python写个御剑

前言:

今天师傅叫我,写个python版的御剑。然后我之前也写过

不过不怎么样,这次有新想法。

 

思路:

御剑:读取御剑配置文件里的所有路径,加上用户要扫描的url。进行批量检测,如果状态码为200并且无Error.ini里面的错误就存在该路径。报存在save.txt (详细看代码)

路径:

 

 

御剑代码:

 

import requests
import random
import os
file=[]
url=[]
error=[]
bc=[]
ip=[]
headers={}
user=input('Import TXT:')
banner='''
 ____            _                             
|  _ \  ___  ___| |_ _ __ ___  _   _  ___ _ __ 
| | | |/ _ \/ __| __| '__/ _ \| | | |/ _ \ '__|
| |_| |  __/\__ \ |_| | | (_) | |_| |  __/ |   
|____/ \___||___/\__|_|  \___/ \__, |\___|_|   
                               |___/        

Producer:Nine world 
'''
useragent=[]
twoo=[]
print(banner)

def urls():
    dk=open('{}'.format(user),'r')
    for k in dk.readlines():
        qcs="".join(k.split('\n'))
        url.append(qcs)
    print('[+]url.txt Load completion')
    print(' ')
    print(' ')
urls()

def judge():
  pd=os.listdir('御剑配置文件')
  for name in pd:
      file.append(name)

  for f in file:
    print('[+]existence {}'.format(f))

  print(' ')
  print(' ')

  dk=open('user-agent.txt','r')
  for d in dk.readlines():
      qc="".join(d.split('\n'))
      useragent.append(qc)
  print('[+]user-agent Load completion')
  print(' ')
  print(' ')
judge()

def errors():
    lv=open('Error/error.txt','r')
    for e in lv.readlines():
        qcsw="".join(e.split('\n'))
        error.append(qcsw)
    print('[+]The filter file is loaded')
    print(' ')
    print(' ')
errors()

def forge():
    sj=[]
    dkw=open('ip.txt','r')
    for i in dkw.readlines():
        k="".join(i.split('\n'))
        ip.append(k)

    for g in range(0,len(useragent)):
        u='User-Agent='
        x='X-Forwarded-For='
        c='Client-IP='
        sj.append(u+useragent[g]+'&'+x+ip[g]+'&'+c+ip[g])
    kc=list(set(sj))
    su=random.choice(kc)
    qc=str(su)
    for v in qc.split('&'):
        key,value=v.split('=',1)
        headers[key]=value
forge()

def exploit():
  wi=os.listdir('御剑配置文件')
  for w in wi:
      dp=open('{}'.format('御剑配置文件/'+w),'r',encoding='gbk')
      for s in dp.readlines():
          we="".join(s.split('\n'))
          for u in url:
              up='{}'.format(u).rstrip('/')+we
              try:
                requet=requests.get(url=up,headers=headers,timeout=3,allow_redirects=False)
                for e in error:
                    if requet.status_code==200 and not e in requet.text:
                        ok='[+]code:{} url:{}'.format(requet.status_code,requet.url)
                        if ok in twoo:continue
                        twoo.append(ok)
                        print(ok)
                    else:
                        no='[x]Not url :{}'.format(requet.url)
                        if no in bc:continue
                        bc.append(no)
                        print(no)
              except Exception as u:
                  print('[-]Error {}'.format(u))

  if len(twoo)>0:
      od=open('save.txt','w')
      od.close()

      xr=open('save.txt','r')
      for c in twoo:
          print(c,file=open('save.txt','a'))


exploit()

测试效果:

 

 

 Github下载地址:https://github.com/422926799/python/tree/master/%E5%BE%A1%E5%89%91

 

posted on 2018-07-16 23:22 东京$ 阅读() 评论() 编辑 收藏

版权声明:本文为haq5201314原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://www.cnblogs.com/haq5201314/p/9321041.html