ctf 脚本

昨晚闲逛世荣博客,发现他做的很多题都把脚本贴出来了。想到一直没有整理脚本的习惯,打算对最近做题使用到的脚本进行归档。

Github:https://github.com/binganao/ctf_script

这个项目保持更新,欢迎Pull requests!

base64.php

1
2
3
4
5
6
7
8
9
10
11
12
<?php
if (!isset($argv[1])) {
echo("usage: php base64.php \"raw text\"");
}
else {
$raw = $argv[1];
echo(base64_encode($raw));
echo "\n\n";
echo(base64_decode($raw));
}
echo("\n");
?>

urlcode.php

1
2
3
4
5
6
7
8
9
10
11
12
<?php
if (!isset($argv[1])) {
echo("usage: php urlcode.php \"raw text\"");
}
else {
$raw = $argv[1];
echo(urlencode($raw));
echo "\n\n";
echo(urldecode($raw));
}
echo("\n");
?>

Spider.py

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# 简单的爬虫脚本,可以稍作修改用于SQL盲注、爆破密码和FUZZ
import requests
import re

from requests.api import get

target_url = ""
headers = {
# "X-Forwarded-For": "127.0.0.1",
# "Cookie": "",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15",
"Accept": "*/*",
}

# 最简单的爬虫 可以配合多线程使用
def run_spider(param):
r = requests.get(target_url, headers=headers)
# r = requests.post(target_url, headers=headers)
print(r.text)
html = r.text
# html = r.content.decode("gb2312")
get_ness_text = re.findall(r'', html)
print(get_ness_text)
if(get_ness_text == ''):
# do something
pass
else:
# do something
pass

if __name__ == '__main__':
run_spider('parm')
作者

饼干

发布于

2021-09-18

更新于

2021-09-18

许可协议

评论