python poc模板

最新推荐文章于 2023-09-16 16:17:38 发布

国雪

最新推荐文章于 2023-09-16 16:17:38 发布

阅读量270

点赞数

分类专栏： python 文章标签： python 开发语言

本文链接：https://blog.csdn.net/m0_65109001/article/details/129924464

版权

python 专栏收录该内容

3 篇文章 0 订阅

订阅专栏

自己写了一个漏扫模板，方便使用

"""添加请求头部信息，塑造来源ip"""
import time
import requests
import argparse
import threadpool
from colorama import Fore, init
from random import randint

init()

header = {
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Firefox/111.0',
    'Accept': '*/*',
    'Accept-Language': 'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2',
    'Accept-Encoding': 'gzip, deflate',
    'Cache-Control': 'no-cache',
    'Pragma': 'no-cache',
    'Connection': 'close',
    "X-Forwarded-For": '%s.%s.%s.%s' % (randint(1, 255), randint(1, 255), randint(1, 255), randint(1, 255))  # 构造随机来源ip
}


# 扫描方法
def poc(url_poc):
    try:
        resp = requests.get(url_poc, verify=False, timeout=3)
        if resp.status_code == 200:
            print(Fore.GREEN + "[+]exist vulnerability,vulnerability address:\t" + url_poc)
        with open('exp.txt', 'a+') as f:
            f.write(url_poc + '\r')
    except Exception:
        print(Fore.RED + "timeout and not vulnerability...")


# 利用方法
def exp(poc_url, command):
    data = {}
    try:
        pass
    except:
        pass


# 文本遍历
def pocs(file, path, pool=5):
    f = open(file, 'r')
    url_pool = []  # 任务池
    thpools = threadpool.ThreadPool(pool)  # 线程池
    for i in f.readlines():
        if i[:-1].startswith('http://') or i[:-1].startswith('https://'):
            url = i[:-1]
        else:
            url = "http://" + i[:-1]
        url_poc = url + path  # 拼接漏洞url
        url_pool.append(url_poc)  # 将漏洞url加入任务池
    ths = threadpool.makeRequests(poc, url_pool)
    for th in ths:
        thpools.putRequest(th)
    thpools.wait()


# 主函数帮助文档 一些简单规则
def main():
    parser = argparse.ArgumentParser(usage='[OPTIONS... -f -m -u]',
                                     description='[DESCRIPTION... python xxx.py -f <file> 文本ip扫描' + '\n' + '-m -u 漏洞利用,根据自己需求添加]')
    parser.add_argument('-f', '--file', type=str, help='<file>')  # 测试文本
    parser.add_argument('-m', '--command', type=str, help='<command>')  # 远程命令执行测试命令
    parser.add_argument('-u', '--url', type=str, help='<url>')  # 单个地址测试
    parser.add_argument('-p', type=str, help='<PATH>')  # 测试规则路径
    parser.add_argument('-t', type=int, help='<thread>')  # 线程数
    args = parser.parse_args()
    file = args.file
    exp_url = args.url
    command = args.command
    path = args.p
    pool = args.t
    if file != None and exp_url == None:  # 批量检测
        pocs(file, path, pool)
    elif exp_url != None and file == None:  # 单个利用
        exp(exp_url, command)
    elif args == None:
        print('args is Null, please use' + Fore.GREEN + "<-h>" + Fore.WHITE + 'option look over help word')
    else:
        print("")

if __name__ == '__main__':
    start = time.time()
    main()
    end = time.time()
    print("scaning time:%.2f" % (end - start))