rustscan / rustscan Goto Github PK
View Code? Open in Web Editor NEW🤖 The Modern Port Scanner 🤖
License: GNU General Public License v3.0
🤖 The Modern Port Scanner 🤖
License: GNU General Public License v3.0
"Rustscan - Faster port scanning for Nmap"
"Faster nmap port scanning with Rust"
"Faster Scanning for Nmap"
"Faster Nmap Scanning with Rust"
"Faster Scanning with Rust"
Not sure how sockets work in Rust.
But would be good to apply a 0.5 second timeout to their connections :)
Due to the scanner already being able to scan all 65k ports in an absurdly short amount of time, the key to optimizing the speed and efficiency of the application without causing client/server issues is to control the timing and delay between outbound packets to prevent the server from being overwhelmed.
A good start would be to actively track and calculate the averages between a SYN/ACK response and have the application automatically adjust the timing/delay based off of this average, and possibly have further controls to allow quicker or slower outbound packets based on the situation.
May also have further optimization by analyzing and checking the target OS's networking capabilities, possibly different OS have a better tolerance for faster responses.
The current PKGBUILD file is:
# Maintainer: Bee <[email protected]>
pkgname=rustscan-bin
pkgver=1.2.0
pkgrel=1
pkgdesc="Faster Nmap Scanning with Rust"
url="https://github.com/brandonskerritt/rustscan"
license=("MIT")
arch=("x86_64")
provides=("rustscan")
depends=('rustup')
package() {
rustup toolchain install stable && cargo install rustscan
}
This is not located in this repository. Instead, I cloned the AUR version to get the file.
I know very little about publishing to the AUR.
This isn't a nice solution, at least I don't believe it to be, because it simply installs Rust and then uses Rust's Cargo to install RustScan.
With the Homebrew version, it downloads the tar file and builds the binary.
https://github.com/brandonskerritt/homebrew-rustscan/blob/master/Formula/rustscan.rb
Can someone with more Arch experience than I please make the PKGBUILD better, or help suggest how to make the install easier?
When you SIGINT ctrl+c end nmap, it still runs in the background but prints to STDOUT. Please fixerino.
I have a docker file which builds RustScan on RPI (as well as normal Debian).
Normal Debian succeeds.
To recreate, run this file:
https://github.com/brandonskerritt/RustScan/blob/master/rustscan-debbuilder/run.sh
Something about maths with U64 and U32 not possible.
This issue tracks multiple issues for the "adaptive learning" version of RustScan.
If port == 80, print http://$IP:80
So user can easily click on in terminal and access the website while they wait
Quiet mode is a mode that intends 2 things:
> rustscan 127.0.0.1
80, 264, 482
^^ Note: port numbers and IP are an example.
> rustscan 127.0.0.1
"80, 264, 482"
When doing something like rustscan 127.0.0.1 > ports.txt
, the file ports.txt
will contain quotations which the user will have to manually delete.
This is the line of code causing this issue
https://github.com/brandonskerritt/RustScan/blob/master/src/main.rs#L186
ubuntu18-04:/tmp# ls -1 | grep rust
rustscan
ubuntu18-04:/tmp# ll -1 | grep rust
-rwxr-xr-x 1 dengolius 1001 3957296 Jul 23 12:06 rustscan*
ubuntu18-04:/tmp# ./rustscan 1.1.1.1
bash: ./rustscan: No such file or directory
ubuntu18-04:/tmp# rm -rf /usr/local/bin/rustscan_1.1.0_amd64.deb
ubuntu18-04:/tmp# rm -rf /usr/local/bin/rustscan
ubuntu18-04:/tmp# chmod +x rustscan
ubuntu18-04:/tmp# ./rustscan 1.1.1.1
bash: ./rustscan: No such file or directory
my system
ubuntu18-04:/tmp# cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.4 LTS"
NAME="Ubuntu"
VERSION="18.04.4 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.4 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
ubuntu18-04:/tmp# uname -a
Linux px4-zabbix 4.15.0-108-generic #109-Ubuntu SMP Fri Jun 19 11:33:10 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
ubuntu18-04:/tmp#
$ brew install rustscan
Updating Homebrew...
==> Installing rustscan from brandonskerritt/rustscan
==> Downloading https://github.com/brandonskerritt/RustScan/releases/download/1.0.1/rustscan.tar.gz
==> Downloading from https://github-production-release-asset-2e65be.s3.amazonaws.com/278933035/ee7d7e80-c9ca-11ea-8bc9-ff510bfbd428?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credent
######################################################################## 100.0%
🍺 /usr/local/Cellar/rustscan/1.0.1: 3 files, 3.6MB, built in 6 seconds
$ /usr/local/Cellar/rustscan/1.0.1/bin/rustscan
-bash: /usr/local/Cellar/rustscan/1.0.1/bin/rustscan: cannot execute binary file: Exec format error
$ file /usr/local/Cellar/rustscan/1.0.1/bin/rustscan
rustscan: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /home/linuxbrew/.linuxbrew/lib/ld.so, for GNU/Linux 3.2.0, with debug_info, not stripped
I also tried manualy downloading/running rustscan-1.0.1-x86_64.tar.gz but it is also Linux binary. Looks like you are missing macos build in releases section.
Describe the bug
Hello,
I am writing a PKGBUILD for arch user following the Rust package guidelines
But I am unable to build the package with the latest version 1.2.0. Cargo failed with the following error message.
==> Starting build()...
Updating crates.io index
error: the lock file /build/rustscan/src/RustScan-1.2.0/Cargo.lock needs to be updated but --locked was passed to prevent this
If you want to try to generate the lock file without accessing the network, use the --offline flag.
To Reproduce
cargo build --release --locked --all-features --target-dir=target
Expected behavior
I can build the binary
Screenshots
See the desc.
Desktop (please complete the following information):
Smartphone (please complete the following information):
N/A
Additional context
N/A
It is cool to gain speed but careful ! 🚒
When scanning a single IP, opening as much file descriptors (sockets) on the specified IP can be harmfull.
Example: "Do not use this tool against sensitive infrastructure blah blah blah"
Makes me a very sad boy not being able to use ipv6
Did you just see this error?
Try this guide:
https://github.com/brandonskerritt/RustScan/blob/master/README.md#-thread-paniced-at-main-too-many-open-files
On manjaro, I tried to install it with yay
With user access it says: command not found
With root access it throws: sudo: unable to execute /usr/bin/rustscan: No such file or directory
uname -a
DISTRIB_ID=ManjaroLinux
DISTRIB_RELEASE=20.0.3
DISTRIB_CODENAME=Lysia
whereis rustscan
rustscan: /usr/bin/rustscan
Hello.
I am attempting to run RustScan against a lab machine using my favorite set of Nmap flags, which includes --script "(vuln and safe) or default"
; however, this appears to fail if I do it through RustScan, potentially because RustScan misinterprets the parenthesis. See the screenshots below:
Running this in Kali Linux 2020.3. Please let me know if you have any questions.
Some people want to write exploit modules with RustScanner
But I don't, as RustScanner is for improving Nmap.
A custom exploit module system written in Python.
So we already have the IP's and port numbers to pass into Nmap.
What if, instead of passing straight to Nmap, we check to see if a module exists (either via arguments) or if a Rust module exists.
If it does, run the exploits in that module against the ports / IP addresses.
We should focus on 2 things:
Homebrew core is the core Homebrew formulae.
Instead of the 2 step approach we currently have for homebrew, if we publish to core, we can change it to brew install rustscan
Another pentesting tool, Pwncat, is in Homebrew core with 400 stars. This means that, Rustscan, with 700 stars, should be able to make it into Homebrew core.
To do this, we will need to re-create the Homebrew file and submit it as a pull request to Core. The current file can be found here:
https://github.com/brandonskerritt/homebrew-rustscan/blob/master/Formula/rustscan.rb
Pwncat's Homebrew core file looks like:
https://github.com/Homebrew/homebrew-core/blob/master/Formula/pwncat.rb
It would be a good idea to take inspiration from Pwncat, as I have found the Homebrew documentation to be confusing.
The documentation for Homebrew core is here:
https://github.com/Homebrew/homebrew-core/blob/master/CONTRIBUTING.md#to-add-a-new-formula-for-foo-version-234-from-url.
I am looking for some help to do this, as I am not a Mac user. If anyone wants to help out, you will be added to the README along with all the other contributors :D
makepkg -si gives:
╱ ~/hack/RustScan ╱ on master at 17:24:47 ─╮
❯ makepkg -si ─╯
==> Making package: rustscan-bin 1.1.0-1 (divendres, 24 de juliol de 2020, 17:25:04)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
==> Extracting sources...
==> Entering fakeroot environment...
==> Starting package()...
info: syncing channel updates for 'stable-x86_64-unknown-linux-gnu'
stable-x86_64-unknown-linux-gnu unchanged - rustc 1.45.0 (5c1f21c3b 2020-07-13)
Updating crates.io index
Installing rustscan v1.2.0
error: failed to compile `rustscan v1.2.0`, intermediate artifacts can be found at `/tmp/cargo-installbAu89n`
Caused by:
failed to download `proc-macro-nested v0.1.6`
Caused by:
unable to get packages from source
Caused by:
failed to parse manifest at `/home/tux/.cargo/registry/src/github.com-1ecc6299db9ec823/proc-macro-nested-0.1.6/Cargo.toml`
Caused by:
no targets specified in the manifest
either src/lib.rs, src/main.rs, a [lib] section, or [[bin]] section must be present
==> ERROR: A failure occurred in package().
Aborting...
❯ cat /home/tux/.cargo/registry/src/github.com-1ecc6299db9ec823/proc-macro-nested-0.1.6/Cargo.toml
# THIS FILE IS AUTOMATICALLY GENERATED BY CARGO
#
# When uploading crates to the registry Cargo will automatically
# "normalize" Cargo.toml files for maximal compatibility
# with all versions of Cargo and also rewrite `path` dependencies
# to registry (e.g., crates.io) dependencies
#
# If you believe there's an error in this file please file an
# issue against the rust-lang/cargo repository. If you're
# editing this file be aware that the upstream Cargo.toml
# will likely look very different (and much more reasonable)
[package]
name = "proc-macro-nested"
version = "0.1.6"
authors = ["David Tolnay <[email protected]>"]
description = "Support for nested proc-macro-hack invocations"
license = "MIT OR Apache-2.0"
repository = "https://github.com/dtolnay/proc-macro-hack"
[package.metadata.docs.rs]
targets = ["x86_64-unknown-linux-gnu"]
Any ideas what is wrong? Is it my system? I had no problem with Rust packages lately. Thanks!
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
Add any other context about the problem here.
Let the user enter the custom nmap string
Some ports such as 21, 22, 80, 8080 appear more frequently then others.
It may be beneficial to create a list of these ports, and then remove this set from the set of ports.
This way, we can target the most popular first (so the user knows exactly what to look at)
While maintaining the longevity of the program
Users want to write exploit modules with RustScan. Specifically, they feel ike Nmap's LUA isn't modern enough, or they want to pipe the output of RustScan into the input of a script.
They want to write exploit scripts using RustScan.
But we, the core maintainers of RustScan, cannot possibly compete with Nmap for scripts -- especially when we are focussed mostly on improving RustScan.
We introduce a RustScan Scripting Engine which will allow anyone to create scripts, or custom exploits and use them in RustScan.
This way, the community can build scripts and exploits if they want -- while we are RustScan work on improving the scanner generally.
We should use Python to allow users to write scripts. Rust. Firstly, Rust has always had very good support for foreign function interfaces (FFI) with Python. You can even write inline Python with Rust.
We should consider using Pyo3.
https://github.com/PyO3/pyo3.
Python is easily the most friendly programming language around, Many people know it, and a lot of exploits (from Exploit-DB) are written in Python.
Giving the user the ability to not only write custom scripts for RustScan, but to do so in Python would be a huge plus.
We need to create a default template, so RustScan can easily intrepret the template and use it.
The exact template is unknown, until we look at Pyo3. However, Pyo3 has this Rust code (for calling Python from Rust):
use pyo3::prelude::*;
use pyo3::types::IntoPyDict;
fn main() -> Result<(), ()> {
Python::with_gil(|py| {
main_(py).map_err(|e| {
// We can't display Python exceptions via std::fmt::Display,
// so print the error here manually.
e.print_and_set_sys_last_vars(py);
})
})
}
fn main_(py: Python) -> PyResult<()> {
let sys = py.import("sys")?;
let version: String = sys.get("version")?.extract()?;
let locals = [("os", py.import("os")?)].into_py_dict(py);
let code = "os.getenv('USER') or os.getenv('USERNAME') or 'Unknown'";
let user: String = py.eval(code, None, Some(&locals))?.extract()?;
println!("Hello {}, I'm Python {}", user, version);
Ok(())
}
We should have an array (or vector) at the top of the script as an attribute. This vector will describe the tags the script has. Which is talked about next.
We should also either fetch the documentation from the documentation comments ///
if possible, or suggest the user fill in attributes for documentation.
Preferably, the user will write something like:
tags = [core_approved, http, robotstxt, hyper, get_request]
ports = [80]
name = "Robots.txt grabbing"
description = "Grabs the robots.txt file from webservers"
Ideally, we would have either another script which can detect when a port is a web-server, which the user can import and use in their Python script.
Note in the Pyo3 script, it is possible to import other Python modules and use them.
However, also note that Pyo3 looks a bit alien. Check out the documentation to see how alien it looks:
https://pyo3.rs/v0.11.1/python_from_rust.html.
We may need to choose another FFI library, we may not. Please discuss in the comments.
Perhaps Rust-cpython:
https://github.com/dgrunwald/rust-cpython.
For our example, we have tags (discussed next), the ports (the port numbers it should activate on), the name and description -- which are all useful.
The tagging system is a revelation in choosing scripts to run.
Instead of creating pre-defined groups (such as "quiet" scripts), because we are letting users create and uploda their own scripts, we should use a tagging system.
Each module has "tags" as seen here tags = [core_approved, http, robotstxt, hyper, get_request]
.
These tags define what the module does, or other things about it. Think of it as tagging blogposts or categorising YouTube videos.
The creators of RustScan will have to decide on some pre-set tags, and should allow users to add their own tags if we see fit. As in, a user can submit a potential tag for use in the RustScan ecosystem.
A good starting tag is core_approved
. This means the script is directly approved by the core team of RustScan for use. While we should vet every script we get, some scripts are easily more vetted than others.
Now, the question arises:
How do users enter tags?
And this is the mind-blowing part.
The tagging system is set theory.
Users can create intersections, unions and all sorts of set theory to personalise the category to exactly what they want. If you want everything in core_approved
and quiet
but is also in (intersecion) with http
you can.
Set theory will allow you to construct any groups you want. Complete and utter freedom to the user.
But, the axiom of choice may come into play. There may be too many options for the user.
To counter this, we should create some set-categories which are just Set Theory but abstracted to an argument.
We can have an example for "http scripts approved by core_team", which in set theory is http and core_team
, and then we can abstract it to a single argument such as -sHC
for "H = HTTP" and "C = Core_team".
We let the users have the cake (complete and utter freedom) and eat it too (abstraction of arguments).
These scripts should be stored in a repository. I propose we build a "RustScan Community Repo" for all of these scripts.
That way, we can easily control and handle the scripts themselves while also letting users have a centralised place for them if they wish to upload the scripts (not all scripts have to be uploaded)
When the user wants to use scripts, we can download the scripts from the GitHub repo (with an argument to allow downloading / updating) and store it somewhere like APPDIRS.
RustScan will then use this location of scripts to fuel its RSE (RustScan Scripting Engine).
If the scripts grow too large, we will eventually have to do something about that. But that's a problem for later us.
Not only should users have the ability to use set theory, but we should build a tool which fuzzy-searches modules (so users can easily find them) and to run them if they wish.
An example of this is if the user was to search "http robots.txt". It would show all modules which matched this (via the description or name or tags), and the user can use these searches to execute scripts too.
If a user was to enter a specific name such as "http_robots_txt", the search will only return that so the user can have pin-point specific script usage.
"Fuzzy finding" scripts. Each script has a description, find scripts that match this description to run.
For users to be able to submit scripts to RustScan, we should implement heavy continuous integration to make sure it doesn't break anything and to allow the core team to spend more time working on RustScan rather than the scripting engine.
Something that adapts to the user's host is an awesome idea! :)
It can also learn or allow a config file for default commands in the future, things like:
Originally posted by @bernardoamc in #69 (comment)
The biggest complaint is that RustScan is too noisy.
When I add multiple IP support, what if I do something like this:
for every IP address:
check port X
sleep(1)
This way, we are only checking 1 port at a time with TIMEOUT delay, but because we are checking them across every IP it should run in the same time, but be less noisy to a specific single server.
Installed with Homebrew, upon running I get the following error:
thread 'main' panicked at 'Too many open files. Please reduce batch size. The default is 5000. Try -B 2500.', src/main.rs:179:21
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace```
I'm on 10.15.5.
Describe the bug
Can't compile on windows-x86_64-msvc target with rlimit
To Reproduce
cargo install rustscan
Expected behavior
the tool is installed
Screenshots
PS> cargo install rustscan
Updating `https://mirrors.sjtug.sjtu.edu.cn/git/crates.io-index` index
Installing rustscan v1.2.0
# ... many thing compiles
Compiling libc v0.2.73
Compiling rlimit v0.3.0
error[E0432]: unresolved import `libc::rlim_t`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:43:5
|
43 | use libc::rlim_t as __rlim_t;
| ^^^^^^^^^^^^^^^^^^^^^^^^ no `rlim_t` in the root
error[E0432]: unresolved import `libc::rlimit`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:44:5
|
44 | use libc::rlimit as __rlimit;
| ^^^^^^^^^^^^^^^^^^^^^^^^ no `rlimit` in the root
error[E0432]: unresolved import `libc::getrlimit`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:46:5
|
46 | use libc::getrlimit as __getrlimit;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ no `getrlimit` in the root
error[E0432]: unresolved import `libc::setrlimit`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:47:5
|
47 | use libc::setrlimit as __setrlimit;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ no `setrlimit` in the root
error[E0425]: cannot find value `RLIM_INFINITY` in crate `libc`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:57:39
|
57 | pub const RLIM_INFINITY: rlim = libc::RLIM_INFINITY;
| ^^^^^^^^^^^^^ not found in `libc`
|
help: consider importing this constant
|
39 | use crate::RLIM_INFINITY;
|
error[E0425]: cannot find value `RLIMIT_CORE` in crate `libc`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:73:18
|
73 | CORE = libc::RLIMIT_CORE as _,
| ^^^^^^^^^^^ not found in `libc`
error[E0425]: cannot find value `RLIMIT_CPU` in crate `libc`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:77:17
|
77 | CPU = libc::RLIMIT_CPU as _,
| ^^^^^^^^^^ not found in `libc`
error[E0425]: cannot find value `RLIMIT_DATA` in crate `libc`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:82:18
|
82 | DATA = libc::RLIMIT_DATA as _,
| ^^^^^^^^^^^ not found in `libc`
error[E0425]: cannot find value `RLIMIT_FSIZE` in crate `libc`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:86:19
|
86 | FSIZE = libc::RLIMIT_FSIZE as _,
| ^^^^^^^^^^^^ not found in `libc`
error[E0425]: cannot find value `RLIMIT_STACK` in crate `libc`
--> C:\Users\huangjj27\.cargo\registry\src\mirrors.sjtug.sjtu.edu.cn-7a04d2510079875b\rlimit-0.3.0\src\lib.rs:148:19
|
148 | STACK = libc::RLIMIT_STACK as _,
| ^^^^^^^^^^^^ not found in `libc`
error: aborting due to 10 previous errors
Some errors have detailed explanations: E0425, E0432.
For more information about an error, try `rustc --explain E0425`.
error: could not compile `rlimit`.
To learn more, run the command again with --verbose.
warning: build failed, waiting for other jobs to finish...
error: failed to compile `rustscan v1.2.0`, intermediate artifacts can be found at `C:\Users\HUANGJ~1\AppData\Local\Temp\cargo-installlkP9Gb`
Caused by:
build failed
Desktop (please complete the following information):
Additional context
r_lim_t
is publiced.I really love rustscan and I use it to scan cidr but it will be very useful If there is a option not to run nmap scan because nmap scan eat a lot of time.
I've installed the latest .deb from the release page on WSL2 kali and it crashes when doing a scan. I have nmap installed.
kali@Anonymous:/tmp$ rustscan 192.168.1.140
_____ _ _____
| __ \ | | / ____|
| |__) | _ ___| |_| (___ ___ __ _ _ __
| _ / | | / __| __|\___ \ / __/ _` | '_ \
| | \ \ |_| \__ \ |_ ____) | (_| (_| | | | |
|_| \_\__,_|___/\__|_____/ \___\__,_|_| |_|
Faster nmap scanning with rust.
Automated Decryption Tool - https://github.com/ciphey/ciphey
Creator https://github.com/brandonskerritt
Open 80
Os { code: 24, kind: Other, message: "Too many open files" }
thread 'main' panicked at 'Too many open files. Please reduce batch size. The default is 5000. Try -b 2500.', src/main.rs:179:21
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
It would be helpful to print the Nmap command which will be run after the initial port scan is complete so that if Nmap crashes (or flags were forgotten) the command is easily recoverable.
how i can use already installation git clone https://github.com/brandonskerritt/RustScan.git
after done the installation i can't run on centos 7
please give me all info about setup and the run commands on centos
thank you
Is it possible to give a feature where you don't want to do nmap and just save open ports to a file.
Describe the bug
RustScan should auto-detect the ulimit, the batch size, and then reduce the batch size if the ulimit < batch size.
However, in this case, this does not happen.
$ hak ~ rustscan 127.0.0.1
_____ _ _____
| __ \ | | / ____|
| |__) | _ ___| |_| (___ ___ __ _ _ __
| _ / | | / __| __|\___ \ / __/ _` | '_ \
| | \ \ |_| \__ \ |_ ____) | (_| (_| | | | |
|_| \_\__,_|___/\__|_____/ \___\__,_|_| |_|
Faster nmap scanning with rust.
Automated Decryption Tool - https://github.com/ciphey/ciphey
Creator https://github.com/brandonskerritt
Os { code: 24, kind: Other, message: "Too many open files" }
thread 'main' panicked at 'Too many open files. Please reduce batch size. The default is 5000. Try -b 2500.', src/main.rs:179:21
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
$ hak ~ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 31513
max locked memory (kbytes, -l) 1024302
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 31513
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
$ hak ~ ulimit -Hn
1048576
$ hak ~ ulimit -Sn
1024
$ hak ~
I believe this is because the checker only works on the first item in result from Rlimit, which might be the hard limit?
https://docs.rs/rlimit/0.3.0/rlimit/fn.setrlimit.html
It would be beneficial to implement soft limit checks too.
To Reproduce
Set ulimit -Hn
to 1048576
Set ulimit -Sn
to 1024
Run RustScan
Expected behavior
RustScan automatically scales back the batch size to be under the ulimit.
Desktop (please complete the following information):
Kali Linux in a virtual machine
@sciguy16 You are probably right! I will see if the IpAddr data type will tell me whether it's IPv6, and will automatically pass it :)
Originally posted by @brandonskerritt in #15 (comment)
Can we scan ip address from the text file??
I think it'd be nice to be able to run RustScan on multiple IPs, either through:
iL
flag).Thanks for the nice tool! 🙏
The top thousand ports covers 99% of the use cases and might be enough for most people doing CTFs or recon in general.
Implement something like --top-ports
akin to nmap
that scans the top 1000
TCP ports. In the future we could extend it to also include UDP
.
Scanner
struct.Increase the amount of times RistScan retries scanning before giving up
More of a feature request: UDP port scanning is taking exponentially longer than TCP port scanning.
Would your approach help reduce the scan time?
From Discord
honestly you could get the time inbetween a SYN/ACK and use the average of that to make the time between packets constantly updating based on the server's response
that way it'll adjust automatically and optimize itself
thats a good idea, i also want to change how long it waits for timeout based on the ping / average response
I need to automate these processes:
Hello found your tool today and been trying to get my custom nmap flags to work. Reading the documentation it says passing flags after -- will provide them to nmap but im having no luck in doing so.
I think the best way would be to use the ulimit
syscall to read the value and then set it automatically depending on what is available 👍
And then, notify the user about this "The current FD limit is too small, increase is blah blah".
Originally posted by @SakiiR in #21 (comment)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.