python查找替换危险字符脚本

为了哥们儿的大创写了这么个脚本

代码如下:

 1 import io
 2 import base64
 3 
 4 def replace_dangerous_sequences(image_path):
 5     try:
 6         # 读取图像文件的内容
 7         with open(image_path, 'rb') as image_file:
 8             image_data = image_file.read()
 9 
10         # 定义危险字节序列的列表和替换为的空字节串
11         # 格式为 b'要查杀的字符'
12         dangerous_sequences = [b'<?php', b'?>', b'os']
13         replace_with = b''
14 
15         # 检查图像数据中是否包含危险字节序列
16         found_dangerous_sequences = []
17         for seq in dangerous_sequences:
18             if seq in image_data:
19                 found_dangerous_sequences.append(seq)
20 
21         # 如果发现危险字节序列,打印出来
22         find = 0
23         if found_dangerous_sequences:
24             print("发现危险字节序列:")
25             for seq in found_dangerous_sequences:
26                 print(seq)
27             find = 1
28         else:
29             print("未发现危险字节序列")
30 
31         # 替换图像数据中的危险字节序列为空字节串
32         if find == 1:
33             for seq in dangerous_sequences:
34                 image_data = image_data.replace(seq, replace_with)
35 
36             # 将替换后的数据保存到新的文件
37             with open(image_path, 'wb') as image_file:
38                 image_file.write(image_data)
39             print("危险字节序列已替换并保存到", image_path)
40     except Exception as e:
41         print("发生错误:", str(e))
42 
43 # 调用函数并传递图像文件路径作为参数
44 replace_dangerous_sequences("2.png")

需求有点难以理解,真要防护为啥不直接上传就直接查杀呢

posted @ 2023-10-10 20:27  TheBlackEagle  阅读(17)  评论(0编辑  收藏  举报