巡风之使用小技巧

技巧一、如何无需等待直接扫描？

笔者在安装完巡风系统时，迫不期待就想着学习如何使用巡风。但蛋疼的事情来了，巡风没有资产其他功能都用不了。更蛋疼的是巡风在探测资产时，都是到配置里设置好的时间点才会去探测。还好笔者会点python,写了个直接扫描无需等待的py脚本。完美解决~

步骤：

1. 在巡风系统nascan目录下，创建一个脚本文件NowNAScan.py

1. 复制以下源码到创建的脚本里

   # coding:utf-8
   # author:gv·残亦
   import thread
   from lib.common import *
   from lib.start import *
   if __name__ == "__main__":
    try:
        CONFIG_INI = get_config()  # 读取配置
        log.write('info', None, 0, u'获取配置成功')
        STATISTICS = get_statistics()  # 读取统计信息
        MASSCAN_AC = [0]
        NACHANGE = [0]
        thread.start_new_thread(monitor, (CONFIG_INI,STATISTICS,NACHANGE))  # 心跳线程
        thread.start_new_thread(cruise, (STATISTICS,MASSCAN_AC))  # 失效记录删除线程
        socket.setdefaulttimeout(int(CONFIG_INI['Timeout']) / 2)  # 设置连接超时
   
        log.write('info', None, 0, u'扫描规则: ' + str(CONFIG_INI['Cycle']))
   
        NACHANGE[0] = 0
        log.write('info', None, 0, u'开始扫描')
        s = start(CONFIG_INI)
        s.masscan_ac = MASSCAN_AC
        s.statistics = STATISTICS
        s.run()
    except Exception, e:
        print e
   

2. 运行脚本NowNAScan.py

   root@gvx:~/xunfeng/nascan# python NowNAScan.py 
   [20:31:01] 获取配置成功
   [20:31:01] 扫描规则: 1|11
   [20:31:01] 开始扫描
   [20:31:02] 10.0.9.5 active
   [20:31:02] 192.168.199.1 active
   [20:31:02] 192.168.1.94 active
   [20:31:02] 192.168.1.98 active
   [20:31:02] 192.168.2.3 active
   [20:31:02] 192.168.1.121 active
   [20:31:02] 192.168.1.127 active
   [20:31:02] 192.168.1.128 active
   [20:31:02] 192.168.1.129 active
   [20:31:02] 192.168.1.19 active
   [20:31:02] 192.168.1.29 active
   [20:31:03] 192.168.204.44 active
   [20:31:03] 192.168.204.43 active
   [20:31:04] 192.168.222.1 active
   [20:31:04] 192.168.204.1 active
   [20:31:04] 192.168.1.83 active
   [20:31:04] 192.168.204.77 active
   [20:31:04] 192.168.111.69 active
   [20:31:04] 192.168.15.2 active
   [20:31:04] 192.168.113.17 active
   [20:31:04] 192.168.1.56 active
   [20:31:04] 192.168.2.247 active
   [20:31:04] 192.168.199.237 active
   [20:31:04] 192.168.13.1 active
   [20:31:05] 192.168.228.130 active
   [20:31:06] 192.168.228.1 active
   [20:31:07] 192.168.117.2 active
   [20:31:07] 192.168.168.1 active
   [20:31:07] 192.168.228.2 active
   [20:31:07] 192.168.1.72 active
   [20:31:07] 192.168.83.246 active
   [20:31:07] 192.168.66.17 active
   
   Starting masscan 1.0.3 (http://bit.ly/14GZzcT) at 2017-07-12 12:31:12 GMT
   -- forced options: -sS -Pn -n --randomize-hosts -v --send-eth
   Initiating SYN Stealth Scan
   Scanning 31 hosts [65535 ports/host]
   [20:33:13] 192.168.1.121:80 open                                             
   [20:33:43] 192.168.1.121:80 is web
   [20:33:43] 192.168.1.121:80 web info {'tag': [], 'title': 'Not Found'}
   

至此，重新去浏览器登录巡风，发现统计栏目已经有我们扫描出的资产，爽歪歪~~~