首页 / PYTHON / Python Ethical Hacking - VULNERABILITY SCANNER(2)

Python Ethical Hacking - VULNERABILITY SCANNER(2)

内容导读

互联网集市收集整理的这篇技术教程文章主要介绍了Python Ethical Hacking - VULNERABILITY SCANNER(2),小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含1923字,纯文字阅读大概需要3分钟

内容图文

VULNERABILITY_SCANNER

How to discover a vulnerability in a web application?

1. Go into every possible page.

2. Look for ways to send data to web application(URL + Forms).

3. Send payloads to discover vulnerabilities.

4. Analyze the response to check of the website is vulnerable.

 

->General steps are the same regardless of the vulnerability.

 

Class Scanner.

#!/usr/bin/env python

import requests
import re
from urllib.parse import urljoin


class Scanner:
    def __init__(self, url):
        self.target_url = url
        self.target_links = []

    def extract_links_from(self, url):
        response = requests.get(url)
        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url):
        href_links = self.extract_links_from(url)
        for link in href_links:
            link = urljoin(url, link)

            if "#" in link:
                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:
                self.target_links.append(link)
                print(link)
                self.crawl(link)

 

Vulnerability scanner.

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"
vuln_scanner = scanner.Scanner(target_url)
vuln_scanner.crawl(target_url)

The Python program runs fine.

Python Ethical Hacking - VULNERABILITY SCANNER(2) - 文章图片

 

Polish the Python code using Default Parameters.

Class Scanner.

#!/usr/bin/env python

import requests
import re
from urllib.parse import urljoin


class Scanner:
    def __init__(self, url):
        self.target_url = url
        self.target_links = []

    def extract_links_from(self, url):
        response = requests.get(url)
        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url=None):
        if url == None:
            url = self.target_url
        href_links = self.extract_links_from(url)
        for link in href_links:
            link = urljoin(url, link)

            if "#" in link:
                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:
                self.target_links.append(link)
                print(link)
                self.crawl(link)

Vuln_scanner:

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"
vuln_scanner = scanner.Scanner(target_url)
vuln_scanner.crawl()

 

内容总结

以上是互联网集市为您收集整理的Python Ethical Hacking - VULNERABILITY SCANNER(2)全部内容,希望文章能够帮你解决Python Ethical Hacking - VULNERABILITY SCANNER(2)所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。

内容备注

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。

内容手机端

扫描二维码推送至手机访问。

本文链接:https://qyyshop.com/info/688504.html

来源:【匿名】