if i can allow large scan
For the moment, let's remove --hugescan option, which don't have any effect finaly.
Most often, a telnet give a banner before it ask you something. It's implemented.
For HTTP ports and many others ports, you have to say something before having a banner. It's not yet implemented. Banners are empty for non-verbose-before-you-speak ports.
Hilarious by the way:
Line 233 in d311ea9
Speaking of crazy people... any tips on how to fan out from the user's current IP based on a a rule?
Like I'd like to scan the network to a particular point... but having trouble understanding what to feed it.
For instance, I'd love to take the 3rd octet up and down 20 numbers or so and limit it to that?
Actualy, when ports are specified, and geo and/or reverse option, geo and dns resolver are running for each port, it's overkill. Let's cache geo/reverse result for each IP
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.