python3 Redis未授权检测脚本怎么写
这篇文章主要介绍“python3 Redis未授权检测脚本怎么写”,在日常操作中,相信很多人在python3 Redis未授权检测脚本怎么写问题上存在疑惑,小编查阅了各式资料,整理出简单好用的操作方法,希望对大家解答”python3 Redis未授权检测脚本怎么写”的疑惑有所帮助!接下来,请跟着小编一起来学习吧!
importsysimportgetoptimportsocketdefget_target():opts,args=getopt.getopt(sys.argv[1:],'-i:-p:-h')#print(opts)foropt_name,opt_valueinopts:ifopt_name=='-h':print('[*]Thisishelpinformation[*]n''[*]-i+vulnerable-ip[*]n''[*]-p+vulnerable-port[*]n''[*]Example:python3-i127.0.0.1-p6379[*]n')ifopt_namein('-i',):ip=opt_valueifopt_namein('-p',):port=opt_valuereturnip,portdefpasswd_dict():passwd=['redis@123','Redis@123','Passw0rd','123456']returnpasswddefmain(ip,port,passwd):print("[*]RedisUnauthorizedandWeakPasswordDetection[*]n""[*]By:Zh1z3ven[*]n""[*]Blog:https://www.cnblogs.com/Zh1z3ven/[*]n")s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)s.connect((ip,int(port)))send_data='INFOrn's.send(send_data.encode())res=s.recv(1024)response=bytes.decode(res)#print(response)if'redis_version'inresponse:result='[!]Vulnerable{0}:{1}存在未授权访问[!]'.format(ip,port)print(result)returnresultelif'NOAUTH'inresponse:foriteminpasswd:s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)s.connect((ip,int(port)))send_data='AUTH{0}rn'.format(item)s.send(send_data.encode())res=s.recv(1024)response=bytes.decode(res)#print(response)if'+OK'inresponse:result='[!]Vulnerable:{0}:{1}存在弱口令{2}[!]'.format(ip,port,item)print(result)returnresultelse:result='[*]不存在未授权及弱口令[*]'print(result)returnresultif__name__=='__main__':ip,port=get_target()passwd=passwd_dict()main(ip,port,passwd)
到此,关于“python3 Redis未授权检测脚本怎么写”的学习就结束了,希望能够解决大家的疑惑。理论与实践的搭配能更好的帮助大家学习,快去试试吧!若想继续学习更多相关知识,请继续关注恰卡编程网网站,小编会继续努力为大家带来更多实用的文章!