Procnscan, a socket based scan to read and send requests.
Pending
~$ php procnscan.php
php procnscan.php
-c cidr/ip
-f Use a file with ip's
-p Port
-r String to look for, Default = *
-i Ignore case when check response
-w Request string to send
-m Module, Default = default (tomcat)
-t Threads, Default = 1
-o Output, Default = output.txt
-v Be verbose, Default = false
-x Exit on brute a valid credential
Example:
php procnscan.php -c 192.168.0.0/24 -p 80[,8080, ...] -w "HEAD / HTTP/1.1" -r "T
omcat" -t 20 -o output
Example with file:
php procnscan.php -f ips.txt -w "HEAD / HTTP/1.1" -r "Tomcat" -t 20 -o output
~$ php procnscan.php -c 127.0.0.1 -p 8080 -w "HEAD / HTTP/1.1"
-----------------
[+] 127.0.0.1:8080 [127.0.0.1]
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Wed, 18 May 2016 21:57:17 GMT
Connection: close
-----------------
~$ php procnscan.php -c 127.0.0.1 -p 8080 -w "HEAD /manager/html HTTP/1.1" -r "Tomcat"
[+][MATCH->Tomcat][127.0.0.1:8080] [127.0.0.1]
----------------
[+] 127.0.0.1:8080 [127.0.0.1]
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 19:00:00 COT
WWW-Authenticate: Basic realm="Tomcat Manager Application"
Content-Type: text/html;charset=utf-8
Content-Length: 954
Date: Wed, 18 May 2016 21:58:53 GMT
Connection: close
----------------
~$ php procnscan.php -c 127.0.0.0/24 -p 80 -t 20
---snip---
----------------
[+] 127.0.0.1:80 [127.0.0.1]
HTTP/1.1 200 OK
Content-Length: 689
Content-Type: text/html
Last-Modified: Sat, 20 Dec 2014 23:36:23 GMT
Accept-Ranges: bytes
ETag: "b27df8c3ad1cd01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Wed, 18 May 2016 22:07:40 GMT
Connection: close
----------------
---snip---
~$ php procnscan.php -c 127.0.0.1 -p 8080 -m tomcat
Checking 127.0.0.1:8080 [127.0.0.1]
[+][http://127.0.0.1:8080/manager/html] [admin:123456] [127.0.0.1]
~$ php procnscan.php -f hosts.txt -w "HEAD / HTTP/1.1"
------------------------------------------------------
[+] 127.0.0.1:8080 [127.0.0.1]
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Wed, 18 May 2016 22:50:23 GMT
Connection: close
----------------