Skip to content

helloxiangyang/dedecmscan

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

dedecmscan

dedescan是一款可以扫描所有已公开的dedecms漏洞的扫描器。

        ...                 ...                                                     
        ...                 ...                                                     
        ...                 ...                                                     
        ...                 ...                                                     
        ...                 ...                                                     
   ........  .......   ........   .......   .......    ......    ......   ........  
  ...  .... .... ....  ... ....  .... ...  .... ...   ... ....  ...  ...  .... .... 
 ....  .... ...   ... ...   ...  ...   ... ...       ...   ...  .    ...  ...   ... 
 ....   ... ......... ...   ... ..........  ....     ...           .....  ...   ... 
 ....   ... ...       ...   ... ....         ......  ...        ........  ...   ... 
 ....  .... ...       ...   ... ....            .... ...   ... ....  ...  ...   ... 
  ...  .... ....  ... ....  ...  ...  .... ...   ... ....  ... ....  ...  ...   ... 
  .........  ........  ........   .......  ........   ........  ........  ...   ... 
    .......   .....     .......    .....     .....      ....     ........ ...   ... 

用法: python3 dedescan.py

然后直接输入域名即可

已实现的功能

  • 后台查找(win)
  • 版本探测
  • 短路经检测
  • 路径检测
  • trace检测
  • advancedsearch.php SqlInject
  • sql_class.php SqlInject
  • feedback_js.php SqlInject
  • getpage xss
  • guestbook.php SqlInject
  • infosearch.php SqlInject
  • jump.php xss
  • login.php xss
  • recommend.php SQL
  • redirect
  • reg_new.php SqlInject
  • search.php sqlinject
  • V5order by SqlInject
  • article_keyword_select.php xss
  • catelog_tree.php xss
  • content_list.php xss
  • file_pic_vie.php xss
  • pic_view.php xss
  • select_images.php xss
  • writebook getshell
  • digg_frame.php rce
  • list.php xss
  • login.php xss
  • config.php xss
  • flash xss

部分截图

其他说明

所有exp、poc均为网上收集,若侵犯了您的利益还望联系本人,一定删除,联系方式:cXFsZW5neWlAMTYzLmNvbQ==

本程序依赖:

  • requests
  • re
  • termcolor
  • threading
  • itertools

因为本程序编写只是为了自己使用,未加入批量功能,连多线程都是很随意(甚至都不能算是多线程),有时间再重构吧.....

About

织梦全版本漏洞扫描

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%