AngelSword/information/svn_check.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-
'''
name: svn源码泄露扫描
referer: unknown
author: Lucifer
description: 忘记了删除.svn目录而导致的漏洞。
'''
import re
import sys
import requests
import warnings
from termcolor import cprint

class svn_check_BaseVerify:
    def __init__(self, url):
        self.url = url

    def run(self):
        headers = {
            "User-Agent":"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"
        }
        payload = "/.svn/entries"
        vulnurl = self.url + payload
        try:
            req = requests.get(vulnurl, headers=headers, timeout=10, verify=False, allow_redirects=False)
            try:
                contents = str(req.text).split('\x0c')
                pattern = re.compile(r'has-props|file|dir')
                for content in contents:
                    match = len(pattern.search(content).group(0))
                    if req.status_code == 200 and match > 0:
                        cprint("[+]存在svn源码泄露漏洞...(高危)\tpayload: "+vulnurl, "red")
                        break
                    else:
                        cprint("[-]不存在svn_check漏洞", "white", "on_grey")
            except:
                cprint("[-] "+__file__+"====>可能不存在漏洞", "cyan")

        except:
            cprint("[-] "+__file__+"====>可能不存在漏洞", "cyan")


if __name__ == "__main__":
    warnings.filterwarnings("ignore")
    testVuln = svn_check_BaseVerify(sys.argv[1])
    testVuln.run()
add all files 2017-02-20 17:25:03 +08:00			`#!/usr/bin/env python`
			`# -- coding: utf-8 --`
			`'''`
			`name: svn源码泄露扫描`
			`referer: unknown`
			`author: Lucifer`
			`description: 忘记了删除.svn目录而导致的漏洞。`
			`'''`
update poc 2018-01-09 16:55:27 +08:00			`import re`
add all files 2017-02-20 17:25:03 +08:00			`import sys`
			`import requests`
			`import warnings`
			`from termcolor import cprint`

			`class svn_check_BaseVerify:`
			`def __init__(self, url):`
			`self.url = url`

			`def run(self):`
			`headers = {`
			`"User-Agent":"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"`
			`}`
			`payload = "/.svn/entries"`
			`vulnurl = self.url + payload`
			`try:`
add options poc 2018-01-26 17:25:23 +08:00			`req = requests.get(vulnurl, headers=headers, timeout=10, verify=False, allow_redirects=False)`
update svn poc 2018-01-10 10:38:13 +08:00			`try:`
			`contents = str(req.text).split('\x0c')`
			`pattern = re.compile(r'has-props\|file\|dir')`
			`for content in contents:`
			`match = len(pattern.search(content).group(0))`
			`if req.status_code == 200 and match > 0:`
			`cprint("[+]存在svn源码泄露漏洞...(高危)\tpayload: "+vulnurl, "red")`
			`break`
update 2018-10-31 11:40:59 +08:00			`else:`
			`cprint("[-]不存在svn_check漏洞", "white", "on_grey")`
update svn poc 2018-01-10 10:38:13 +08:00			`except:`
update 2018-10-31 11:40:59 +08:00			`cprint("[-] "+__file__+"====>可能不存在漏洞", "cyan")`
add all files 2017-02-20 17:25:03 +08:00
			`except:`
update 2018-10-31 11:40:59 +08:00			`cprint("[-] "+__file__+"====>可能不存在漏洞", "cyan")`

add all files 2017-02-20 17:25:03 +08:00
			`if __name__ == "__main__":`
			`warnings.filterwarnings("ignore")`
			`testVuln = svn_check_BaseVerify(sys.argv[1])`
update poc 2018-01-09 16:55:27 +08:00			`testVuln.run()`