AWD攻防工具脚本汇总(二)

admin 2021年9月3日07:44:53评论514 views字数 2190阅读7分18秒阅读模式

AWD攻防工具脚本汇总(一)

阅读目录(Content)阅读目录(Content)

  • 情景五:批量修改ssh密码

  • 情景六:批量种马

情景五:批量修改ssh密码

拿到官方靶机第一件事改自己机器的ssh密码,当然也可以改别人的密码~  

import paramikoimport sys
ssh_clients = []timeout = 5new_password = "qing_@3389.."

def get_flag(): pass

class SSH_Client(): def __init__(self, host, port, username, password): self.is_root = False self.host = host self.port = port self.username = username self.password = password self.ssh = paramiko.SSHClient() self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self.ssh.connect(self.host, self.port, self.username, self.password, timeout=timeout)
def exec_command(self, command): stdin, stdout, stderr = self.ssh.exec_command(command) return stdin, stdout, stderr
def change_password(self): stdin, stdout, stderr = self.exec_command("passwd") if self.username != "root": stdin.write("%sn" % self.password) stdin.write("%sn" % new_password) stdin.write("%sn" % new_password) stdout.read() if "success" in stderr.read().decode('utf-8'): self.password = new_password return True else: return False
def save_log(self, filename): with open(filename, "a+") as f: f.write("%s %s %s %sn" % (self.host, self.port, self.username, self.password))
if __name__ == "__main__": if len(sys.argv) != 2: print("Usage:") print("t python %s [FILENAME]" % (sys.argv[0])) exit(1) filename = sys.argv[1] print(" [+] Loading file : %s" % filename) with open(filename) as f: for line in f: line = line.rstrip("n") data = line.split(" ") host = data[0] port = int(data[1]) username = data[2] password = data[3] print(" [+] Trying login : %s" % host) try: ssh_client = SSH_Client(host, port, username, password) except Exception as e: print(" [-] %s" % e) continue ssh_clients.append(ssh_client) print(" [+] Login finished. ") print(" [+} Got [%d] clients. " % len(ssh_clients)) if len(ssh_clients) == 0: exit() print(" [+] Starting changing password. ") for ssh_client in ssh_clients: if ssh_client.change_password(): print(" [+] %s (Success!)" % ssh_client.host) ssh_client.save_log("success.log") else: print(" [+] %s (Failed!)" % ssh_client.host) print(" [+] something like interesting!!! ")

AWD攻防工具脚本汇总(二)


情景六:批量种马

审计源码第一件事可能就找到官方的预留后门,开始第一波种马 ,这里用脚本直接用官方的马种不死马。

来源:卿's Blog、原文链接:https://www.cnblogs.com/-qing-/p/11182162.html#_label0

好文推荐

渗透测试Tips

免杀知识汇总

干货|各种WAF绕过手法学习

信息收集-入口点-免杀-内网/域=渗透测试完整流程

登陆页面渗透测试常见的几种思路与总结

Github渗透测试工具库-2021版

常见内网穿透工具使用总结

11个步骤完美排查Linux机器是否已经被入侵


欢迎关注 系统安全运维 

每日坚持分享好工具好资源,麻烦各位师傅文章底部给点个“再看”,感激不尽AWD攻防工具脚本汇总(二)

本文始发于微信公众号(系统安全运维):AWD攻防工具脚本汇总(二)

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2021年9月3日07:44:53
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   AWD攻防工具脚本汇总(二)https://cn-sec.com/archives/468208.html

发表评论

匿名网友 填写信息