Git Product home page Git Product logo

cnvd-2020-10487-tomcat-ajp-lfi-scanner's Introduction

python2多线程扫描Tomcat-Ajp协议文件读取漏洞

刷src分狗的福利 poc来源于https://github.com/YDHCUI/CNVD-2020-10487-Tomcat-Ajp-lfi/poc作者不是本人!!!!

操作

1、将需要扫描的域名/ip放于 ip.txt

ip.txt中不需要加协议,比如

127.0.0.1
www.baidu.com
www.google.com

2、python threading-find-port-8009.py

将会生成8009.txt,作用为扫描ip.txt中域名/ip找出开放8009端口

3、python threading-CNVD-2020-10487-Tomcat-Ajp-lfi.py

从8009.txt中筛选出符合漏洞的url,放置于vul.txt中 最后vul.txt中存在的域名即为含有漏洞的域名 亲测补天公益src有上百站点,教育src大概三百站点包含此漏洞

4、测试

拿 CNVD-2020-10487-Tomcat-Ajp-lfi.py测试即可 python CNVD-2020-10487-Tomcat-Ajp-lfi.py target.com

本项目仅供学习,严禁用于非法操作

ps1:两个脚本的最后一行均为线程数-默认是20,可自行修改
位于threading-find-port-8009.py 67行

threading-CNVD-2020-10487-Tomcat-Ajp-lfi.py 341行

thread_num=20

ps2:src域名收集文件夹中为本人收集的教育src和补天src的一些域名,可直接测试

cnvd-2020-10487-tomcat-ajp-lfi-scanner's People

Contributors

bkfish avatar seadog007 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

v1cker bailongwang1 1tachi bb33bb zk953874391 atcom1 rebootorz wdjcy lp008 idaking shellb0y quinn-yan useafter 303donatello lynx-1 yijli chased9166 g0tch4r yangnanan rockmelodies icysun scareing tclion arewss jimsonzhang huangyuan666 xingxingdangkongzhao jimdx march110 smu-caa hexing19 aisnnu hanxiansheng26 paukey m4d3bug 362902755 sry309 cclauss 0x6b7966 flywithoutwings lstar2 hu-mou papillon326 zenosslk magicnieh g814109257g wj158 yorkeyanyy 5l1v3r1 cve-vuln 02bx sxtc peterdocter easonchen1220 mondayice ygnight maikefee k0uaz no952712138 kkilloas dengyuhui muyuxx c002 mortals-tx sectestt namehuxing viesea l34rner blackstarkk sxhcomg dyanday reposities conanjun h0medev underwood12 jaredchin huahengyi huangzccn ap3255 zhouyongchao tyblogger zengqingf seadog007 ice-ice want2live233 lonewolf1927 kbfey yizhongbear xdreamseeker vwvvw topsec-bunney jackpot777 crackercat shavchen beginner-mao gysf666 emmafran phuong39

cnvd-2020-10487-tomcat-ajp-lfi-scanner's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.