HackTool.Linux.FScan.C

This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Arrival Details

This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Other Details

This Hacking Tool does the following:

• It is used to automate intranet penetration testing, identifying vulnerabilities, misconfigurations, and exploitable services within internal networks.
• It performs the following:
  • Detect live hosts and perform port scans
  • Brute-force credentials for SSH and SMB
  • Scan for system and web vulnerabilities
  • Execute remote commands via SSH and WMI
  • Exploit Redis for shell access and task execution
  • Save results or output in JSON format
  • Customize scan concurrency, timeouts, and behavior
• It uses the following version of FScan:
  • FScan v1.8.4 (Linux)

It accepts the following parameters:

• -br {int} → Brute threads (default 1)
• -c {string} → exec command (ssh|wmiexec)
• -cookie {string} → set poc cookie,-cookie rememberMe=login
• -debug {int} → every time to LogErr (default 60)
• -dns → using dnslog poc
• -domain {string} → smb domain
• -full → poc full scan,as: shiro 100 key
• -h {string} → IP address of the host you want to scan,for example: 192.168.11.11 | 192.168.11.11-255 | 192.168.11.11,192.168.11.12
• -hash {string} → hash
• -hf {string} → host file, -hf ip.txt
• -hn {string} → the hosts no scan,as: -hn 192.168.1.1/24
• -json → json output
• -m {string} → Select scan type ,as: -m ssh (default "all")
• -no → not to save output log
• -nobr → not to Brute password
• -nocolor → no color
• -nopoc → not to scan web vul
• -noredis → no redis sec test
• -np → not to ping
• -num {int} → poc rate (default 20)
• -o {string} → Outputfile (default "result.txt")
• -p {string} → Select a port,for example: 22 | 1-65535 | 22,80,3306 (default "21,22,80,81,135,139,443,445,1433,1521,3306,5432,6379,7001,8000,8080,8089,9000,9200,11211,27017")
• -pa {string} → add port base DefaultPorts,-pa 3389
• -path {string} → fcgi、smb romote file path
• -ping → using ping replace icmp
• -pn {string} → the ports no scan,as: -pn 445
• -pocname {string} → use the pocs these contain pocname, -pocname weblogic
• -pocpath {string} → poc file path
• -portf {string} → Port File
• -proxy {string} → set poc proxy, -proxy http://127.0.0.1:8080
• -pwd {string} → password
• -pwda {string} → add a password base DefaultPasses,-pwda password
• -pwdf {string} → password file
• -rf {string} → redis file to write sshkey file (as: -rf id_rsa.pub)
• -rs {string} → redis shell to write cron file (as: -rs 192.168.1.1:6666)
• -sc {string} → ms17 shellcode,as -sc add
• -silent → silent scan
• -socks5 {string} → set socks5 proxy, will be used in tcp connection, timeout setting will not work
• -sshkey {string} → sshkey file (id_rsa)
• -t {int} → Thread nums (default 600)
• -time {int} → Set timeout (default 3)
• -top {int} → show live len top (default 10)
• -u {string} → url
• -uf {string} → urlfile
• -user {string} → username
• -usera {string} → add a user base DefaultUsers,-usera user
• -userf {string} → username file
• -wmi → start wmi
• -wt {int} → Set web timeout (default 5)