def exploit_common_file(url, extion, dirs=[]):
result = []
try:
dicts = []
standers = get_site_stander(url)
files_path = os.path.abspath(os.path.join(path, "../dict/files.txt"))
if len(dirs) == 1:
#如果dirs 只有一个目录,说明没有解析到其他路径,从common/dirs.txt中枚举 目录
dir_path = os.path.abspath(
os.path.join(path, "../dict/common/dirs.txt"))
with open(dir_path) as f:
commondirs = f.readlines()
f.close()
for i in commondirs:
dirs.append("/" + i.strip('\n'))
with open(files_path) as f:
files = f.readlines()
f.close()
for d in dirs:
for f in files:
f = f.strip('\n').format(extion)
if d:
dicts.append('/' + d + '/' + f)
else:
dicts.append('/' + f)
hand = fuzz(url, dicts, standers)
result = hand.scan()
except:
traceback.print_exc()
finally:
return result
def exploit_common_file(url, extion, dirs=[]):
result = []
try:
dicts = []
e = get_extion_by_sever(url)
extion = extion if extion != 'php' else e
standers = get_site_stander(url)
files_path = os.path.abspath(os.path.join(path, "../dict/files.txt"))
if len(dirs) == 1:
dir_path = os.path.abspath(
os.path.join(path, "../dict/common/dirs.txt"))
with open(dir_path) as f:
commondirs = f.readlines()
f.close()
print commondirs
for i in commondirs:
dirs.append(i.strip('\n'))
with open(files_path) as f:
files = f.readlines()
f.close()
for d in dirs:
for f in files:
f = f.strip('\n').format(extion)
dicts.append(d + '/' + f)
hand = fuzz(url, dicts, standers)
result = hand.scan()
except:
traceback.print_exc()
finally:
return result
def exploit_server_path(url):
result = []
try:
standers = get_site_stander(url)
r = _requests(url)
dicts = get_dict_by_server(r.headers)
if dicts:
hand = fuzz(url, dicts, standers)
result = hand.scan()
except:
traceback.print_exc()
finally:
return result