【 Grey Hack 】加强版nmap

probe

if params.len != 1 or params[0] == "-h" or params[0] == "--help" then exit(command_info("<b>probe [IP]</b>"))	
if not is_valid_ip(params[0]) then exit("probe: invalid ip address")
if not get_shell.host_computer.is_network_active then exit("probe: can't connect. No internet access.")router = get_router(params[0])
ports = router.used_ports
devices = router.devices_lan_ip
print("\n<b>PORTS:</b>")
info = "PORT STATE SERVICE VERSION LAN"
for port in portsother_ip = port.get_lan_ipport_status = "Open"if port.is_closed thenport_status = "Closed"end ifinfo = info + "\n" + port.port_number + " " + port_status + " " + router.port_info(port) + " " + other_ip
end for
print(format_columns(info))
print("\n<b>DEVICES:</b>")
info = "DEVICE LAN STATE PORTS"
COMPUTERS = ""
ROUTERS = ""
SWITCHS = ""for device in devicesDP = router.device_ports(device)port_list = []for P in DPif typeof(P) != "port" then port_list = "Unreachable"breakend ifport_list = port_list + [P.port_number]end forport_list_str = "["for port in port_listport_list_str = port_list_str + str(port) + ","end forif(port_list_str == "[") then port_list_str = "[]"elseport_list_str = port_list_str[:-1] + "]"end ifnew_router = get_router(device)new_switch = get_switch(device)if new_router != null thenSTATE = new_router.firewall_rulesif STATE == [] thenSTATE = "None"elseSTATE = STATE[0].split(" ")[0]end ifif new_switch != null thenSWITCHS = SWITCHS + "SWITCH " + device + " " + STATE + " " + port_list_str + "\n"elseROUTERS = ROUTERS  + "ROUTER " + device + " " + STATE + " " + port_list_str + "\n"end ifend ifif new_switch == null and new_router == null thenif port_list != [] and port_list[0] == 8080 thenif device == router.local_ip thenSTATE = router.firewall_rulesif STATE == [] then STATE = "None"elseSTATE = "Unknown"end ifROUTERS = ROUTERS  + "ROUTER " + device + " " + STATE + " " + port_list_str + "\n"elseCOMPUTERS = COMPUTERS + "COMPUTER " + device + " " + "Null" + " " + port_list_str + "\n"end ifend if
end for
info = info + "\n" + COMPUTERS + "\n" + ROUTERS + "\n" + SWITCHS
print(format_columns(info))

使用方法

函数名【公网IP】

效果

可以扫描到比nmap更多的信息
nmap的
在这里插入图片描述
probe

routerpcscan

if params.len != 2 or params[0] == "-h" or params[0] == "--help" then exit("<b>Usage: "+program_path.split("/")[-1]+" [ip_address] [LAN_address]</b>")
metaxploit = include_lib("/lib/metaxploit.so")
if not metaxploit thenmetaxploit = include_lib(current_path + "/metaxploit.so")
end if
if not metaxploit then exit("Error: Can't find metaxploit library in the /lib path or the current folder")address = params[0]
net_session = metaxploit.net_use( address )
if not net_session then exit("Error: can't connect to net session")
libKernel = net_session.dump_libprint("\nFounded " + libKernel.lib_name + " "+ libKernel.version)if not libKernel then exit("Error: " + libName + " not found.")lanIp = params[1]kernel_router_exploits = metaxploit.scan(libKernel)lanIp = lanIp.split(".")
Head = lanIp[0]+"."+lanIp[1]+"."+lanIp[2]+"."
End = lanIp[-1].to_intGetKeyword = function()for kernel_router_exploit in kernel_router_exploitsresult_lists = metaxploit.scan_address(libKernel, kernel_router_exploit).split("Unsafe check: ")[1:]for result_list in result_liststarget_str = result_list.split(".")[0]target_key = target_str.split(" ")[-1]for _ in range(1, 255, 1)if _ != End thenresult = libKernel.overflow(kernel_router_exploit, target_key[3:-4], Head + str(_))if typeof(result) == "computer" thenreturn [kernel_router_exploit, target_key[3:-4]]else if typeof(result) != "null" and typeof(result) != "computer" thenbreakend ifend ifend forif typeof(result) != "null" and typeof(result) != "computer" then continueend forend for
end functionKey = GetKeyword()Output = ""for _ in range(1, 255, 1)if _ != End thenresult = libKernel.overflow(Key[0], Key[1], Head + str(_))if typeof(result) == "computer" thenOutput = Output + Head + str(_) + "\n"end ifend if
end for 
clear_screen
if Output == "" then exit("<b>Fail...</b>")
elseprint("<b>Found Computers: </b>\n")print(Output)
end if