0
点赞
收藏
分享

微信扫一扫

【PyHacker编写指南】网站Cms识别工具

这节课是巡安似海PyHacker编写指南的《打造网站Cms识别工具

喜欢用Python写脚本的小伙伴可以跟着一起写一写呀。

编写环境:Python2.x


00x1:

需要用到的模块如下:

import hashlib
import requests


00x2:

首先利用hashlib.md5().hexdigest()进行获取md5

r = hashlib.md5('cms.txt').hexdigest()
print r

【PyHacker编写指南】网站Cms识别工具_pyhacker

获取文件md5:

f = open('favicon.png','rb').read()
filemd5 = hashlib.md5(f).hexdigest()
print filemd5

【PyHacker编写指南】网站Cms识别工具_信息网络安全_02


00x3:

获取网站文件的md5:

req=requests.get('http://www.hackxc.cc/content/templates/Adams/images/favicon.ico').content
filemd5 = hashlib.md5(req).hexdigest()
print filemd5

【PyHacker编写指南】网站Cms识别工具_web_03


00x4:

下面开始整理一下cms.txt

【PyHacker编写指南】网站Cms识别工具_pyhacker_04

Cms字典处理:

data=[]
def cmslist():
file = open("cms.txt")
for line in file:
str = line.strip().split("|")
ls_data={}
if len(str)==3:#判断是否为正确cms格式
ls_data['url']=str[0]
ls_data['name'] = str[1]
ls_data['md5'] = str[2]
data.append(ls_data)
file.close( )

因为本身是一个字典形式的列表

【PyHacker编写指南】网站Cms识别工具_python_05

看下面这个图大家就懂了

【PyHacker编写指南】网站Cms识别工具_pyhacker_06


00x5:

接着进行遍历cms列表

def cms():
for cms in data:
try:
req = requests.get('http://127.0.0.1%s'%cms['url'])
print req.url
except:
pass
if req.status_code == 200:
filemd5 = hashlib.md5(req.content).hexdigest()
if filemd5 == cms['md5']:
print cms['name']
break

简单调试:执行成功自动跳出循环

【PyHacker编写指南】网站Cms识别工具_python_07


00x6:

完整代码:

#!/usr/bin/python
#-*- coding:utf-8 -*-
import requests
import hashlib


data=[]
def cmslist():
file = open(r"cms.txt")
for line in file:
str = line.strip().split("|")
ls_data={}
if len(str)==3:#判断是否为正确cms格式
ls_data['url']=str[0]
ls_data['name'] = str[1]
ls_data['md5'] = str[2]
data.append(ls_data)
file.close( )


def cms(url):
headers = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3314.0 Safari/537.36 SE 2.X MetaSr 1.0'}
for cms in data:
urlx = url+cms['url']
try:
req = requests.get(urlx,headers=headers,timeout=2)
print urlx
except:
pass
try:
if req.status_code == 200:
filemd5 = hashlib.md5(req.content).hexdigest()
if filemd5 == cms['md5']:
print '\n[*]cms:',cms['name']
break
except:
pass


def main():
cmslist()
url =raw_input("\nurl:")
if url == "":
sys.exit(1)
print ""
if 'http' not in url:
url = 'http://'+url
cms(url)


if __name__ == '__main__':
main()


00x7:

如果想对文件内多个url进行cms检测

def main():
cmslist()
f = open('url.txt','r')
for url in f:
url = url.strip()
if 'http' not in url:
url = 'http://'+url
cms(url)


喜欢的关注一下叭~

【PyHacker编写指南】网站Cms识别工具_信息网络安全_08

举报

相关推荐

0 条评论