国外很多大盘鸡都装了这东西。下载文件用。
两种加密方式:
1, user password
2, token:设置的secret
如果没设置的话,就是匿名登录。

#coding:utf-8
#!/usr/bin/env python


import time
import requests
import re
import sys

file_list=sys.argv[1]

data = '{"jsonrpc":"2.0","method":"aria2.getGlobalOption","id":1,"params":[]}'

with open(file_list, "r") as f:
    url_list= f.readlines()
    for ip in url_list:
        ip=ip.strip()
        url="http://"+ip+":6800/jsonrpc?tm="+str(int(time.time()))
        response = requests.post(url,data=data)
        html = response.content.decode('utf-8')
        headers = response.headers
        if(re.findall("Unauthorized",html)):
            pass
            #print(ip+" Aria2 Unauthorized\n")
        else:
            print(ip+" Anonymous Login Vul\n")

标签: none

添加新评论