有人問為什么要去掃描網(wǎng)站目錄:懂的人自然懂
這個(gè)python腳本的特點(diǎn):
1.基本完善
2.界面美觀(只是畫了個(gè)圖案)
3.可選參數(shù)增加了線程數(shù)
4.user agent細(xì)節(jié)處理
5.多線程顯示進(jìn)度
掃描目標(biāo):metasploitable linux
代碼:webdirscanner.py:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
# -*- coding:utf-8 -*-__author__ = "yiqing"import sysimport threadingimport randomfrom queue import queuefrom optparse import optionparsertry: import requestsexcept exception: print "[!] you need to install requests module!" print "[!] usage:pip install requests" exit()class webdirscan: """ web目錄掃描器 """ def __init__(self, options): self.url = options.url self.file_name = options.file_name self.count = options.count class dirscan(threading.thread): """ 多線程 """ def __init__(self, queue, total): threading.thread.__init__(self) self._queue = queue self._total = total def run(self): while not self._queue.empty(): url = self._queue.get() # 多線程顯示進(jìn)度 threading.thread(target=self.msg).start() try: r = requests.get(url=url, headers=get_user_agent(), timeout=5) if r.status_code == 200: sys.stdout.write('\r' + '[+]%s\t\t\n' % url) # 保存到本地文件,以html的格式 result = open('result.html', 'a+') result.write('<a href="' + url + '" rel="external nofollow" target="_blank">' + url + '</a>') result.write('\r\n</br>') result.close() except exception: pass def msg(self): """ 顯示進(jìn)度 :return:none """ per = 100 - float(self._queue.qsize()) / float(self._total) * 100 percent = "%s finished| %s all| scan in %1.f %s" % ( (self._total - self._queue.qsize()), self._total, per, '%') sys.stdout.write('\r' + '[*]' + percent) def start(self): result = open('result.html', 'w') result.close() queue = queue() f = open('dict.txt', 'r') for i in f.readlines(): queue.put(self.url + "/" + i.rstrip('\n')) total = queue.qsize() threads = [] thread_count = int(self.count) for i in range(thread_count): threads.append(self.dirscan(queue, total)) for thread in threads: thread.start() for thread in threads: thread.join()def get_user_agent(): """ user agent的細(xì)節(jié)處理 :return: """ user_agent_list = [ {'user-agent': 'mozilla/4.0 (mozilla/4.0; msie 7.0; windows nt 5.1; fdm; sv1; .net clr 3.0.04506.30)'}, {'user-agent': 'mozilla/4.0 (compatible; msie 8.0; windows nt 6.0; en) opera 11.00'}, { 'user-agent': 'mozilla/5.0 (x11; u; linux i686; de; rv:1.9.0.2) gecko/2008092313 ubuntu/8.04 (hardy) firefox/3.0.2'}, { 'user-agent': 'mozilla/5.0 (x11; u; linux i686; en-gb; rv:1.9.1.15) gecko/20101027 fedora/3.5.15-1.fc12 firefox/3.5.15'}, { 'user-agent': 'mozilla/5.0 (x11; u; linux i686; en-us) applewebkit/534.10 (khtml, like gecko) chrome/8.0.551.0 safari/534.10'}, {'user-agent': 'mozilla/5.0 (x11; u; linux i686; en-us; rv:1.9.0.2) gecko/2008092809 gentoo firefox/3.0.2'}, { 'user-agent': 'mozilla/5.0 (x11; u; linux x86_64; en-us) applewebkit/534.10 (khtml, like gecko) chrome/7.0.544.0'}, {'user-agent': 'opera/9.10 (windows nt 5.2; u; en)'}, { 'user-agent': 'mozilla/5.0 (iphone; u; cpu os 3_2 like mac os x; en-us) applewebkit/531.21.10 (khtml, like gecko)'}, {'user-agent': 'opera/9.80 (x11; u; linux i686; en-us; rv:1.9.2.3) presto/2.2.15 version/10.10'}, { 'user-agent': 'mozilla/5.0 (windows; u; windows nt 5.1; ru-ru) applewebkit/533.18.1 (khtml, like gecko) version/5.0.2 safari/533.18.5'}, {'user-agent': 'mozilla/5.0 (windows; u; windows nt 5.1; ru; rv:1.9b3) gecko/2008020514 firefox/3.0b3'}, { 'user-agent': 'mozilla/5.0 (macintosh; u; ppc mac os x 10_4_11; fr) applewebkit/533.16 (khtml, like gecko) version/5.0 safari/533.16'}, { 'user-agent': 'mozilla/5.0 (macintosh; u; intel mac os x 10_6_6; en-us) applewebkit/534.20 (khtml, like gecko) chrome/11.0.672.2 safari/534.20'}, { 'user-agent': 'mozilla/4.0 (compatible; msie 8.0; windows nt 6.1; wow64; trident/4.0; slcc2; .net clr 2.0.50727; infopath.2)'}, {'user-agent': 'mozilla/4.0 (compatible; msie 6.0; x11; linux x86_64; en) opera 9.60'}, { 'user-agent': 'mozilla/5.0 (macintosh; u; intel mac os x 10_6_2; en-us) applewebkit/533.4 (khtml, like gecko) chrome/5.0.366.0 safari/533.4'}, {'user-agent': 'mozilla/5.0 (windows nt 6.0; u; en; rv:1.8.1) gecko/20061208 firefox/2.0.0 opera 9.51'} ] return random.choice(user_agent_list)def main(): """ 主函數(shù) :return: none """ print ''' ____ _ ____ | _ \(_)_ __/ ___| ___ __ _ _ __ | | | | | '__\___ \ / __/ _` | '_ \ | |_| | | | ___) | (_| (_| | | | | |____/|_|_| |____/ \___\__,_|_| |_| welcome to webdirscan version:1.0 author: %s ''' % __author__ parser = optionparser('python webdirscanner.py -u <target url> -f <dictionary file name> [-t <thread_count>]') parser.add_option('-u', '--url', dest='url', type='string', help='target url for scan') parser.add_option('-f', '--file', dest='file_name', type='string', help='dictionary filename') parser.add_option('-t', '--thread', dest='count', type='int', default=10, help='scan thread count') (options, args) = parser.parse_args() if options.url and options.file_name: dirscan = webdirscan(options) dirscan.start() sys.exit(1) else: parser.print_help() sys.exit(1)if __name__ == '__main__': main() |
需要一個(gè)字典文件:
我存進(jìn)去了一些,一部分是確定存在的目錄
dict.txt
|
1
2
3
4
5
6
7
|
index.phplogindvwaphpmyadmindavtwikilogin.php |
結(jié)果:得到一個(gè)html文件:
|
1
2
3
4
5
6
7
|
<a href="http://192.168.232.129/twiki" rel="external nofollow" target="_blank">http://192.168.232.129/twiki</a></br><a href="http://192.168.232.129/index.php" rel="external nofollow" target="_blank">http://192.168.232.129/index.php</a></br><a href="http://192.168.232.129/phpmyadmin" rel="external nofollow" target="_blank">http://192.168.232.129/phpmyadmin</a></br> |
腳本的使用:
以上就是本文的全部?jī)?nèi)容,希望對(duì)大家的學(xué)習(xí)有所幫助,也希望大家多多支持服務(wù)器之家。
原文鏈接:https://www.cnblogs.com/xuyiqing/p/10313775.html
