Lucifer1993/AngelSword
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
232258e42201373fef1f323864366dc1499581fc
AngelSword/information/options_method.py

38 lines
1.2 KiB
Python
Raw Normal View History

add options poc
2018-01-26 17:25:23 +08:00
#!/usr/bin/env python
# -*- coding: utf-8 -*-
'''
name: options方法开启
referer: unknow
author: Lucifer
description: robots.txt是爬虫标准文件可从文件里找到屏蔽了哪些爬虫搜索的目录
'''
import sys
import requests
import warnings
from termcolor import cprint
class options_method_BaseVerify:
def __init__(self, url):
self.url = url
def run(self):
headers = {
"User-Agent":"Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"
}
vulnurl = self.url
try:
req = requests.options(vulnurl, headers=headers, timeout=10, verify=False)
if r"OPTIONS" in req.headers['Allow']:
cprint("[+]存在options方法开启...(敏感信息)"+"\tpayload: "+vulnurl+"\tAllow:"+req.headers['Allow'], "green")
update
2018-10-31 11:40:59 +08:00
else:
cprint("[-]不存在options_method漏洞", "white", "on_grey")
add options poc
2018-01-26 17:25:23 +08:00
except:
update
2018-10-31 11:40:59 +08:00
cprint("[-] "+__file__+"====>可能不存在漏洞", "cyan")
add options poc
2018-01-26 17:25:23 +08:00
if __name__ == "__main__":
warnings.filterwarnings("ignore")
testVuln = options_method_BaseVerify(sys.argv[1])
testVuln.run()
Reference in New Issue Copy Permalink