Giters

VMsec / iisShortNameScaner

多线程批量检测IIS短文件名漏洞+漏洞利用

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

iisScaner

iisShortNameScaner

iisShortNameScaner.py

多线程批量检测脚本(需要自己先识别出iis中间件的目标,文件中链接需要带https://http://


██╗██╗?██████╗?██████╗?█████╗??█████╗?███╗??██╗███████╗██████╗?
██║██║██╔════╝██╔════╝██╔══██╗██╔══██╗████╗?██║██╔════╝██╔══██╗
██║██║╚█████╗?╚█████╗?██║??╚═╝███████║██╔██╗██║█████╗??██████╔╝
██║██║?╚═══██╗?╚═══██╗██║??██╗██╔══██║██║╚████║██╔══╝??██╔══██╗
██║██║██████╔╝██████╔╝╚█████╔╝██║??██║██║?╚███║███████╗██║??██║
╚═╝╚═╝╚═════╝?╚═════╝??╚════╝?╚═╝??╚═╝╚═╝??╚══╝╚══════╝╚═╝??╚═╝
    
Example: python3 iisShortNameScaner.py -t 100 -f url.txt -o result.txt

iisScanIIS10_Exp.py

IIS短文件名漏洞实际利用脚本(添加忽略https证书校验)

# An IIS short_name scanner   my[at]lijiejie.com  http://www.lijiejie.com    
# Modified by ABC_123

感谢

红队第7篇:IIS短文件名猜解在拿权限中的巧用,付脚本下载

About

多线程批量检测IIS短文件名漏洞+漏洞利用

Languages

Language:Python 100.0%