通过编写一个简单的漏洞扫描程序学习Python基本语句

时间:2021-02-04 00:17:25

今天开始读《Python绝技:运用Python成为*黑客》一书,第一章用一个小例子来讲解Python的基本语法和语句。主要学习的内容有:1. 安装第三方库。2. 变量、字符串、列表、词典。3. 网络的编程。4. 条件选择语句和for循环。5. 异常处理。6. 函数。7. 文件输入/输出。8. sys模块和os模块。把最后的代码贴在这里,做个记录。

import socket
import os
import sys port = 21
banner = "FreeFloat FTP Server" portList = [21,22,80,110]
portOpen = True services = {'ftp':21, 'ssh':22, 'smtp':25, 'http':80} def retBanner(ip,port):
try:
socket.setdefaulttimeout(2)
s = socket.socket()
s.connect((ip,port))
banner = s.recv(1024)
return banner
except:
return def checkVulns(banner,filename):
f = open(filename,'r')
for line in f.readlines():
if line.strip('\n') in banner:
print '[+] Server is vulnerable: ' + banner.strip('\n') def main():
if len(sys.argv) == 2:
filename = sys.argv[1]
if not os.path.isfile(filename):
print '[-] ' +filename + ' does not exist.'
exit(0)
if not os.access(filename, os.R_OK):
print '[-] ' +filename + ' access denied.'
exit(0)
else:
print '[-] Usage: ' + str(sys.argv[0]) + ' <vuln filename>'
exit(0) portList = [21,22,25,80,110,443]
for x in range(147,150):
ip = '192.168.95.' + str(x)
for port in portList:
banner = retBanner(ip,port)
if banner:
print '[+] ' + ip + ': ' + banner
checkVulns(banner, filename) if __name__ == '__main__':
main()