Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Madhurendra
mongohunter
Commits
d11e4a9c
Commit
d11e4a9c
authored
Feb 23, 2019
by
Yash Paliwal
Browse files
Thorough tests for vulnerable server ; Added export to file feature.
parent
c8ecafa2
Changes
2
Hide whitespace changes
Inline
Side-by-side
mongobuster.go
View file @
d11e4a9c
...
...
@@ -4,25 +4,28 @@ import (
"bufio"
"context"
"flag"
"io/ioutil"
"log"
"os"
"os/exec"
"regexp"
"github.com/mongodb/mongo-go-driver/bson"
"github.com/mongodb/mongo-go-driver/mongo"
)
func
main
()
{
ipAddr
:=
make
(
chan
string
)
data
:=
make
(
chan
string
)
masscanInstalled
()
// Check if masscan binary is installed.
WelcomeMsg
()
maxPtr
:=
flag
.
String
(
"max-rate"
,
"1000"
,
"Max rate at which packets will be sent"
)
maxPtr
:=
flag
.
String
(
"max-rate"
,
"100"
,
"Max rate at which packets will be sent"
)
outFile
:=
flag
.
String
(
"out-file"
,
"IPs.log"
,
"Name of file to which vulnerable IPs will be exported"
)
flag
.
Parse
()
go
execMasscan
(
ipAddr
,
maxPtr
)
workDispatcher
(
ipAddr
)
// Dont call this func inside execMasscan coz exec.Command is a blocking statement.
go
fileWriter
(
data
,
outFile
)
workDispatcher
(
ipAddr
,
data
)
// Dont call this func inside execMasscan coz exec.Command is a blocking statement.
}
func
execMasscan
(
ipAddr
chan
string
,
maxPtr
*
string
)
{
...
...
@@ -50,76 +53,48 @@ func execMasscan(ipAddr chan string, maxPtr *string) {
}
}
func
workDispatcher
(
ipAddr
chan
string
)
{
func
workDispatcher
(
ipAddr
chan
string
,
data
chan
string
)
{
num
:=
0
for
value
:=
range
ipAddr
{
num
++
print
(
"
\r
Total
MongoDB servers found
- "
,
num
)
go
testIP
(
filterIP
(
value
))
print
(
"
\r
Total
servers with port 27017 open
- "
,
num
)
go
testIP
(
filterIP
(
value
)
,
data
)
}
}
//Masscan outputs some text along with IP addr, this function strips unwanted text.
func
filterIP
(
input
string
)
string
{
numBlock
:=
"(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])"
regexPattern
:=
numBlock
+
"
\\
."
+
numBlock
+
"
\\
."
+
numBlock
+
"
\\
."
+
numBlock
func
testIP
(
input
string
,
data
chan
string
)
{
regEx
:=
regexp
.
MustCompile
(
regexPattern
)
return
regEx
.
FindString
(
input
)
}
func
masscanInstalled
()
bool
{
cmd
:=
exec
.
Command
(
"/bin/bash"
,
"-c"
,
"sudo masscan -v "
)
_
,
err
:=
cmd
.
StdoutPipe
()
client
,
err
:=
mongo
.
Connect
(
context
.
TODO
(),
"mongodb://"
+
input
+
":27017/test"
)
if
err
!=
nil
{
print
(
err
)
print
(
`Masscan not found!
If you are running Ubuntu or Kali linux, Install Masscan by running -
sudo apt install masscan
For other disctributions check masscan's git repo for install instructions -
https://github.com/robertdavidgraham/masscan
`
)
os
.
Exit
(
0
)
return
false
}
return
true
}
func
testIP
(
input
string
)
{
client
,
err
:=
mongo
.
Connect
(
context
.
TODO
(),
"mongodb://"
+
input
)
if
err
!=
nil
{
// log.Fatal(err)
return
}
// Check the connection
err
=
client
.
Ping
(
context
.
TODO
(),
nil
)
//If we can list databases , we can read records to!
_
,
err
=
client
.
ListDatabaseNames
(
context
.
TODO
(),
bson
.
D
{{}})
if
err
!=
nil
{
// log.Fatal(err)
print
(
"
\r
\0
33[K"
+
input
+
": "
)
println
(
err
.
Error
())
}
else
{
println
(
"
\r
\0
33[K"
+
input
+
" is VULNERABLE"
)
println
(
""
)
println
(
input
+
" is VULNERABLE"
)
println
(
""
)
data
<-
input
}
}
// WelcomeMsg prints welcome msg :D (Go-Lint compatabilty).
func
WelcomeMsg
()
{
print
(
`
███╗ ███╗ ██████╗ ███╗ ██╗ ██████╗ ██████╗ ██████╗ ██╗ ██╗███████╗████████╗███████╗██████╗
████╗ ████║██╔═══██╗████╗ ██║██╔════╝ ██╔═══██╗ ██╔══██╗██║ ██║██╔════╝╚══██╔══╝██╔════╝██╔══██╗
██╔████╔██║██║ ██║██╔██╗ ██║██║ ███╗██║ ██║█████╗██████╔╝██║ ██║███████╗ ██║ █████╗ ██████╔╝
██║╚██╔╝██║██║ ██║██║╚██╗██║██║ ██║██║ ██║╚════╝██╔══██╗██║ ██║╚════██║ ██║ ██╔══╝ ██╔══██╗
██║ ╚═╝ ██║╚██████╔╝██║ ╚████║╚██████╔╝╚██████╔╝ ██████╔╝╚██████╔╝███████║ ██║ ███████╗██║ ██║
╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝ ╚═════╝ ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝
Started Scannig servers.
`
)
func
fileWriter
(
data
chan
string
,
outFile
*
string
)
{
for
value
:=
range
data
{
toWrite
:=
[]
byte
(
value
)
err
:=
ioutil
.
WriteFile
(
*
outFile
,
toWrite
,
0644
)
check
(
err
)
}
}
utils.go
0 → 100644
View file @
d11e4a9c
package
main
import
(
"os"
"os/exec"
"regexp"
)
//Check for errors during file write
func
check
(
e
error
)
{
if
e
!=
nil
{
panic
(
e
)
}
}
//Masscan outputs some text along with IP addr, this function strips unwanted text.
func
filterIP
(
input
string
)
string
{
numBlock
:=
"(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])"
regexPattern
:=
numBlock
+
"
\\
."
+
numBlock
+
"
\\
."
+
numBlock
+
"
\\
."
+
numBlock
regEx
:=
regexp
.
MustCompile
(
regexPattern
)
return
regEx
.
FindString
(
input
)
}
// Function to check if masscan is installed
func
masscanInstalled
()
bool
{
cmd
:=
exec
.
Command
(
"/bin/bash"
,
"-c"
,
"sudo masscan -v "
)
_
,
err
:=
cmd
.
StdoutPipe
()
if
err
!=
nil
{
print
(
err
)
print
(
`Masscan not found!
If you are running Ubuntu or Kali linux, Install Masscan by running -
sudo apt install masscan
For other disctributions check masscan's git repo for install instructions -
https://github.com/robertdavidgraham/masscan
`
)
os
.
Exit
(
0
)
return
false
}
return
true
}
// WelcomeMsg prints welcome msg :D (Go-Lint compatabilty).
func
WelcomeMsg
()
{
print
(
`
███╗ ███╗ ██████╗ ███╗ ██╗ ██████╗ ██████╗ ██████╗ ██╗ ██╗███████╗████████╗███████╗██████╗
████╗ ████║██╔═══██╗████╗ ██║██╔════╝ ██╔═══██╗ ██╔══██╗██║ ██║██╔════╝╚══██╔══╝██╔════╝██╔══██╗
██╔████╔██║██║ ██║██╔██╗ ██║██║ ███╗██║ ██║█████╗██████╔╝██║ ██║███████╗ ██║ █████╗ ██████╔╝
██║╚██╔╝██║██║ ██║██║╚██╗██║██║ ██║██║ ██║╚════╝██╔══██╗██║ ██║╚════██║ ██║ ██╔══╝ ██╔══██╗
██║ ╚═╝ ██║╚██████╔╝██║ ╚████║╚██████╔╝╚██████╔╝ ██████╔╝╚██████╔╝███████║ ██║ ███████╗██║ ██║
╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝ ╚═════╝ ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝
Started Scannig servers.
`
)
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment