请选择 进入手机版 | 继续访问电脑版

SSS安全论坛

 找回密码
 立即注册

QQ登录

只需一步,快速开始

产品
产品
团队
团队
版规
版规
查看: 770|回复: 2

[原创文章] rsync未授权验证以及目录获取

[复制链接]
  • TA的每日心情
    奋斗
    6 天前
  • 签到天数: 52 天

    [LV.5]常住居民I

    发表于 2016-12-13 18:41:07 | 显示全部楼层 |阅读模式
    本帖最后由 流弊的小白 于 2016-12-13 18:42 编辑

    usage: rsyncCheck.py 扫描ip文件 线程 密码(可空)
    获取rsync服务目录 为内网渗透以及大批量rsync验证提供便利
    [Python] 纯文本查看 复制代码
    import commands
    from multiprocessing.dummy import Pool as ThreadPool
    from sys import argv
    import os
    
    def rsyncExec(ip):
            try:
                    out = [ip]
                    cmd = 'rsync '+ip+'::'
                    (status,output) = commands.getstatusoutput('rsync '+ip+'::')
                    if status == 0:
                            model = output.split()
                    else:
                            model = '1'
                    if model != '1':
                            for x in model:
                                    (statusCheck,outputCheck) = commands.getstatusoutput('rsync '+ip+'::'+x+'/')
                                    if statusCheck == 0:
                                            out.append(x)
                    if len(out) > 1:
                            return out
            except Exception as e:
                    raise e
    
    def readText(txtpath):
            libs = []
            fp = open(txtpath,'r')
            while 1:
                    line = fp.readline()
                    if line:
                            libs.append(line.strip())
                    else:
                            break
            fp.close()
            return libs
    
    if __name__ == '__main__':
            try:
                    filepath,threed_num,password = argv[1:]
            except:
                    filepath,threed_num = argv[1:]
            try:
                    if password:
                            os.environ['RSYNC_PASSWORD']=str(password)
            except:
                    print '...ganga'
            ips = readText(filepath)
            pool = ThreadPool(int(threed_num))
            results = pool.map(rsyncExec,ips)
            pool.close()
            pool.join()
            fp = open('rsyncOut.txt','w')
            ret =  [str for str in results if str not in ['', ' ', None]]
            new_ret = list(set(ret))
            new_ret.sort(key=ret.index)
            for x in new_ret:
                    fp.write(x[0]+'    ')
                    for i in x[1:]:
                            fp.write(" '"+i+"'")
                    fp.write('\n')
            fp.close


    内网版:
    usage: rsyncCheck.py 扫描ip 线程 密码(可空)
    把文件那块换成了直接生成ip段 扫描ip直接写c段最后不要加点
    例如:192.168.1


    [Python] 纯文本查看 复制代码
    import commands
    from multiprocessing.dummy import Pool as ThreadPool
    from sys import argv
    import os
    
    def rsyncExec(ip):
            try:
                    out = [ip]
                    cmd = 'rsync '+ip+'::'
                    (status,output) = commands.getstatusoutput('rsync '+ip+'::')
                    if status == 0:
                            model = output.split()
                    else:
                            model = '1'
                    if model != '1':
                            for x in model:
                                    (statusCheck,outputCheck) = commands.getstatusoutput('rsync '+ip+'::'+x+'/')
                                    if statusCheck == 0:
                                            out.append(x)
                    if len(out) > 1:
                            return out
            except Exception as e:
                    raise e
    
    if __name__ == '__main__':
            try:
                    ip,threed_num,password = argv[1:]
            except:
                    ip,threed_num = argv[1:]
                    password = 0
            if password != 0:
                    os.environ['RSYNC_PASSWORD']=str(password)
            ips = [str(ip)+ '.' +str(x) for x in range(255)]
            pool = ThreadPool(int(threed_num))
            results = pool.map(rsyncExec,ips)
            pool.close()
            pool.join()
            fp = open('rsyncOut.txt','w')
            ret =  [str for str in results if str not in ['', ' ', None]]
            for x in ret:
                    fp.write(x[0]+'    ')
                    for i in x[1:]:
                            fp.write(" '"+i+"'")
                    fp.write('\n')
            fp.close



    暂时没有爆破的需求 有空再写带密码爆破。。

    评分

    参与人数 1下载币 +8 收起 理由
    轩轩 + 8 币多任性

    查看全部评分

    回复

    使用道具 举报

  • TA的每日心情
    奋斗
    昨天 00:22
  • 签到天数: 118 天

    [LV.6]常住居民II

    发表于 2016-12-14 00:06:52 | 显示全部楼层
    谢谢楼主分享  支持一下
  • TA的每日心情
    慵懒
    前天 20:13
  • 签到天数: 147 天

    [LV.7]常住居民III

    发表于 2016-12-25 17:16:11 | 显示全部楼层
    虽然是重复造轮子,但还是要支持一下
    您需要登录后才可以回帖 登录 | 立即注册

    本版积分规则

    关闭

    站长推荐上一条 /1 下一条

    关注微信赢邀请码

    QQ|Archiver|手机版|网站地图|网页地图|SSS安全论坛 ( 黔ICP备15010987号  

    GMT+8, 2017-2-25 23:49 , Processed in 0.439613 second(s), 33 queries .

    Powered by SSS团队 X3.2

    © 2014-2015 Comsenz Inc.

    快速回复 返回顶部 返回列表