標籤:xpl 路徑 format .so enc com readline os.path lse
前言:
昨天看了Demon哥發的乾貨,有了次篇博文
乾貨連結:
https://www.soffensive.com/2018/06/exploiting-blind-file-reads-path.html?m=1 https://github.com/soffensive/windowsblindread https://github.com/mubix/post-exploitation-wiki/blob/master/windows/files.md 本文:1.將路徑儲存到一個txt,遍曆2.判斷是否存在3.存在則寫入一個檔案代碼:import osimport optparsepayload=open(‘mulu.txt‘,‘r‘)def main(): parser=optparse.OptionParser() parser.add_option(‘-x‘,dest=‘jiansuo‘,action=‘store_true‘,help=‘Retrieval path‘) (options,args)=parser.parse_args() if options.jiansuo: jiancha() else: parser.print_help() exit()def jiancha(): for p in payload.readlines(): jiance=os.path.exists(‘{}‘.format(p.strip())) if jiance==True: print(‘[>>>]The path of existence:{}‘.format(p)) lk=open(‘word.txt‘,‘w‘) lk.write(p) lk.close() else: print(‘[x]A path that does not exist:{}‘.format(p))if __name__ == ‘__main__‘: main()
測試如下:
Python寫一個目錄檢索器
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
