Cors_test(批量测试网站是否存在CORS劫持)
Posted p1g3
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Cors_test(批量测试网站是否存在CORS劫持)相关的知识,希望对你有一定的参考价值。
import requests from threading import Thread headers = { ‘User-Agent‘:‘Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0‘, ‘Origin‘:‘http://www.baidu.com/‘ } def test_cors(filename): with open(filename) as targets: for target in targets: if ‘http://‘ or ‘https://‘ not in target: target = ‘http://‘ + target.strip() try: req = requests.get(target,headers=headers,timeout=(5,20),verify=False,allow_redirects=False) if ‘Access-Control-Allow-Origin‘ and ‘Access-Control-Allow-Credentials‘ in req.headers: print(‘[+]CORS Found: {} {} {}‘.format(target,req.headers[‘Access-Control-Allow-Origin‘],req.headers[‘Access-Control-Allow-Credentials‘])) with open(‘success.txt‘,‘a+‘) as f: f.write("{} {} {} \n".format(target,req.headers[‘Access-Control-Allow-Origin‘],req.headers[‘Access-Control-Allow-Credentials‘])) continue else: print(‘[+]maybe CORS:{} {}‘.format(target,req.headers[‘Access-Control-Allow-Origin‘])) with open(‘success.txt‘,‘a+‘) as f: f.write("{} {} \n".format(target,req.headers[‘Access-Control-Allow-Origin‘])) continue except (TimeoutError,requests.exceptions.ReadTimeout): print(‘{} {}‘.format(target,‘timeout‘)) continue except KeyError: print(‘{} {}‘.format(target,‘key not found‘)) def main(): filename = input(‘Please input your urls.txt:‘) thread = Thread(target=test_cors,args=(filename,)) thread.start()
if __name__ == ‘__main__‘: main()
该脚本用于批量测试是否存在CORS劫持,只有当Access-Control-Allow-Origin为baidu.com时才存在,否则需要在Access-Control-Allow-Origin域下才可劫持。
环境:Python3
使用:python3 cors_test.py
传入:urls.txt(待测试网站)
漏洞存在的会放入当前目录下的success.txt,出现key not found的表示有可能存在CORS劫持。
缺点:无爬虫,无法测试api,只能测试网站是否存在CORS劫持,但无法准确找到信息泄露点。
以上是关于Cors_test(批量测试网站是否存在CORS劫持)的主要内容,如果未能解决你的问题,请参考以下文章
从 HTTP 到 HTTPS 发出 CORS 请求是不是存在任何安全问题?