首页 电脑 电脑学堂 查看内容

猜解默认数据库和 conn.asp 暴库的 NASL 脚本

2005-4-4 08:14 1001 0

摘要: 作者:zhouzhen [E.S.T]来源:邪恶八进制安全小组呵呵,脚本语言发挥起来也是很强大的。 :)Code:include("http_func.inc"); include("http_ke...
关键词: port database report data solution path nbsp conn inc mdb

作者:zhouzhen [E.S.T]来源:邪恶八进制安全小组呵呵,脚本语言发挥起来也是很强大的。 :)Code:include("http_func.inc"); include("http_keepalive.inc"); dir = make_list("/data/database.mdb", "/data/data.mdb", "/data/date.mdb", "/data/bbs.mdb", "/data/dvbbs7.mdb", "/data.mdb", "/database.mdb"); #display(dir); foreach path (dir) { if (port = is_cgi_installed(path)) { #display(path); report = "\nUnder the cgi path " + path + " found database!\nYour database is possiblly to be download!\n\n"; solution = "Solution : you 'd better rename the database name, or move the database to other cgis\n"; Risk_factor = "Risk factor: High "; report = report + solution + Risk_factor; security_hole(data:string(report), port:port); } } # conn.asp port = get_http_port(default:80); if(!get_port_state(port))exit(0); dirs = make_list("/conn.inc", "/conn.asp", "/connection.asp", "/inc/conn.inc", "/inc/conn.asp", "/inc/connection.asp"); foreach paths (dirs) { req = http_get(item:paths, port:port); r = http_keepalive_send_recv(port:port, data:req, bodyonly:1); if (r == NULL) exit(0); if (egrep(pattern:"80004005", string:r)) {   info = ereg_replace(pattern:'.*(\'[^0-9]:.*\').*', string:r, replace:'\\1');   report = 'The path ' + info + ' maybe is the database physical path!\nYour databae is possiblly to be download!\n';   Solution = '\nSolution : Please modify the conn.asp file add ON ERROR RESUME NEXT statement.\n' + 'Risk factor : Medium\n';   report = report + Solution;   security_hole(data:report, port:port);   display("\n");   } } [Ctrl+A Select All]代码非常短。
声明:文章版权归原作者所有 部分文章转自互联网 如有侵权请联系 [邮箱地址] 删除

路过

雷人

握手

鲜花

鸡蛋

最新评论

返回顶部