python脚本验证Apache Tomcat Examples Directory Vulnerabilities
本人最近在做项目实训,在用AWVS扫描的时候遇到了Apache Tomcat Examples Directory Vulnerabilities漏洞。那么问题来了,如何利用python脚本验证此漏洞,话不多说,直接上代码(python3.6.0上亲测有效),此代码参考了网上别人写的部分代码
#!/usr/bin/env python
import urllib.request
import sys
IP=sys.argv[1:]
url='/examples/servlets/servlet/SessionExample'
date = urllib.request.urlopen('http://'+"127.0.0.1"+':80'+url)
if date.getcode() == 200:
print ("Vulnerable")
else:
print ("not Vulnerable")
验证结果如下图所示: