18.1 端口扫描
python的socket模块完成的端口检测(多IP多端口的情况下是非常慢)
多线程threading模块。
限制进程数量,那么可以利用Queue模块。
原理:利用python内置函数socket
#!/usr/bin/env python
import telnetlib
import threading
import queue
def get_ip_status(ip):
server = telnetlib.Telnet()
for port in range(20,100):
try:
server.open(ip,port)
print('{0} port {1} is open'.format(ip, port))
except Exception as err:
print('{0} port {1} is not open'.format(ip,port))
finally:
server.close()
def check_open(q):
try:
while True:
ip = q.get_nowait()
get_ip_status(ip)
except queue.Empty as e:
pass
if __name__ == '__main__':
host = ['10.0.0.10','10.0.0.11','10.0.0.12'] # 这里模拟多IP地址的情况,也可以从文件中读取IP——list
q = queue.Queue()
for ip in host:
q.put(ip)
threads = []
for i in range(10):
t = threading.Thread(target=check_open,args=(q,))
t.start()
threads.append(t)
for t in threads:
t.join()
18.2 目录爆破
引用requests 作用:发起http请求
1 # -*- coding:utf-8 -*-
2 # 运行环境为python3.0 作者:WinHly
3
4 import requests
5 url=input("输入你的url :")
6 script=int(input("选择脚本1.asp 2.php 3.jsp 4.sapx :"))
7 true_script=""
8 ture_url=""
9 if script==1:
10 true_script="ASP.txt"
11 elif script==2:
12 true_script="PHP.txt"
13 elif script==3:
14 true_script="JSP.txt"
15 elif script==4:
16 true_script="ASPX.txt"
17 else :
18 print("输入错误!")
19 def baopo():
20 print(u" 爆破开始耐心等待:")
21 str=open(true_script).read()
22 str_list=str.split(‘\n‘)
23 for i in str_list:
24 # print (url)
25 url_true=url+i
26
27 try:
28 a=requests.get(url_true).status_code
29 if a>=200 and a<=300:
30 print(url_true)
31 except:
32 pass
33 print(u"爆破结束!")
11,端口扫描脚本+目录爆破脚本
最新推荐文章于 2024-09-27 15:15:00 发布