一、工具介紹

批量網站備份文件掃描器,增加文件規則,優化內存占用。網站備份文件泄露可能造成的危害:

1. 網站存在備份文件:網站存在備份文件,例如數據庫備份文件、網站源碼備份文件等,攻擊者利用該信息可以更容易得到網站權限,導致網站被黑。

2. 敏感文件泄露是高危漏洞之一,敏感文件包括數據庫配置信息,網站后臺路徑,物理路徑泄露等,此漏洞可以幫助攻擊者進一步攻擊,敞開系統的大門。

3. 由于目標備份文件較大(xxx.G),可能存在更多敏感數據泄露

4. 該備份文件被下載后,可以被用來做代碼審計,進而造成更大的危害

5. 該信息泄露會暴露服務器的敏感信息,使攻擊者能夠通過泄露的信息進行進一步入侵。

二、安裝與使用

1、常見后綴:

['.zip','.rar','.tar.gz','.tgz','.tar.bz2','.tar','.jar','.war','.7z','.bak','.sql','.gz','.sql.gz','.tar.tgz']

2、根據域名自動生成相關掃描字典

python3 ihoneyBakFileScan_Modify.py -u https://baidu.com -t 1000 -o test.txt
['baidu.com', 'baiducom', 'baidu_com', 'com', 'com', 'com', 'baidu', 'com']

python3 ihoneyBakFileScan_Modify.py -u https://www.baidu.com -t 1000 -o test.txt
['www.baidu.com', 'wwwbaiducom', 'www_baidu_com', 'baiducom', 'baidu.com', 'baidu_com', 'www', 'baidu']

python3 ihoneyBakFileScan_Modify.py -u https://aaa.www.baidu.com -t 1000 -o test.txt
['aaa.www.baidu.com', 'aaawwwbaiducom', 'aaa_www_baidu_com', 'wwwbaiducom', 'www.baidu.com', 'www_baidu_com', 'aaa', 'www']

python3 ihoneyBakFileScan_Modify.py -u https://aaa.bbb.www.baidu.com -t 1000 -o test.txt
['aaa.bbb.www.baidu.com', 'aaabbbwwwbaiducom', 'aaa_bbb_www_baidu_com', 'bbbwwwbaiducom', 'bbb.www.baidu.com', 'bbb_www_baidu_com', 'aaa', 'bbb']

3、常見備份文件名,字典于代碼中可自行切換,

tmp_info_dic = ['1','127.0.0.1','2010','2011','2012','2013','2014','2015','2016','2017','2018','2019','2020','2021','2022','2023','2024','2025','__zep__/js','admin','archive','asp','aspx','auth','back','backup','backups','bak','bbs','bin','clients','code','com','customers','dat','data','database','db','dump','engine','error_log','faisunzip','files','forum','home','html','index','joomla','js','jsp','local','localhost','master','media','members','my','mysql','new','old','orders','php','sales','site','sql','store','tar','test','user','users','vb','web','website','wordpress','wp','www','wwwroot','root']
#tmp_info_dic = ['__zep__/js','0','00','000','012','1','111','123','127.0.0.1','2','2010','2011','2012','2013','2014','2015','2016','2017','2018','2019','2020','2021','2022','2023','2024','2025','234','3','333','4','444','5','555','6','666','7','777','8','888','9','999','a','about','admin','app','application','archive','asp','aspx','auth','b','back','backup','backups','bak','bbs','beifen','bin','cache','clients','code','com','config','core','customers','dat','data','database','db','download','dump','engine','error_log','extend','files','forum','ftp','home','html','img','include','index','install','joomla','js','jsp','local','login','localhost','master','media','members','my','mysql','new','old','orders','output','package','php','public','root','runtime','sales','server','shujuku','site','sjk','sql','store','tar','template','test','upload','user','users','vb','vendor','wangzhan','web','website','wordpress','wp','www','wwwroot','wz','數據庫','數據庫備份','網站','網站備份']

4、批量url掃描  

python3 ihoneyBakFileScan_Modify.py -t 100 -f url.txt -o result.txt

5、單個url掃描  

python3 ihoneyBakFileScan_Modify.py -u https://www.baidu.com/ -o result.txt
python3 ihoneyBakFileScan_Modify.py -u www.baidu.com -o result.txt
python3 ihoneyBakFileScan_Modify.py -u www.baidu.com -d dict.txt -o result.txt

三、下載地址:

項目作者:VMsec
項目地址:https://github.com/VMsec/ihoneyBakFileScan_Modify
https python3
撤稿糾錯
本作品采用《CC 協議》,轉載必須注明作者和本文鏈接