python脚本实现内网渗透——web资产IP以及常用扫描

W金刚葫芦娃W

已于 2023-02-17 10:40:11 修改

阅读量532

点赞数

文章标签：服务器网络 http python pycharm

于 2023-02-02 15:58:27 首次发布

本文链接：https://blog.csdn.net/qq_39330735/article/details/128851833

版权

注解：

1、这里使用的是的request请求和多线程的方式来扫描

2、其中列出了一些常见的web端口号,可以自行调整

import requests,threading
#查找局域网内可能存在的web界面
def find_web(ip):
    por_lis = [7, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 43, 53, 67, 68, 69, 79,
               80,81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 109, 110, 113,
               119, 123, 135,135, 137, 138, 139, 143, 161, 162, 179, 194, 220, 389, 443, 445, 465, 513, 520, 520, 546, 547, 554,
               563, 631, 636, 991, 993, 995, 1080, 1194, 1433, 1434, 1494, 1521, 1701, 1723, 1755, 1812, 1813,
               1863, 3269, 3306, 3307, 3308, 3309, 3310, 3311, 3312, 3313, 3314, 3389, 3544, 4369, 5060, 5061, 5355,
               5432, 5671, 5672, 6379, 7001, 8080, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091,
               8066, 8092, 8093, 8094, 8095, 8096, 8000, 8001, 8002, 8003, 8004, 8005, 8008, 8006, 8443, 8883, 8888, 9443, 9988,
               9988,15672, 27017, 50389, 50636, 61613, 61614]
    for por in por_lis:
        try:
            url = f"http://192.168.114.{ip}:{por}/"
            res = requests.get(url,timeout=1)  #
            print(url)   #爆出ip
        except Exception as e:
            pass
        try:
            url = f"https://192.168.114.{ip}:{por}/"
            res = requests.get(url,timeout=1)
            print(url)  #爆出ip
        except Exception as e:
            pass

if __name__ == '__main__':
    for i in range(1, 255):
        threading.Thread(target=find_web, args=(i,)).start()