Python脚本|根据URL生成特定目标网站备份文件猜测字典

Python小白,分享一个网站信息搜集的思路,并用python写出脚本,仅供参考~

搜集常见的备份文件后缀类型,以及一些固定的文件名,可自由添加修改:

#coding=utf-8

# 根据URL生成特定目标网站备份文件猜测字典

#Test By: AnCoLin|影风

#http://www.storysec.com

suffixList = ['.rar','.zip','.sql','.gz','.tar','.bz2','.tar.gz','.bak','.dat']

keyList=['install','INSTALL','index','INDEX','ezweb','EZWEB','flashfxp','FLASHFXP']

# 请输入目标URL

print "Please input the URL:"
url = raw_input()

if (url[:5] == 'http:'):
    url = url[7:].strip()

if (url[:6] == 'https:'):
    url = url[8:].strip()

numT = url.find('/')

if(numT != -1):
    url = url - url[:numT]

# 根据URL,推测一些针对性的文件名:

num1 = url.find('.')
num2 = url.find('.',num1 + 1)

keyList.append(url[num1 + 1:num2])
keyList.append(url[num1 + 1:num2].upper())

keyList.append(url)  # www.test.com
keyList.append(url.upper())

keyList.append(url.replace('.','_'))  # www_test_com
keyList.append(url.replace('.','_').upper())

keyList.append(url.replace('.',''))  # wwwtestcom
keyList.append(url.replace('.','').upper())

keyList.append(url[num1 + 1:])   # test.com
keyList.append(url[num1 + 1:].upper())   

keyList.append(url[num1 + 1:].replace('.','_'))  # test_com
keyList.append(url[num1 + 1:].replace('.','_').upper())

# 生成字典列表,并写入txt文件:

tempList =[]

for key in keyList:
    for suff in suffixList:
        tempList.append(key + suff)

fobj = open("success.txt",'w')

for each in tempList:
    each ='/' + each
    fobj.write('%s%s' %(each,'\n'))
    fobj.flush()

print 'OK!'

测试如图:

扫码支持
扫码打赏,你说多少就多少

打开支付宝扫一扫,即可进行扫码打赏哦

标签:

分享到:

扫一扫在手机阅读

扫一扫 在手机阅读、分享本文

上一篇: 下一篇:已经是最新的文章了

精彩评论

全部回复3人评论617 views人参与
  1. 1楼
    容网

    IT IS A GOOD BLOG!

    2018-04-26 09:18:42 回复
  2. 2楼
    虾米

    朋友 我的博客地址更新了 关键词:蜗居 URL地址: https://woj.app 望朋友看到更新一下呦。感谢。 好久没来了,路过踩一脚。

    2018-05-14 05:43:22 回复

电子邮件地址不会被公开。 必填项已用*标注

loading

90后web菜鸟,互联网小白~
喜欢领域:编程|代码审计|web安全

最新评论

  • cheapest cialis 20mg
    Heya i'm for the first time here. I found this board and I to find It really useful & it helped me out much. I'm hoping to offer something again and aid others such as you aided me.
    发表在:YII2.0 开发基础学习笔记(二)
  • FernandoBold
    I have checked your page and i have found some duplicate content, that's why you don't rank high in google, but there is a tool that can help you to create 100% unique articles, search for: SSundee advices unlimited content for your blog
    发表在:DVWA XSS (Reflected) 通关教程
  • Z
    请问为什么sql注入使用' or 1=1 #不行呢?
    发表在:DVWA Brute Force通关教程
  • Helenfug
    Absolutely NEW update of SEO/SMM package "XRumer 16.0 + XEvil": captcha breaking of Google (ReCaptcha-2 and ReCaptcha-3), Facebook, BitFinex, Bing, Hotmail, SolveMedia, Yandex, and more than 8400 another types of captcha, with highest precision (80..100%) and highest speed (100 img per second). You can use XEvil 4.0 with any most popular SEO/SMM software: iMacros, XRumer, GSA SER, ZennoPoster, Srapebox, Senuke, and more than 100 of other software. Interested? There are a lot of impessive videos about XEvil in YouTube. FREE DEMO AVAILABLE! Good luck ;)
    发表在:PHP代码审计归纳[转载]
  • feng
    okok,已更新链接,感谢通知
    发表在:Python脚本|根据URL生成特定目标网站备份文件猜测字典