Shulou(Shulou.com)05/31 Report--

This article mainly introduces what Scrying is a tool, the article introduces in great detail, has a certain reference value, interested friends must read it!

Scrying

Scrying is a multi-in-one collection tool for RDP, Web and VNC screenshots. At present, this tool is still under development, most of which can be used normally, but the functionality of the tool is not complete.

Because Eyewitness recently removed support for RDP, it is no longer a command line interface tool for taking screenshots of RDP. Although Nessus is still available, this tool is very inconvenient when exporting images, and screenshots cannot be included in the export file.

Function introduction

Automatically determine whether the input is a Web address or RDP server

Automatically create an output directory

Save the image using a consistent and unique file name derived from the host / IP

IPv6 and IPv4 addresses and hostnames are fully supported

Read targets from the file and determine whether they are RDP or HTTP

Output from Nmap and Nessus to intelligently parse targets

Full cross-platform support-tested on Linux, Windows and Mac

Generate a HTML report so that you can easily browse the results

VNC support

Tool installation

For Web screenshots, Scrying currently requires the support of Chromium or Google Chrome. The majority of users can use the following commands to install or choose the installation method according to their own operating system:

Pacman-S chromium

Next, visit the project's Releases page to download the latest version of Scrying, where a code package for the Debian distribution is provided, which can be installed using the following command, or you can download the code version for Windows, macOS, and other Linux systems:

Sudo dpkg-I scrying*.deb tool use

The following command gets a single Web page, RDP server, or VNC server:

$scrying-t http://example.com$ scrying-t rdp://192.0.2.1$ scrying-t 2001:db8::5-- mode web$ scrying-t 2001:db8::5-- mode rdp$ scrying-t 192.0.2.2$ scrying-t vnc:// [2001:db8::53]: 5901

Automatically take screenshots from Nmap output:

$nmap-iL targets.txt-p 80 443 oX targets.xml$ scrying 8080 8443 oX targets.xml$ scrying-- nmap targets.xml

Select a different output directory for the screenshot image:

$scrying-t 2001:db8::3-- output-dir / tmp/scrying_outputs

Run the tool using the target file:

$cat targets.txt http://example.comrdp://192.0.2.12001:db8::5$ scrying-f targets.txt

Run the tool through the Web agent:

$scrying-t http://example.com-- web-proxy http://127.0.0.1:8080$ scrying-t http://example.com-- web-proxy socks5://\ [:: 1\]: 1080

The image file is stored in PNG format, and the storage directory structure is as follows:

Output ├── report.html ├── rdp │ └── 192.0.2.1-3389.png ├── vnc │ └── 192.0.2.1-5900.png └── web └── https_example.com.png

The storage path for the scan report is as follows:

Output/report.html tool help information USAGE: scrying [FLAGS] [OPTIONS] FLAGS:-s,-silent Suppress most log messages-- test-import Exit after importing targets-v,-- verbose Increase log verbosity-h,-- help Prints help information-V,-- version Prints version information OPTIONS:-f,-- file. Targets file, one per line-l,-- log-file Save logs to the given file-m,-- mode Force targets to be parsed as `web`, `rdp`, `vnc` [default: auto] [possible values: web, rdp, vnc, auto]-- nessus. Nessus XML file-- nmap... Nmap XML file-o -- output Directory to save the captured images in [default: output]-- proxy Default SOCKS5 proxy to use for connections e.g. Socks5:// [:: 1]: 1080-- rdp-proxy SOCKS5 proxy to use for RDP connections e.g. Socks5:// [:: 1]: 1080-- rdp-timeout Seconds to wait after last bitmap before saving an image [default: 2]-t -target... Target, e.g. Http://example.com, rdp:// [2001:db8::4]-- threads Number of worker threads for each target type [default: 10]-- sample web-proxy HTTP/SOCKS Proxy to use for web requests e.g. Http://[::1]:8080HTML report

The above is all the content of this article "what is Scrying?" Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.