WordPress的站不好搞定这是大家都知道的。一般针对没有旁站的Wordpress,大多数可以从插件入手。
虽然网上有一款wpscan,但是并不能完全的判断出所使用的插件。同时也不能在win使用,对于我这种非linux脑残粉系列的人,很要命、
这个py只要修改43行,把前面的域名修改一下就可以了。
同时,在第10行,可以设置线程数。
而plugins.txt是从wordpress官网采集回来的。wordpress官方的插件有30000多,但是抓完去重,只有21000多个。
扫描到存在的,会写入当前目录下的code.txt
[AppleScript] 纯文本查看 复制代码 from threading import Thread
from Queue import Queue
from time import sleep
import urllib,urllib2,cookielib,socket
#NUM是并发线程总数
q = Queue()
NUM = 8
def working():
while True:
arguments = q.get()
Url_find(arguments)
q.task_done()
def Url_find(url):
socket.setdefaulttimeout(20)
w=open('code.txt','a')
headers_values = {"User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.1) Gecko/20090624 Firefox/3.5",
"Accept": "text/plain","Cookie": "__utma=1.2089147197.1397547385.1397635358.1397642104.8; __utmz=1.1397635358.7.3.utmcsr=playmemoriesonline.com|utmccn=(referral)|utmcmd=referral|utmcct=/; cm.BTMayTB8hQRbB8hoczAG88as.B8hQRbMrh=1396342348; s_fid=64806B4F8D15CDD6-2C5B4A5014848C94; __utma=145409895.1638842391.1396402673.1397642106.1397696204.23; __utmz=145409895.1397539600.17.4.utmcsr=sonyentertainmentnetwork.com|utmccn=(referral)|utmcmd=referral|utmcct=/home/; wp-settings-time-3774=1396948035; wp-settings-3774=mfold%3Do; cm.BTOjnAB8hQRbB8hoPoAG88as.B8hQRbhYh=1397554256; __utmb=145409895.2.10.1397696204; __utmc=145409895"}
req = urllib2.Request(url,headers=headers_values)
try:
page = urllib2.urlopen(req)
print 'plugins find:',page.geturl()
w.write(url)
w.write('\n')
except urllib2.HTTPError, e:
print e.code
print 'The url is :',url,'\n'
except urllib2.URLError, e:
print "Error Reason:", e.reason
w.close()
def mutl_thread():
for i in range(NUM):
t = Thread(target=working)
t.setDaemon(True)
t.start()
f=open('plugins.txt','r')
for line in f:
line="http://www.xxx.com/wp-content/plugins/"+line.strip('\n')
q.put(line)
f.close()
q.join()
if __name__ == "__main__":
# use_proxy()
mutl_thread()
plugins.zip
(435.2 KB, 下载次数: 33)
| 
发表于 2014-5-13 10:24:54
发表于 2014-5-13 12:20:54
发表于 2014-5-13 12:43:30
最好能自动打包 自动脱裤