https-finder/https_finder.py at main · bolbolabadi/https-finder · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/usr/bin/env python3

import argparse
import os
import subprocess
import threading
from concurrent.futures import ThreadPoolExecutor
import ipaddress
from pathlib import Path

# Define ports
NMAP_PORTS = """
73,80,81,82,83,85,86,88,89,90,92,93,128,152,280,313,333,433,441,442,443,444,591,593,631,664,666,677,777,783,832,981,100,999,1000,1001,1002,1004,1005,1006,1008,1009,1010,1011,1012,1013,1014,1015,1016,1018,1020,1024,1025,1026,1027,1028,1029,1030,1031,1032,1033,1034,1035,1036,1037,1038,1039,1040,1041,1042,1043,1044,1045,1046,1047,1048,1049,1050,1051,1052,1053,1054,1055,1056,1057,1058,1059,1060,1061,1062,1063,1064,1065,1066,1067,1068,1069,1070,1071,1072,1073,1074,1080,1088,1099,11000,11010,11011,11111,11122,11133,11173,11200,1129,11310,11371,11401,11501,11763,1180,1183,1184,12000,12002,12043,12046,12050,1206,12091,12111,12181,12222,1234,12343,12443,1254,1311,1323,1337,13400,13578,13728,14147,1433,1443,14884,15000,15001,1503,15047,15081,15091,15093,15094,15095,15096,15097,15098,15101,15300,16000,16051,1607,16080,16443,16732,16992,16993,1707,1717,17442,18003,18022,18025,18028,18080,18081,18084,18087,18091,18092,1818,18346,18347,18348,18443,18463,1880,1883,18888,1904,19080,19090,1943,19443,19543,1965,1980,1996,2000,2001,2004,2008,20100,20151,2018,2020,2025,20260,20450,2080,20800,20986,21021,2105,2137,21465,2197,2202,2223,2224,22224,22351,23000,23080,23085,23206,2378,2379,2381,24018,2480,2512,2516,2544,25443,25461,26005,26488,27016,27018,27760,2780,28000,28001,28013,28080,28081,28100,28181,28443,28527,28852,2893,2900,2999,3000,3001,3002,3003,3004,3005,3006,3008,3010,3011,3012,3013,3014,3015,3016,3018,3020,3024,3025,3029,3030,3031,3050,3070,3080,3088,3100,3103,31129,3128,3145,31457,31734,31735,31736,31737,31784,31793,3180,31896,3199,3200,3214,32249,32414,32420,32591,32769,32982,3300,3301,3323,3332,3333,3334,3335,3341,3361,3380,3392,3400,34080,3422,3443,3444,34443,34568,3500,35617,3590,36000,36363,3700,37001,38001,38080,38081,3810,38104,3939,3947,39536,39908,4000,4001,4002,4004,4009,4010,4011,4012,4019,4030,4035,4040,4041,4060,4061,4066,4090,4094,4100,4115,41200,41231,41541,4194,4200,42169,42200,4242,4245,4280,4284,43080,4326,43595,4400,44236,4430,44300,44301,44302,44304,44308,4431,44311,44312,44317,44318,4432,44321,44328,4433,44331,44332,44333,44339,44344,44345,44347,44349,44358,44362,44363,44367,44372,44373,44376,44377,44379,44380,44383,44387,44391,44394,44395,4441,4443,4444,4445,4449,445,446,4500,4501,4502,4503,45190,45193,45443,45453,4567,45723,4636,47080,4732,4747,47555,47777,48080,48090,48300,4838,48443,4848,4849,48787,49002,49008,49009,49153,49157,49158,49161,49256,49558,4996,5000,5001,5002,5003,5004,5005,5006,5007,5008,5009,5010,5011,5012,5013,5014,5015,5016,5017,5018,5019,5020,5021,5022,5023,5024,5025,5029,5030,5031,5035,50443,5048,5050,5051,5052,5055,50716,5080,5081,5082,5099,5100,5101,5104,5117,5122,5173,51980,51987,5199,5200,52151,52210,52235,52289,52443,52461,5254,52735,52769,5277,52860,5300,5309,53110,53200,53269,53392,53491,5390,54080,5432,54321,54334,5443,54435,54443,54541,546,5500,5501,55012,55080,55102,55132,55425,55474,5555,5566,5575,55838,5600,5601,5650,56684,5678,5683,57003,57570,5800,5801,5802,58198,58888,59119,59605,59659,5980,5984,5985,5986,5988,5989,5990,59881,59935,6000,6001,6002,6005,60037,60051,6015,6029,6060,6080,6084,60994,6102,61024,6111,61561,61608,61735,6242,62950,63202,63318,6336,63526,63551,6370,64005,64274,6443,64755,64759,64835,64950,6503,6504,65250,6567,6666,6675,6677,6697,6700,6771,6776,6782,6783,6784,6788,6969,6984,7000,7001,7002,7003,7004,7005,7008,7009,7010,7019,7020,7021,7022,7031,7040,7048,7060,7070,7071,7080,7085,7086,7090,7093,7100,7101,7103,7105,7112,7128,7135,7136,7148,7170,7171,7200,7202,7203,7204,7227,7248,7255,7256,7279,7294,7342,7380,7390,7419,7420,7433,7443,7450,7505,7521,7547,7575,7627,7654,7676,7677,7777,7779,7784,7800,7876,7878,7879,7888,7891,7943,7960,7979,7992,8000,8001,8002,8003,8004,8005,8008,8009,8010,8011,8012,8014,8015,8017,8020,8021,8022,8028,8030,8031,8032,8035,8040,8042,8049,8055,8057,8065,8066,8069,8070,8071,8072,8079,808,8080,8081,8082,8083,8084,8085,8086,8087,8088,8089,8090,8091,8092,8093,8094,8095,8096,8097,8098,8099,8100,8101,8104,8105,8106,8108,8111,8113,8115,8116,8117,8120,8121,8123,8125,8168,8180,8181,8182,8183,8186,8187,8189,8194,8200,8201,8203,8220,8221,8222,8243,8244,8246,8252,8280,8281,8282,8288,8290,8305,8320,8333,8343,8355,8393,8403,8419,8420,8433,8440,8442,8443,8444,8445,8446,8448,8449,8463,8480,8484,8485,8510,8530,8531,8574,8581,8585,8588,8597,8643,8666,8668,8680,8686,8688,8732,8735,8743,8760,8765,8771,8775,8780,8787,8800,8801,8804,8805,8808,881,8812,8840,8843,8844,8855,8863,8866,8880,8881,8882,8885,8886,8887,8888,8889,8890,8895,8897,8899,8900,8911,8920,8934,8935,8972,8980,8983,8984,8989,8991,8998,8999,9000,9001,9002,9003,9004,9005,9006,9009,9010,9011,9016,9020,9022,9023,9030,9038,9048,9052,9054,9060,9070,9080,9081,9082,9084,9089,9090,9091,9092,9093,9098,9099,9100,9108,9111,9113,9120,9150,9180,9191,9200,9201,9223,9247,9285,9292,9295,9300,9307,9319,9320,9347,9390,9400,9411,9443,9444,9446,9501,9506,9514,9543,9674,9675,9680,9700,9721,9802,9845,9876,9898,9900,9910,9930,9944,9980,9981,9990,9991,9997,9998,9999
""".replace("\n", "")

# Run Nmap on a single IP
def run_nmap(ip, output_dir):
    outfile = os.path.join(output_dir, f"{ip}.gnmap")
    cmd = [
        "nmap", "-Pn", "-sS", "--open", "-p", NMAP_PORTS,
        "-oG", outfile, ip
    ]
    subprocess.run(cmd, stdout=subprocess.DEVNULL)
    return outfile

# Extract open ports from Nmap greppable output
def parse_ports(gnmap_file):
    open_ports = {}
    with open(gnmap_file) as f:
        for line in f:
            if "/open/" in line:
                parts = line.strip().split()
                ip = parts[1]
                ports = [p.split("/")[0] for p in line.split("Ports:")[1].split(",") if "/open/" in p]
                if ip not in open_ports:
                    open_ports[ip] = []
                open_ports[ip].extend(ports)
    return open_ports

# Run httpx for each IP with its ports
def run_httpx(ip, ports, output_dir):
    targets = [f"{ip}:{port.strip()}" for port in ports]
    input_file = os.path.join(output_dir, f"{ip}_targets.txt")
    output_file = os.path.join(output_dir, f"{ip}_httpx.txt")
    with open(input_file, "w") as f:
        f.write("\n".join(targets))
    subprocess.run(["/home/alireza/go/bin/httpx", "-l", input_file, "-title", "-status-code", "-tech-detect", "-silent", "-o", output_file])

# Thread worker
def scan_worker(ip, output_dir):
    gnmap = run_nmap(ip, output_dir)
    open_ports = parse_ports(gnmap)
    if ip in open_ports:
        run_httpx(ip, open_ports[ip], output_dir)

# Parse command-line arguments
def parse_args():
    parser = argparse.ArgumentParser(description="Scan IPs/CIDRs for web services")
    group = parser.add_mutually_exclusive_group(required=True)
    group.add_argument("-u", help="Single IP or CIDR")
    group.add_argument("-l", help="File with list of IPs or CIDRs")
    return parser.parse_args()

# Expand CIDRs into IPs
def expand_targets(target):
    try:
        return [str(ip) for ip in ipaddress.IPv4Network(target, strict=False)]
    except Exception:
        return [target.strip()]

if __name__ == "__main__":
    args = parse_args()

    targets = []
    if args.u:
        targets = expand_targets(args.u)
        outdir = args.u.replace("/", "_")
    else:
        with open(args.l) as f:
            for line in f:
                targets.extend(expand_targets(line.strip()))
        outdir = Path(args.l).stem

    os.makedirs(outdir, exist_ok=True)

    with ThreadPoolExecutor(max_workers=20) as executor:
        for ip in targets:
            executor.submit(scan_worker, ip, outdir)

    print(f"[+] Done. Results saved in: {outdir}")