zmap / zgrab2 Goto Github PK

Fast Go Application Scanner

License: Other

Makefile 0.07% Go 88.32% Shell 1.81% Python 9.61% Roff 0.02% HTML 0.01% Dockerfile 0.17%

zgrab2's Introduction

ZMap: The Internet Scanner

ZMap is a fast single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4 address space on a single port in under 45 minutes. With a 10gigE connection and netmap or PF_RING, ZMap can scan the IPv4 address space in under 5 minutes.

ZMap operates on GNU/Linux, Mac OS, and BSD. ZMap currently has fully implemented probe modules for TCP SYN scans, ICMP, DNS queries, UPnP, BACNET, and can send a large number of UDP probes. If you are looking to do more involved scans (e.g., banner grab or TLS handshake), take a look at ZGrab 2, ZMap's sister project that performs stateful application-layer handshakes.

Using ZMap

If you haven't used ZMap before, we have a step-by-step Getting Started Guide that details how to perform basic scans. Documentation about all of ZMap's options and more advanced functionality can be found in our Wiki.

If you have questions, please first check our FAQ. Still have questions? Ask the community in Github Discussions. Please do not create an Issue for usage or support questions.

Installation

The latest stable release of ZMap is version 4.1.1 and supports Linux, macOS, and BSD.

Instructions on building ZMap from source can be found in INSTALL.

Architecture

More information about ZMap's architecture and a comparison with other tools can be found in these two research papers:

If you use ZMap for published research, please cite the original research paper:

@inproceedings{durumeric2013zmap,
  title={{ZMap}: Fast Internet-wide scanning and its security applications},
  author={Durumeric, Zakir and Wustrow, Eric and Halderman, J Alex},
  booktitle={22nd USENIX Security Symposium},
  year={2013}
}

Citing the ZMap paper helps us to track ZMap usage within the research community and to pursue funding for continued development.

License and Copyright

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See LICENSE for the specific language governing permissions and limitations under the License.

zgrab2's People

Contributors

Stargazers

Watchers

Forkers

jordan-wright kyocheng stefangrimminck ngngng eniac leaixian miltonmanfried myvyang mzpqnxow codyprime sdnewhop oksbsb chinawhom chennqqi ynadji bbhunter 0-duke cameliasimoiu segoeui 5up3rc cybertoxin packetloop zaziki1337 anthrax1 sergeyfrolov olgermolla modulexcite leonw7 anezashraf 0x3a menyuguren genevera seabreg ct-square nx-jackal chushuai xxbing123 hackone-hole lloy1231 alanlonglong tchen0123 henry75m39 sadjy h4ckx7 avineshwar sry309 ekodikara ksharpdabu amasser tdeebswihart thegwan acealchemycyberblaze guyhalfon dlissimore cablej jkf8x8 76428778fada pombredanne rich5 oof-security moutalib corny abeusher kfabryczny hundan2020 meteorite armbues leiurus17 harite jsilve400 5l1v3r1 kakuye rep arukaminado wrbrand lambdafu rub-nds waleedmazhar g0pherzilla chaos-monkey-island egebalci masterscott bittenmonkey sec99 rakhithjk rulosan mayerdaniel eazyserver brhannah ybxm1 camexp mmg1 lukebeer positive-engineer projectzerodays zu1kbackup freefv wisdark 0x1a0b huangzccn

zgrab2's Issues

Certificate Policies schema is incorrect

Similar to #33, but I don't think there's a script in ZCrypto to help you with it this time. It's an object, not a ListOf(String()).

utility.go comments

Some notes of things to be fixed up.

https://github.com/zmap/zgrab2/blob/master/utility.go
func ParseInput(s string) (*net.IPNet, string, error) {

This could use a better name. What kind of input is being parsed? At first I thought this was handling command-line arguments. Also, please put spaces in comments. :D

It seems strange that this function returns a pointer and a string. Why not just return the net.IPNet? I can't imagine this is a large object.

case j == -1:
		//ip,domain
		str := strings.Split(s, ",")

This should also handle the case "ip, domain". That's inevitably going to happen.

Implement MongoDB

Change HTTP timeout to be a float

Hi,
I wanted to set the timeout in http to a value less than a second
However the minimum allowed value is 1 second (I wanted for example 0.2 second, 200 milliseconds)
Thanks!

Fix TLS scanner

It seems that some flags are ignored / unused (for example, NoSNI is unused, and even without it, it doesn't seem that SNI is working).

module tls give exception on error but don't write the result as in zgrab

I have done a large scan on my network for port 443, not all host which have open port 443 has a web server HTTPS, so zgrab2 give me an error with stack trace but don't log the event in output file.
zgrab instead report all errors in output file, very useful for post-processing.

echo IP_WITH_443_OPEN_PORT_BUT_NO_HTTPS | /opt/scanner/sbin/zgrab2 tls --heartbleed --output-file=xxxxx.json
INFO[0000] started grab at 2018-03-26T09:39:30+02:00    
DEBU[0003] Failed to detect error from tls: oversized record received with length 20527 at goroutine 894 [running]:
runtime/debug.Stack(0xd9e8e0, 0xc420366d90, 0xc42003a040)
	/usr/lib/go-1.9/src/runtime/debug/stack.go:24 +0xa7
github.com/zmap/zgrab2.TryGetScanStatus(0xd9e8e0, 0xc420366d90, 0xc420366d90, 0xc420358e00)
	/root/go/src/github.com/zmap/zgrab2/status.go:92 +0x2c0
github.com/zmap/zgrab2/modules.(*TLSScanner).Scan(0xc42000e528, 0xc420368320, 0x10, 0x10, 0x0, 0x0, 0xa19060, 0x1, 0x4, 0x7f929d28acd0, ...)
	/root/go/src/github.com/zmap/zgrab2/modules/tls.go:72 +0xec
github.com/zmap/zgrab2.RunScanner(0xda9600, 0xc42000e528, 0xc420366d20, 0xc420368320, 0x10, 0x10, 0x0, 0x0, 0xa4a144, 0x3, ...)
	/root/go/src/github.com/zmap/zgrab2/scanner.go:32 +0xcc
github.com/zmap/zgrab2.grabTarget(0xc420368320, 0x10, 0x10, 0x0, 0x0, 0xc420366d20, 0x0, 0x0, 0x0)
	/root/go/src/github.com/zmap/zgrab2/processing.go:91 +0x245
github.com/zmap/zgrab2.Process.func2(0xc420057b00, 0xc420366d20, 0xc420057b60, 0xc4203682e0, 0x374)
        /root/go/src/github.com/zmap/zgrab2/processing.go:150 +0x143
created by github.com/zmap/zgrab2.Process
	/root/go/src/github.com/zmap/zgrab2/processing.go:143 +0x191

output file xxxx.json is empty
with zgrab instead

echo IP_WITH_443_OPEN_PORT_BUT_NO_HTTPS | /opt/scanner/sbin/zgrab --port 443 --tls --heartbleed --output-file=xxxxx.json
Mar 26 09:39:50.173 [INFO] banner-grab: started grab at 2018-03-26T09:39:50+02:00
Mar 26 09:39:52.851 [ERROR] banner-grab: Conversation error with remote host 2.238.76.236:443: tls: oversized record received with length 20527
Mar 26 09:39:54.607 [INFO] banner-grab: finished grab (0 success; 1 failure) at 2018-03-26T09:39:54+02:00

output file xxxxx.json

cat xxxxx.json 
{"ip":"IP_WITH_443_OPEN_PORT_BUT_NO_HTTPS","timestamp":"2018-03-26T09:39:52+02:00","data":{"tls":{}},"error":"tls: oversized record received with length 20527","error_component":"tls"}

I have used golang 1.10 for tests.

Add input configuration to zgrab2 output

It would be nice to have the ability to search on / exclude scans performed with certain configuration flags (say, with heartbleed scanning enabled)

tls.go/arguments: Accept --signature-algorithms list

We have a placeholder for this, but because of (https://github.com/zmap/zgrab2/blob/master/tls.go#L164), this is not implemented.

Requires a corresponding update to zcrypto to (a) expose the necessary types / functions / constants, and (b) make use of them -- see zmap/zcrypto#116.

Take a comma-separated list of hex values, maybe ((signature << 8) | hash)?

tls: Expose supported algorithms

There should be some way for users to determine if a given e.g. cipher suite or signature algorithm is actually supported by zcrypto (without waiting for a server to try using it).

module tls or http check heartbleed doesn't work

I'm testing zgrab2 on server vulnerable to heartbleed, but module tls or http tell me the host is not vulnerable to heartbleed.

zgrab2 http --heartbleed -p 443 --use-https

zgrab2 tls --heartbleed -p 443

output:

"heartbleed_log":{"heartbeat_enabled":false,"heartbleed_vulnerable":false}}

I tried with zgrab, the result output is correct.

Implement CouchDB

http://blog.safebuff.com/2016/05/20/CouchDB-unauthorized-access/

Add support for scanning for CONNECT hosts

The HTTP module should be able to behave exactly as it does now (e.g. follow redirects, output multiple requests in a chain), except it should be able to send those requests contingent on first scanning and finding an open CONNECT hosts. The expected interface and behavior would be something along the lines of zgrab2 --http --connect --method GET --path / --connect-target google.com, which would cause zgrab2 to send CONNECT requests to input hosts attempting to proxy to google.com. If the remote host is an open proxy, zgrab2 would then follow any redirects that google.com returns, but through the proxy.

We would add details of the CONNECT request to the http.Result struct, and still store the inner responses / redirects in the response/redirect chain.

Implement HTTP/2

Per @dadrian,

We have the code for HTTP/2, but need to resolve some differences with zcrypto/tls and crypto/tls in order to it to compile and pass tests.

config.go comments

	MetaFileName       string          `short:"m" long:"metadata-file" default:"-" description:"Metadata filename, use - for stdout"`
	LogFileName        string          `short:"l" long:"log-file" default:"-" description:"Log filename, use - for stdout"`

- should redirect to stderr not stdout for both of these

func init() {
	config.Multiple.ContinueOnError = true //set default for multiple value
}

Why isn't this just a command-line argument

	switch config.LogFileName {
	case "-":
		config.logFile = os.Stderr
	default:
		var err error
		if config.logFile, err = os.Create(config.LogFileName); err != nil {
			log.Fatal(err)
		}
		log.SetOutput(config.logFile)
	}

This is confusing logic as the non-default logic is labeled as default. Why not just use an if statement since there are only two options and that more clearly explains your logic?

if config.ConnectionsPerHost > 50 || config.ConnectionsPerHost < 1 {

You just checked that second predicate a line earlier.

Improve integration test wait time

Most failures will occur with any service -- but, since we run the tests for each service before validating the output of any of them, you will have to wait several minutes before getting that result, i.e.:

For each service:
a. Start container(s)
b. Run tests, store output
c. Stop container(s)
For all output files:
a. Validate schema
b. Check for success

This could be improved by instead doing something like

For each service:
a. Start container(s)
b. Run tests, store output
c. Stop container(s)
d. Validate schema
b. Check for success

MySQL Integrations Tests Fail

I'm unable to get the MySQL integration tests to pass (maybe more than MySQL? Not sure) on a clean build.

Steps to Reproduce

go get the zmap/zgrab2 package
Run make integration-test

Debug Log

cd cmd/zgrab2 && go build && cd ../..
rm -f zgrab2
ln -s cmd/zgrab2/zgrab2 zgrab2
make -C docker-runner
docker build -t zgrab2_runner:latest -f Dockerfile -q .. > docker-runner.id || rm -f docker-runner.id
rm -rf zgrab-output
./integration_tests/test.sh
~/src/go/src/github.com/zmap/zgrab2/integration_tests ~/src/go/src/github.com/zmap/zgrab2
~/src/go/src/github.com/zmap/zgrab2/integration_tests/ftp ~/src/go/src/github.com/zmap/zgrab2/integration_tests ~/src/go/src/github.com/zmap/zgrab2
Running integration_tests/ftp/test.sh
ftp/test: Testing FTP with --authtls on zgrab_ftp...
+ echo target
+ /go/src/github.com/zmap/zgrab2/cmd/zgrab2/zgrab2 ftp --authtls
time="2018-01-31T05:54:56Z" level=info msg="started grab at 2018-01-31T05:54:56Z"
time="2018-01-31T05:54:57Z" level=info msg="finished grab at 2018-01-31T05:54:57Z"
{"statuses":{"ftp":{"successes":1,"failures":0}},"start":"2018-01-31T05:54:56Z","end":"2018-01-31T05:54:57Z","duration":"245.507085ms"}
ftp/test: Testing FTP on zgrab_ftp...
+ echo target
+ /go/src/github.com/zmap/zgrab2/cmd/zgrab2/zgrab2 ftp
time="2018-01-31T05:54:58Z" level=info msg="started grab at 2018-01-31T05:54:58Z"
time="2018-01-31T05:54:58Z" level=info msg="finished grab at 2018-01-31T05:54:58Z"
{"statuses":{"ftp":{"successes":1,"failures":0}},"start":"2018-01-31T05:54:58Z","end":"2018-01-31T05:54:58Z","duration":"11.024085ms"}
ftp/test: BEGIN vsftpd logs from zgrab_ftp [{(
Wed Jan 31 05:35:44 2018 [pid 9] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:35:44 2018 [pid 9] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:35:44 2018 [pid 9] FTP command: Client "::ffff:172.17.0.18", "AUTH TLS"
Wed Jan 31 05:35:44 2018 [pid 9] FTP response: Client "::ffff:172.17.0.18", "234 Proceed with negotiation."
Wed Jan 31 05:35:44 2018 [pid 9] DEBUG: Client "::ffff:172.17.0.18", "Control connection terminated without SSL shutdown."
Wed Jan 31 05:35:45 2018 [pid 11] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:35:45 2018 [pid 11] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:37:12 2018 [pid 19] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:37:12 2018 [pid 19] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:37:12 2018 [pid 19] FTP command: Client "::ffff:172.17.0.18", "AUTH TLS"
Wed Jan 31 05:37:12 2018 [pid 19] FTP response: Client "::ffff:172.17.0.18", "234 Proceed with negotiation."
Wed Jan 31 05:37:12 2018 [pid 19] DEBUG: Client "::ffff:172.17.0.18", "Control connection terminated without SSL shutdown."
Wed Jan 31 05:37:13 2018 [pid 21] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:37:13 2018 [pid 21] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:37:28 2018 [pid 29] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:37:28 2018 [pid 29] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:37:28 2018 [pid 29] FTP command: Client "::ffff:172.17.0.18", "AUTH TLS"
Wed Jan 31 05:37:28 2018 [pid 29] FTP response: Client "::ffff:172.17.0.18", "234 Proceed with negotiation."
Wed Jan 31 05:37:28 2018 [pid 29] DEBUG: Client "::ffff:172.17.0.18", "Control connection terminated without SSL shutdown."
Wed Jan 31 05:37:30 2018 [pid 31] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:37:30 2018 [pid 31] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:54:56 2018 [pid 39] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:54:56 2018 [pid 39] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
Wed Jan 31 05:54:56 2018 [pid 39] FTP command: Client "::ffff:172.17.0.18", "AUTH TLS"
Wed Jan 31 05:54:56 2018 [pid 39] FTP response: Client "::ffff:172.17.0.18", "234 Proceed with negotiation."
Wed Jan 31 05:54:57 2018 [pid 39] DEBUG: Client "::ffff:172.17.0.18", "Control connection terminated without SSL shutdown."
Wed Jan 31 05:54:58 2018 [pid 41] CONNECT: Client "::ffff:172.17.0.18"
Wed Jan 31 05:54:58 2018 [pid 41] FTP response: Client "::ffff:172.17.0.18", "220 (vsFTPd 3.0.3)"
)}] END vsftpd logs from zgrab_ftp
ftp/test: BEGIN docker logs from zgrab_ftp [{(
+ true
+ /usr/sbin/vsftpd
)}] END docker logs from zgrab_ftp
~/src/go/src/github.com/zmap/zgrab2/integration_tests ~/src/go/src/github.com/zmap/zgrab2
~/src/go/src/github.com/zmap/zgrab2/integration_tests/mysql ~/src/go/src/github.com/zmap/zgrab2/integration_tests ~/src/go/src/github.com/zmap/zgrab2
Running integration_tests/mysql/test.sh
mysql/test: Testing MySQL Version 5.5...
+ echo target
+ /go/src/github.com/zmap/zgrab2/cmd/zgrab2/zgrab2 mysql --timeout 10
time="2018-01-31T05:55:00Z" level=info msg="started grab at 2018-01-31T05:55:00Z"
time="2018-01-31T05:55:00Z" level=info msg="finished grab at 2018-01-31T05:55:00Z"
{"statuses":{"mysql":{"successes":1,"failures":0}},"start":"2018-01-31T05:55:00Z","end":"2018-01-31T05:55:00Z","duration":"8.047874ms"}
./test.sh: line 23: ./../../jp: No such file or directory
make: *** [integration-test] Error 127

I thought that maybe I was missing the jp directory/file but a mkdir or a touch didn't affect the test outcome. I'm running the tests from the root zgrab2 directory.

Environment

MacOS High Sierra version 10.13.3 (17D47)
Branch: master
Docker version 18.01.0-ce, build 03596f5

mysql: Disable debug logs in non-verbose mode

Logs are getting spammed with e.g.

:time="2018-05-10T17:14:12-04:00" level=debug msg="Failed to detect error from Server returned error after connecting: error_code = 0x46a; error_message = Host '...' is not allowed to connect to this MySQL server at goroutine 277 [running]:\nruntime/debug.Stack(0xae47c0, 0xc421efa5a0, 0xc420068040)\n\t/usr/local/go/src/runtime/debug/stack.go:24 +0xa7\ngithub.com/zmap/zgrab2.TryGetScanStatus(0xae47c0, 0xc421efa5a0, 0xc421efa5a0, 0xae47c0)\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/status.go:92 +0x2b9\ngithub.com/zmap/zgrab2/modules/mysql.(*Scanner).Scan.func1(0xc421987bc0, 0xc421987ba0, 0xc42016ba90, 0xc421987bb0, 0xc421987b48)\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/modules/mysql/scanner.go:206 +0x189\npanic(0x988880, 0xc421efa5a0)\n\t/usr/local/go/src/runtime/panic.go:502 +0x229\ngithub.com/zmap/zgrab2/modules/mysql.(*Scanner).Scan(0xc42015c4c0, 0xc4214e3260, 0x10, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/modules/mysql/scanner.go:221 +0x348\ngithub.com/zmap/zgrab2.RunScanner(0xaec040, 0xc42015c4c0, 0xc4204108b0, 0xc4214e3260, 0x10, 0x10, 0x0, 0x0, 0xa56c59, 0x5, ...)\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/scanner.go:32 +0xd1\ngithub.com/zmap/zgrab2.grabTarget(0xc4214e3260, 0x10, 0x10, 0x0, 0x0, 0xc4204108b0, 0x0, 0x0, 0x0)\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/processing.go:92 +0x219\ngithub.com/zmap/zgrab2.Process.func2(0xc420169680, 0xc4204108b0, 0xc42050c000, 0xc4204c0050, 0xed)\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/processing.go:159 +0x126\ncreated by github.com/zmap/zgrab2.Process\n\t/var/search/tmp/go/src/github.com/zmap/zgrab2/processing.go:152 +0x191\n"

Audit log messages

Log messages must only contain exceptional / actionable messages, not information about an individual scan failing because the host didn't act as expected.

Fix IP List Parsing

refactor cidr to ip list parsing, i.e. netIPv4Len vs len and incrementing ipv6 address in cidr block

Domain scanning

Currently if a domain is passed in, it can be looked up again for each scan.

Would it make more sense to look it up once at the start, pass it to each call to Scan(), and return it in the result (so that it is possible to determine which host was actually scanned)?

Socks Proxy Support

feature request: allow scanning via socks5 proxy:
https://github.com/golang/net/blob/master/internal/socks/client.go

Output: Include numeric flags in addition to flag "set"s

Would be useful for display purposes if nothing else (e.g. we may want to display the MySQL connection flags, but showing 29 lines of individual flags gives it undue weight)

Extended Key Usage is schema'd incorrectly

I've been poking around with the TLS parts of the schema, and noticed a few things that are off. This is all largely due to cruft, but we should make zgrab2 schema's actually match the output. I expect this "bug" is due to something we fixup in either ZTag or ESLoader.

extended_key_usage is typed as a ListOf(Integer()), but it's actually an object. There's a script in ZCrypto that helps generate the actual schema for it. See https://github.com/zmap/zcrypto/blob/6447918deb1c310126e1cecbd711bdaac3b5558d/x509/extensions.go#L47 and https://github.com/zmap/zcrypto/blob/da4419f6d9aafae65261ac8e0e4472ac99a4d284/x509/extended_key_usage_schema.sh

Name Constraints schema is incorrect

See #34 but for name constraints.

JSON object specified for non-record field: data.tls.server_certificates.chain.parsed.extensions.name_constraints.excluded_ip_addresses

Implement MSSQL

Add Usage to modules

zflags provides a Usage interface to get example usage for command-line options (https://github.com/ajholland/zflags/blob/master/command.go#L61); if the Flags provide provide a Usage() string method, this will be picked up automatically.

can i grab mysql banner

i want to get mysql info

mssql: Strip trailing null terminator from instance name

Empty instance names are turning up as "\u0000". These should be just empty.

Move main

The current main directory should move to cmd/zgrab.

Migrate Telnet from ZGrab 1.0

Add `--metadata-file`

We should support outputting metadata at the end of a scan. Starting a list of what should go into this file:

Start Time
End Time
Input Hosts
Breakdown of errors vs success
exact command that ZGrab received

Please feel free to take on more metadata requests.

postgres: detection threshold

Currently, if the scanner gets a connection on port 5432 and reads an 'N' followed by a disconnect / hang, that can be interpreted as a detection.

That may need to be tweaked.

Document scannable protocols

We should document the protocols that ZGrab supports and provide an example for each one. Right now, it's very difficult to understand to know what the project supports.

Implement LDAP

Implement PostgreSQL

Remove ZGrab as a dependency

s#zgrab/ztools#zgrab2/tools#g

https://github.com/zmap/zgrab2/search?utf8=%E2%9C%93&q=ztoolsKeys&type=

Add memcached scanner

HTTP Timeout doesn't work as expected

I specified the following on the command line:

echo google.com | ./zgrab2 http --port 8080 --timeout 3

(A site and port I expect to not connect but timeout after a certain point)

Rather than timing out after 3 seconds, according to the metadata at the end, it continues through for 75 seconds.

{"statuses":{"http":{"successes":0,"failures":1}},"start":"2018-05-01T11:55:54-04:00","end":"2018-05-01T11:57:10-04:00","duration":"1m15.374277319s"}

Migrate HTTPS from ZGrab 1.0

Migrate FTP from ZGrab 1.0

zgrab2 JSON Marshaller

zgrab2 needs a special JSON Marshaller that can take into account command line flags and tags like zgrab.debug

Ability to change network interface

More reusable HTTP library code

Writing scanners for protocols that sit on top of HTTP can lead to some serious code duplication.

Identify code that can be moved to a library that can be shared among any HTTP-based scanner.

Common HTTP request headers are unknown

From an HTTP request:

"request": {
  "url": {
    "scheme": "http",
    "host": "google.com",
    "path": "/"
  },
  "method": "GET",
  "headers": {
    "unknown": [
      {
        "key": "user_agent",
        "value": [
          "Mozilla/5.0 zgrab/0.x"
        ]
      },
      {
        "key": "accept",
        "value": [
          "*/*"
        ]
      }
    ]
  },
  "host": "google.com"

These shouldn't be unknown given that we send them with every request. We should find the list commonly sent headers and output all of them as recognized.

finish http
finish ssh
finish tls
refactor cidr to ip list parsing, i.e. netIPv4Len vs len and incrementing ipv6 address in cidr block
implement ability to change network interface
implement connections per host (for loop)

unrecognized import path "golang.org/x/crypto/ssh/terminal"

I'm new for GO...

When i execute go get github.com/zmap/zgrab2 it shows:

package golang.org/x/crypto/ssh/terminal: unrecognized import path "golang.org/x/crypto/ssh/terminal" (https fetch: Get https://golang.org/x/crypto/ssh/terminal?go-get=1: dial tcp 216.239.37.1:443: connect: connection refused)
package golang.org/x/sys/unix: unrecognized import path "golang.org/x/sys/unix" (https fetch: Get https://golang.org/x/sys/unix?go-get=1: dial tcp 216.239.37.1:443: connect: connection refused)
package golang.org/x/net/idna: unrecognized import path "golang.org/x/net/idna" (https fetch: Get https://golang.org/x/net/idna?go-get=1: dial tcp 216.239.37.1:443: connect: connection refused)

Is there anything wrong with the git repository path?

And then i try to execute make in ../zgrab2 it shows:

cd cmd/zgrab2 && go build && cd ../..
../../lib/ssh/kex.go:22:2: cannot find package "golang.org/x/crypto/curve25519" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/crypto/curve25519 (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/crypto/curve25519 (from $GOPATH)
../../lib/ssh/keys.go:28:2: cannot find package "golang.org/x/crypto/ed25519" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/crypto/ed25519 (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/crypto/ed25519 (from $GOPATH)
../../lib/smb/ntlmssp/crypto.go:9:2: cannot find package "golang.org/x/crypto/md4" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/crypto/md4 (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/crypto/md4 (from $GOPATH)
../../../../sirupsen/logrus/terminal_check_notappengine.go:9:2: cannot find package "golang.org/x/crypto/ssh/terminal" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/crypto/ssh/terminal (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/crypto/ssh/terminal (from $GOPATH)
../../lib/http/h2_bundle.go:46:2: cannot find package "golang.org/x/net/http2/hpack" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/net/http2/hpack (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/net/http2/hpack (from $GOPATH)
../../../../weppos/publicsuffix-go/publicsuffix/publicsuffix.go:15:2: cannot find package "golang.org/x/net/idna" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/net/idna (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/net/idna (from $GOPATH)
../../lib/http/h2_bundle.go:48:2: cannot find package "golang.org/x/net/lex/httplex" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/net/lex/httplex (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/net/lex/httplex (from $GOPATH)
../../../../sirupsen/logrus/terminal_linux.go:10:8: cannot find package "golang.org/x/sys/unix" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/sys/unix (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/sys/unix (from $GOPATH)
../../lib/http/request.go:30:2: cannot find package "golang.org/x/text/unicode/norm" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/text/unicode/norm (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/text/unicode/norm (from $GOPATH)
../../lib/http/request.go:31:2: cannot find package "golang.org/x/text/width" in any of:
/home/user/Downloads/Go/go/src/golang.org/x/text/width (from $GOROOT)
/home/user/Code/Go/src/golang.org/x/text/width (from $GOPATH)
make: *** [zgrab2] Error 1