佬，如果proxy里带用户名密码是什么样的格式

[stripeboy]

例如127.0.0.1:9898 用户名user 密码 pass 形式http

[Cl0udG0d]

举一个我这里的例子

代理地址是 http://127.0.0.1:5010/get/ ，返回格式是 ip:port

运行参数为 python fofa.py -k index --proxy-url http://127.0.0.1:5010/get/

如果你这边的返回格式不是ip:port的话需要修改代码

[stripeboy]

翻源码搞定了，user:pass@ip:port就行了

[stripeboy]

不需要修改

[stripeboy]

感谢感谢，能跑了

[Cl0udG0d]

好哦 那我关闭这个issue了

[stripeboy]

说句提外话，这个程序输出自动删除有点烦人，我好几个要搜的全放一个py程序里一起调用你这个程序，能不能添加一个是否删除文件的选择？

[stripeboy]

                command = f"./fofah --endcount 10 --base {urlbase.decode('utf-8')} --proxy {proxys} --timeout 5"
                print(command)
                subprocess.run(command, shell=True)
                time.sleep(10)
                source_file = 'fofaHack.txt'
                destination_file = 'host.txt'
                with open(source_file, 'a') as f_source:
                    content = f_source.read()
                with open(destination_file, 'a') as f_dest:
                    f_dest.write(content)
               大概就是这样调用的。小白已经尽力了，实在不行。一直复制空白，输出文件一直被删除。实在是不行。

[Cl0udG0d]

虽然我不知道为什么要用shell来执行这个程序 ....but

可以参考下面我运行的步骤，这样的话产生的 final_303b5c8988601647873b4ffd247d83cb_1718690943.txt 和 final_bb2d1cfcf588274b0cc446b1ed4c44fd_1718690918.txt就是这两个关键字的查询结果了

root@clean-powder-2:~/Fofa-hack# python3 fofa.py --inputfile target.txt --endcount 10

             ____  ____  ____  ____
            | ===|/ () \| ===|/ () \
            |__|  \____/|__| /__/\__\
                 _   _   ____   ____  __  __
                | |_| | / () \ / (__`|  |/  /
                |_| |_|/__/\__\\____)|__|\__\ V2.4.16

                公众号: 黑糖安全

[*] LEVEL = 1 ，Initialized Successfully
[*] Crawling Delay: 3s
[*] Crawling Keyword:
[*] Crawling Result Count: 10
[*] Output Format: txt
[*] Storage File Name: currently unavailable
[*] Enable Keyword Fuzzing: False
[*] Enable Proxy: False
[*] Reading File: target.txt
[*] Commencement of operations
[*] Crawl page for:https://fofa.info/result?qbase64=ImhpIg==
[*] Number of presences:17,395,983
now search key: "hi"
[*] Number of articles crawled 0 : ['190.85.48.17:22', 'https://78.147.31.150:8443', 'http://2.192.164.241:8099', '128.199.142.139:22', 'https://5.15.55.197:2069', 'https://87.75.87.169:8443', '45.32.175.55:22', 'https://140.82.32.160', 'http://193.115.103.33:81', 'https://35.225.57.22:8443', 'http://hicrm.co.kr', 'http://mprinternational.com', 'http://www.mprinternational.com', 'http://98.235.72.14:9080', 'http://185.38.176.144:8880', 'http://131.72.80.231:8888', 'http://78.131.70.49:2069', 'https://78.151.180.6:8443', '201.179.140.134:22', '195.67.71.106:22']
[*] At node 0, data crawling is over.
[*] End of de-duplication. Final data 20
[+] End of Grabbing,"hi"Total Data Grabbed for 20 Keyword(s)

[*] Crawl page for:https://fofa.info/result?qbase64=InRlc3Qi
[*] Number of presences:120,170,224
now search key: "test"
[*] Number of articles crawled 0 : ['http://www.jasupport.dk', 'http://223.204.121.86:81', 'http://49.48.54.172:8123', 'http://120.204.227.13:1521', 'https://178.62.232.214', 'https://221.14.156.48:8888', 'http://116.87.171.2:7657', 'http://150.31.27.123:10058', '118.251.20.68:5683', 'https://88.9.7.23:8123', 'https://45.27.143.174', 'http://52.169.78.94', '185.248.168.187:25', 'https://23.61.126.76', 'https://3.163.201.119', 'http://114.40.19.190:8989', '112.205.157.152:5683', '183.239.61.203:5683', 'http://git.panchip.com:88', '190.242.61.229:143']
[*] At node 0, data crawling is over.
[*] End of de-duplication. Final data 20
[+] End of Grabbing,"test"Total Data Grabbed for 20 Keyword(s)

root@clean-powder-2:~/Fofa-hack# ls
303b5c8988601647873b4ffd247d83cb_1718690943.txt        fofa_hack        locale
bb2d1cfcf588274b0cc446b1ed4c44fd_1718690918.txt        fofa_hack.po     README.md
build                                                  fofaHack.txt     requirements.txt
core                                                   fofa_linux.spec  SECURITY.md
dist                                                   fofa.py          setup.py
docs                                                   fofa_win.spec    target.txt
final_303b5c8988601647873b4ffd247d83cb_1718690943.txt  icon.ico         test.py
final_bb2d1cfcf588274b0cc446b1ed4c44fd_1718690918.txt  images           tookit
final_fofaHack.txt                                     LICENSE          update_fofa_hack_mo.bat
root@clean-powder-2:~/Fofa-hack# cat target.txt
hi
test
root@clean-powder-2:~/Fofa-hack#

[Cl0udG0d]

如图

[stripeboy]

因为pip那个没proxy

[stripeboy]

linux跑没编译的不方便，有个包一直不行

[stripeboy]

那编译的有这个文件吗

[Cl0udG0d]

编译后的linux上的二进制程序一样可以使用这个方法

日志如下

root@clean-powder-2:~/Fofa-hack/dist# ls
fofa  target.txt
root@clean-powder-2:~/Fofa-hack/dist# ./fofa  --inputfile target.txt --endcount 10

             ____  ____  ____  ____
            | ===|/ () \| ===|/ () \
            |__|  \____/|__| /__/\__\
                 _   _   ____   ____  __  __
                | |_| | / () \ / (__`|  |/  /
                |_| |_|/__/\__\\____)|__|\__\ V2.4.16

                公众号: 黑糖安全

[*] LEVEL = 1 ，Initialized Successfully
[*] Crawling Delay: 3s
[*] Crawling Keyword:
[*] Crawling Result Count: 10
[*] Output Format: txt
[*] Storage File Name: currently unavailable
[*] Enable Keyword Fuzzing: False
[*] Enable Proxy: False
[*] Reading File: target.txt
[*] Commencement of operations
[*] Crawl page for:https://fofa.info/result?qbase64=ImhpIg==
[*] Number of presences:17,396,076
now search key: "hi"
[*] Number of articles crawled 0 : ['190.174.1.234:22', 'https://www.untag-sby.ac.id', 'http://182.52.200.250:81', 'http://101.51.169.208:8443', '162.210.100.147:110', 'http://www.napcosecurity.com', '101.43.46.194:22', 'http://177.70.215.153:9000', '167.235.143.153:22', 'http://188.65.80.163:9090', 'http://101.109.58.220:8443', '162.210.100.154:110', 'http://185.51.44.253:9090', 'https://37.12.24.240:8443', '95.217.6.224:25', '64.62.202.4:25', '178.250.14.41:25', '142.171.32.24:25', 'http://101.109.149.29:8443', '51.83.248.199:22']
[*] At node 0, data crawling is over.
[*] End of de-duplication. Final data 20
[+] End of Grabbing,"hi"Total Data Grabbed for 20 Keyword(s)

[*] Crawl page for:https://fofa.info/result?qbase64=InRlc3Qi
[*] Number of presences:120,170,675
now search key: "test"
[*] Number of articles crawled 0 : ['https://184.28.13.181', 'http://14.186.12.8:88', 'http://76.182.0.74:81', 'http://115.133.59.194:8123', 'https://dev2.nuadu.com', 'https://38.165.114.111', '112.207.170.243:5683', 'http://129.204.156.107', 'http://141.136.10.56:9080', 'https://45.60.166.91:9020', 'http://203.176.138.148:9001', 'http://186.27.201.164', 'http://77.77.11.244', 'https://222.113.227.81:8443', 'https://admin.zenoluna.com', 'http://177.8.139.80:9090', 'https://23.95.67.159:2070', 'http://185.10.18.148:88', 'https://45.60.101.5:9020', 'https://82.65.82.49']
[*] At node 0, data crawling is over.
[*] End of de-duplication. Final data 20
[+] End of Grabbing,"test"Total Data Grabbed for 20 Keyword(s)

root@clean-powder-2:~/Fofa-hack/dist# ls
303b5c8988601647873b4ffd247d83cb_1718692525.txt  final_303b5c8988601647873b4ffd247d83cb_1718692525.txt  fofa
bb2d1cfcf588274b0cc446b1ed4c44fd_1718692512.txt  final_bb2d1cfcf588274b0cc446b1ed4c44fd_1718692512.txt  target.txt
root@clean-powder-2:~/Fofa-hack/dist# cat target.txt
hi
test
root@clean-powder-2:~/Fofa-hack/dist#

带final_ 前缀的是去重之后的，生成这个文件会在二进制程序的同目录下

我这里的测试环境是ubuntu

# uname -a
Linux clean-powder-2.localdomain 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

[stripeboy]

ok,我试试去

[stripeboy]

一定需要inputfile吗

[stripeboy]

final_fofaHack.txt 只有这个欸

[Cl0udG0d]

一定需要inputfile吗

[Cl0udG0d]

一定需要inputfile吗

是的 多关键字的话需要使用inputfile ，也可以自己调用来改 但是会比较复杂

[Cl0udG0d]

你把运行的日志发出来一下呢

final_fofaHack.txt 只有这个欸

[stripeboy]

root@localhost:~/fofa# ./fofah --base InRlc3Qi --endcount 10

         ____  ____  ____  ____      
        | ===|/ () \| ===|/ () \     
        |__|  \____/|__| /__/\__\    
             _   _   ____   ____  __  __ 
            | |_| | / () \ / (__`|  |/  /
            |_| |_|/__/\__\\____)|__|\__\ V2.4.16

            公众号: 黑糖安全

[] LEVEL = 1 ，Initialized Successfully [] Crawling Delay: 3s [] Crawling Keyword: "test" [] Crawling Result Count: 10 [] Output Format: txt [] Storage File Name: fofaHack.txt [] Enable Keyword Fuzzing: False [] Enable Proxy: False [] Reading File: None [] Commencement of operations [] Crawl page for:https://fofa.info/result?qbase64=InRlc3Qi [] Number of presences:120,170,873 now search key: "test" [] Number of articles crawled 0 : ['http://117.42.182.101:8092', 'http://188.129.41.147:81', '119.95.233.117:5683', 'http://195.231.64.80:9001', 'http://68.118.40.22:88', '179.53.89.160:9080', 'http://test.insight-dev.us1.fincad.cloud', 'https://107.154.100.212:2628', 'https://58.152.123.22:9000', 'https://92.14.68.170:8443', 'http://187.157.142.244:83', 'https://87.117.1.158:8888', 'https://45.60.19.238:3030', 'http://kompasseducation.com', 'https://kompasseducation.com', 'http://webmail.midwayspeedwaypark.com', 'http://cpanel.midwayspeedwaypark.com', 'http://170.150.218.46:88', 'https://webmail.midwayspeedwaypark.com', 'https://124.119.29.14:1443'] [] At node 0, data crawling is over. [] End of de-duplication. Final data 20 [] Grabbing is over, total data 20 items grabbed

[stripeboy]

[*] Storage File Name: currently unavailable 这个不一样

[Cl0udG0d]

你这个日志里面显示的没有使用 inputfile 查询，另外你确定 ls 查看目录也没有final_ 开头的文件吗

[stripeboy]

我没用inputfile,我后面还想搞个auth和游客自动切换的，所以我这样自由度能高点。

[stripeboy]

看下来没有没有final_ 开头的文件

[stripeboy]

找过好几遍了

[stripeboy]

是我版本问题？

[Cl0udG0d]

你运行二进制程序的操作系统是什么呢

[stripeboy]

ubuntu

[Cl0udG0d]

ubuntu

你说的太笼统了 我也是用的ubuntu，应该是操作系统版本适配有问题，所以没有生成这个文件

[stripeboy]

但final_fofaHack.txt 这个能正常生成

[stripeboy]

ubuntu

你说的太笼统了 我也是用的ubuntu，应该是操作系统版本适配有问题，所以没有生成这个文件

感觉不像这种问题

[Cl0udG0d]

好吧 ....那要不你还是用未编译的源码吧，你哪个包下载不了呢

[stripeboy]

Cryptodome

[Cl0udG0d]

如果你只发包名不发为啥下载不了的日志 我也解决不了

[stripeboy]

ERROR: Could not find a version that satisfies the requirement Cryptodome (from versions: none) ERROR: No matching distribution found for Cryptodome

[stripeboy]

好像之前有人也是这个问题

[stripeboy]

pip更新过了

[stripeboy]

pip install pycryptodome这个试过，没用，无法识别出来

[Cl0udG0d]

ubuntu运行 pip install pycryptodomex

我这里是python3.8

[stripeboy]

我试试

[stripeboy]

ok了，我py搞好了，那行改掉了

[stripeboy]

现在可以了，感谢感谢

[Cl0udG0d]

好哦 那现在关闭issue了