上传漏洞fuzz字典生成脚本
Switch branches/tags
Nothing to show
Clone or download

README.md

upload-fuzz-dic-builder 上传漏洞fuzz字典生成脚本

生成的字典

一、uasg

$ python upload-fuzz-dic-builder.py -h
usage: upload-fuzz-dic-builder [-h] [-n] [-a] [-l] [-m] [--os] [-d] [-o]

optional arguments:
  -h, --help            show this help message and exit
  -n , --upload-filename
                        Upload file name
  -a , --allow-suffix   Allowable upload suffix
  -l , --language       Uploaded script language
  -m , --middleware     Middleware used in Web System
  --os                  Target operating system type
  -d, --double-suffix   Is it possible to generate double suffix?
  -o , --output         Output file

1.1 Example1

生成适合全语言,全部中间件,全部操作系统的fuzz字典

python upload-fuzz-dic-builder.py

1.2 Example2

生成适合后端语言为asp的fuzz字典

python upload-fuzz-dic-builder.py -l asp

1.3 Example3

上传文件名为:test,可以上传后缀为jpg,后端语言为php,中间件为apache,操作系统为Windows,输出字典名为upload_filename.txt的fuzz字典

python upload-fuzz-dic-builder.py -n test -a jpg -l php -m apache --os win -o upload_file.txt

1.4 注意:

  1. 生成时给的上传点相关信息越详细,生成的字典越精确!
  2. 在使用burp的Intruder模块进行fuzz时将Payload面板中Payload Encoding一栏的URL-encode these characters选项设置为未选中状态。

burp intruder模块设置

二、more

构造优质上传漏洞fuzz字典