Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to write python3 Redis unauthorized detection script". In daily operation, I believe many people have doubts about how to write python3 Redis unauthorized detection script. Xiaobian consulted all kinds of materials and sorted out simple and easy operation methods. I hope to help you answer the doubts of "how to write python3 Redis unauthorized detection script"! Next, please follow the small series to learn together!

import sysimport getoptimport socketdef get_target(): opts, args = getopt.getopt(sys.argv[1:], '-i:-p:-h') # print(opts) for opt_name, opt_value in opts: if opt_name == '-h': print('[*]This is help information [*]n' '[*]-i + vulnerable-ip [*]n' '[*]-p + vulnerable-port [*]n' '[*]Example:python3 -i 127.0.0.1 -p 6379[*]n') if opt_name in ('-i', ): ip = opt_value if opt_name in ('-p', ): port = opt_value return ip, portdef passwd_dict(): passwd = ['redis@123', 'Redis@123', 'Passw0rd', '123456'] return passwddef main(ip, port, passwd): print("[*]Redis Unauthorized and Weak Password Detection [*]n" "[*]By: Zh1z3ven [*]n" "[*]Blog: https://www.cnblogs.com/Zh1z3ven/ [*]n") s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((ip, int(port))) send_data = 'INFOrn' s.send(send_data.encode()) res = s.recv(1024) response = bytes.decode(res) # print(response) if 'redis_version' in response: result = '[!] Vulnerable {0}:{1} has unauthorized access [!] '.format(ip, port) print(result) return result elif 'NOAUTH' in response: for item in passwd: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((ip, int(port))) send_data = 'AUTH {0}rn'.format(item) s.send(send_data.encode()) res = s.recv(1024) response = bytes.decode(res) # print(response) if '+OK' in response: result = '[!] Vulnerable: {0}:{1} Weak password {2} [!] '.format(ip, port, item) print(result) return result else: result = '[*] No unauthorized and weak passwords [*]' print(result) return resultif __name__ == '__main__': ip, port = get_target() passwd = passwd_dict() main(ip, port, passwd) At this point, the study of "python3 Redis unauthorized detection script how to write" is over, hoping to solve everyone's doubts. Theory and practice can better match to help everyone learn, go and try it! If you want to continue learning more relevant knowledge, please continue to pay attention to the website, Xiaobian will continue to strive to bring more practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.