备份
根据提示应该就是网站备份文件能被爆破出来
随手写了个爆破脚本,基于御剑字典,只供学习使用
import random
import requests
import time
from multiprocessing import Pool
def multiScan(target, file_name, pool_num, delay):
local_pool = Pool(pool_num)
dirs = get_path_dict(file_name)
# for dir in dirs:
# scan(target, dir, delay)
for dir in dirs:
local_pool.apply_async(scan, args=(target, dir, delay))
local_pool.close()
local_pool.join()
def get_path_dict(file_name) -> dict:
dir_dict = []
with open(file_name, encoding="UTF-8") as f:
for line in f.readlines():
dir_dict.append(line.strip())
print(file_name)
return dir_dict
def scan(target, dir, delay) -> str:
if 'http://' and 'https://' not in target:
host = f"http://{
target}{
dir}"
else:
host = f"{
target}{
dir}"
r = requests.g