LadonGo Versions Save
Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
v3.8
2 years ago3.8 2021.7.23 [+] MongodbScan Mongodb密码爆破(支持无密码验证) [+] NbtInfo NBT获取主机信息 [u] 端口开放不需要输出txt [u] 修复字典为空不提示的Bug
3.8 2021.5.8 [+] RouterOSScan (Using RouterOS API Brute-For 8728 Port) [+] 支持批量C段、B段 ip24.txt、ip16.txt
3.7 2021.4.21 [+] CVE-2018-14847 (Export RouterOS Password 6.29 to 6.42) Usage: Ladon CVE-2018-14847 ip port Example: Ladon CVE-2018-14847 192.168.1.8 8291 Ladon 192.168.1.8/24 CVE-2018-14847 Ladon 192.168.1.8/b CVE-2018-14847 Ladon ip.txt CVE-2018-14847
v3.6
3 years ago3.6 2021.3.17 CVE-2021-26855 (Check CVE-2021-26855 Microsoft Exchange SSRF) [+] FindExchange快速定位Exchange主机
3.5 2021.2.26 [+] CVE-2021-21972 (Check VMware vCenter 6.5 6.7 7.0 Rce Vul)
3.4 2021.2.20 Onekey Install [+] make install [+] go run install.go
v3.5
3 years ago3.5 2021.2.26 [+] CVE-2021-21972 (Check VMware vCenter 6.5 6.7 7.0 Rce Vul)
3.5 2021.2.20 Onekey Install [+] make install [+] go run install.go
3.4 2021.2.3 [+] PhpShell 菜刀PHP一句话连接执行命令 [u] PhpStudyDoor PhpStudy后门执行命令
3.4 2021.2.1 [+] 添加Make编译 [+] 添加mod文件
v3.4
3 years ago3.4 2021.2.3 [+] PhpShell 菜刀PHP一句话连接执行命令 [u] PhpStudyDoor PhpStudy后门执行命令
3.4 2021.2.1 [+] 添加Make编译 [+] 添加mod文件
3.3
3 years ago3.3 2021.01.14 [u] 修复无权限写文件时,结束密码爆破的BUG [u] 修复B段、A段漏扫0段的BUG [u] PortScan 增加Ruby on Rails默认WEB端口3000 [+] RedisScan Redis未授权访问扫描 [u] TcpBanner 范围端口 例子: Ladon ip/24 TcpBanner 80-89 [u] PortScan 范围端口 例子: Ladon ip/24 PortScan 80-89 [u] TcpBanner 指定端口 例子: Ladon ip/24 TcpBanner 80 [u] PortScan 指定端口 例子: Ladon ip/24 PortScan 80
3.2
3 years ago3.2 2020.12.18 [u] PortScan默认扫Banner 高亮显示SSH、HTTP、FTP服务 [+] TcpBanner 自定义端口 例子: Ladon ip/24 TcpBanner 80,135,445 [+] PortScan 自定义端口 例子: Ladon ip/24 PortScan 80,135,445 [u] 修复ICMP误报的问题(icmp_seq=1 Destination Host Unreachable)
3.1
3 years ago
3.0
3 years agoWiki
简介
LadonGo一款开源网络渗透扫描器框架,使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.0版本包含23个模块功能,高危漏洞检测MS17010、SmbGhost,远程执行SshCmd、WinrmCmd,密码爆破SmbScan、SshScan、FtpScan、MysqlScan、MssqlScan、OracleScan、SqlplusScan、WinrmScan、HttpBasicScan,存活探测/信息收集/指纹识别PingScan、IcmpScan,HttpBanner、HttpTitle、TcpBanner、WeblogicScan、OxidScan,端口扫描PortScan。
功能模块
Detection
| . | . |
|---|---|
| PingScan | (Using system ping to detect Online hosts) |
| IcmpScan | (Using ICMP Protocol to detect Online hosts) |
| SnmpScan | (Using Snmp Protocol to detect Online hosts) |
| HttpBanner | (Using HTTP Protocol Scan Web Banner) |
| HttpTitle | (Using HTTP protocol Scan Web titles) |
| T3Scan | (Using T3 Protocol Scan Weblogic hosts) |
| PortScan | (Scan hosts open ports using TCP protocol) |
| TcpBanner | (Scan hosts open ports using TCP protocol) |
| OxidScan | (Using dcom Protocol enumeration network interfaces) |
VulDetection
| . | . |
|---|---|
| MS17010 | (Using SMB Protocol to detect MS17010 hosts) |
| SmbGhost | (Using SMB Protocol to detect SmbGhost hosts) |
BruteForce
| . | . |
|---|---|
| SmbScan | (Using SMB Protocol to Brute-For 445 Port) |
| SshScan | (Using SSH Protocol to Brute-For 22 Port) |
| FtpScan | (Using FTP Protocol to Brute-For 21 Port) |
| 401Scan | (Using HTTP BasicAuth to Brute-For web Port) |
| MysqlScan | (Using Mysql Protocol to Brute-For 3306 Port) |
| MssqlScan | (Using Mssql Protocol to Brute-For 1433 Port) |
| OracleScan | (Using Oracle Protocol to Brute-For 1521 Port) |
| WinrmScan | (Using Winrm Protocol to Brute-For 5985 Port) |
| SqlplusScan | (Using Oracle Sqlplus Brute-For 1521 Port) |
RemoteExec
| . | . |
|---|---|
| SshCmd | (SSH Remote command execution Default 22 Port) |
| WinrmCmd | (Winrm Remote command execution Default 5985 Port) |
Exploit
| . | . |
|---|---|
| PhpStudyDoor | (PhpStudy 2016 & 2018 BackDoor Exploit) |
2.0
3 years ago简介
LadonGo一款开源渗透扫描器框架,使用它可轻松批量探测C段、B段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。2.0版本包含15个模块功能,高危漏洞检测MS17010、SmbGhost,远程执行SshCmd、WinrmCmd,密码爆破SmbScan、SshScan、FtpScan、MysqlScan、WinrmScan,存活探测/信息收集/指纹识别PingScan、IcmpScan,BannerScan、HttpTitle、WeblogicScan,端口扫描PortScan。
功能模块
Detection: PingScan (Using system ping to detect Online hosts) IcmpScan (Using ICMP Protocol to detect Online hosts) HttpBanner (Using HTTP Protocol Scan Web Banner) HttpTitle (Using HTTP protocol Scan Web titles) T3Scan (Using T3 Protocol Scan Weblogic hosts) PortScan (Scan hosts open ports using TCP protocol)
VulDetection: MS17010 (Using SMB Protocol to detect MS17010 hosts)) SmbGhost (Using SMB Protocol to detect SmbGhost hosts))
BruteForce: SmbScan (Using SMB Protocol to Brute-For 445 Port)) SshScan (Using SSH Protocol to Brute-For 22 Port)) FtpScan (Using FTP Protocol to Brute-For 21 Port)) MysqlScan (Using Mysql Protocol to Brute-For 3306 Port)) WinrmScan (Using Winrm Protocol to Brute-For 5985 Port))
RemoteExec: SshCmd (SSH Remote command execution Default 22 Port)) WinrmCmd (Winrm Remote command execution Default 5985 Port))
1.0
3 years agoDetection: PingScan (Using system ping to detect Online hosts) IcmpScan (Using ICMP Protocol to detect Online hosts) BannerScan (Using HTTP Protocol to detect Banner hosts) WeblogicScan (Using T3 Protocol to detect Weblogic hosts) PortScan (Scan hosts open ports using TCP protocol) MS17010 (Using SMB Protocol to detect MS17010 hosts)) SmbGhost (Using SMB Protocol to detect SmbGhost hosts))
Brute-Force: SmbScan (Using SMB Protocol to Brute-For 445 Port)) SshScan (Using SSH Protocol to Brute-For 22 Port)) FtpScan (Using FTP Protocol to Brute-For 21 Port)) MysqlScan (Using Mysql Protocol to Brute-For 3306 Port))
Example: Ladon 192.168.1.8/24 MS17010 Ladon 192.168.1/c MS17010 Ladon 192.168/b MS17010 Ladon 192/a MS17010