Nginx漏洞扫描程序 perl 代码
#!usr/bin/perl -w
use LWP;
use LWP::ConnCache;
my $browser = LWP::UserAgent->new;
$browser->timeout( 15 );
my $conncache = LWP::ConnCache->new;
$browser->conn_cache($conncache);
#先用列表吧,没有用记事本保存列表再读再扫嘿嘿
my @bbslist1;
push @bbslist1,http://bbs.xxx.com/robots.txt;
push @bbslist1,http://bbs.yyy.com/robots.txt ;
push @bbslist1,'http://bbs.pctutu.com/robots.txt';
push @bbslist1,'http://bbs.yahoo.cn/robots.txt';
#Server: nginx/0.8.13
#Content-Type: text/html
print ttNginx漏洞扫描程序nn;
foreach my $url (@bbslist1){
print 目前正在扫描:$urln;
my $respOnse= $browser->get( $url);
$response->is_success or say(Failed to get '$url':n, $response->status_line);
my $servertype = $response->server;
print $servertypen;
if ($servertype=~/nginx/){
my $typeold=$response->content_type;
print $typeoldn;
my $url2=$url.'/xysky.php';
my $response2 = $browser->get( $url2);
$response2->is_success or say(Failed to get '$url2':n, $response->status_line);
my $typenew=$response2->content_type;
print $typenewn;
if ($typeold eq $typenew){
print 站点 $url 暂没有发现漏洞.nn;
}else{
print 站点 $url 存在该漏洞.nn;
}
}else{
print 站点不是nginx,Sorry!nn;
}
}