七夕云黑帽博客-专注互联网络安全-webshell七夕,七夕黑帽博客,QQ905690245

搭建乌云漏洞库+知识库

2018-10-31 22:18 作者:Mr.刘 | 黑客技术 | 标签: 搭建乌云漏洞库+知识库

乍一看乌云事件2年多了,而升级中还没有恢复为原本的页面。

为了方便查询,本文记叙一下漏洞库以及知识库镜像的搭建

准备

为了方便,我用了Windows服务器,详细配置如下

服务器配置

Windows Server 2016 DC
Apache 2.4.25
PHP 5.6.30
MySQL 5.7.17-log

所需文件下载地址

知识库:
链接:https://pan.baidu.com/s/1CZVZxdHzl7L8y3dGWN-aOQ
提取码:uuuo
漏洞库
链接:https://pan.baidu.com/s/1LGSwDmVwtlffyM8I-1hQzw
提取码:8duw

步骤

漏洞库

1.将漏洞库中的wooyun目录下所有文件移入mysql的data目录,然后查看数据库中是否存在名称为wooyun的数据库库和bugs、whitehats的数据表

SQL
mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | | wooyun | +--------------------+ 5 rows in set (0.00 sec) mysql> use wooyun Database changed
mysql> SHOW TABLES; +------------------+? | Tables_in_wooyun | +------------------+ | bugs | | whitehats | +------------------+ 3 rows in set (0.00 sec)

2.更改bugs\conn.php的内容为你数据库信息

3.访问查看查看是否正常,如页面显示报错信息,删掉那一行即可

知识库

知识库均为静态内容,为了方便浏览,写了个python脚本插入数据库
在wooyun数据库新建个drops表,SQL如下

SQL
CREATE TABLE `drops` ( `id` int(11) NOT NULL AUTO_INCREMENT, `title` text NOT NULL, `link` text NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=1270 DEFAULT CHARSET=utf8

Python脚本如下(Python 3)


Python
#!/usr/bin/env python # -*- coding: utf-8 -*- # @Date    : 2018-10-15 14:21:13 # @Author  : Sp4ce # @Github  : https://github.com/NS-Sp4ce # @Version : 1.0 import os import re import time import pymysql

path = "" # 乌云知识库文件夹目录 def getFiles(path): dirs = os.listdir(path) # 得到文件夹下的所有文件名称 #print(dirs) file = [] i = 0 for dir in dirs: # 遍历文件夹 file.append(dir) i += 1 # print(files) print('文件夹读取完毕,共有'+str(i)+'个文件') return file #返回file def insertDB(string): url='/content/'+titles
    conn=pymysql.connect(host='localhost', port=3306, user='root', password="", db='wooyun', charset='utf8') #定义数据库链接 cur = conn.cursor() insert_sql ="""INSERT INTO drops (title,link) VALUES ('%s','%s');""" cur.execute(insert_sql%(string,url)) conn.commit() #time.sleep(0.5) def getTitle(file): global titles for titles in file: #判断是否是文件夹,不是文件夹才打开 if not os.path.isdir(path + '\\' + titles): #打开文件 with open(path + '\\' + titles, 'r',encoding='utf-8') as files: p1 = re.compile('<title>([\s\S]*)</title>') #将正则表达式编译成 p1 对象 try: for line in files: match1 = p1.search(line)#匹配 #print(match1) if match1: string=match1.group(0) string=string.replace('<title>','') string=string.replace(' | WooYun知识库</title>','')#标题处理 try: insertDB(string) print('[+]' + string + '<->插入成功') except: print('[-]' + string + '<->插入失败') fo = open('error.txt', "ab+") #失败记录 fo.write(('\r''[-]' + string + "--------插入失败" + '\r\n').encode('UTF-8')) fo.close() except: fo = open('error.txt', "ab+")#失败记录 fo.write(('\r''[-]' + titles + "--------获取失败" + '\r\n').encode('UTF-8')) fo.close() return titles if __name__ == "__main__": getTitle(getFiles(path))

入完库后做个页面来查询

dops.php

PHP
<?php require('conn.php'); ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title> 乌云知识库 </title> <meta content="webkit" name="renderer"> <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible"> <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport"> <link href="/layui/css/layui.css" media="all" rel="stylesheet"> </head> <body class="layui-main"> <div class="layui-container"> <div class="layui-col-xs6 layui-col-md12"> <div class="layui-field-title"> <h1><a href="#">乌云知识库</a></h1> <h2><a href="#">WooYun Drops</a></h2> </div> </div> <hr class="layui-bg-blue"> <div class="layui-col-xs6 layui-col-md12 layui-text-center layui-mt-5 layui-mb-5"> <h1 class="layui-text-h1">乌云知识库</h1> </div> <div class="layui-col-xs6 layui-col-md12 layui-mt-5"> <form class="layui-form" action="" method="get"> <div class="layui-form-item" style="width: 90%;margin: 0 auto"> <div class="layui-input-inline"> <input type="text" name="q" required="" lay-verify="required" placeholder="搜索条件" class="layui-input"> </div> <button class="layui-btn layui-btn-normal" type="submit">搜索</button> </div> </form> </div> <div class="layui-col-xs6 layui-col-md12"> <!--检索结果-start--> <? if(isset($_GET['q'])){ @$q0=isset($_GET['q'])?$_GET['q']:'SQL注射'; @$q = str_replace("'","",$q0); $qs = mysql_query("select * from drops where title like '%".@$q."%' or link like '%".@$q."%' group by id order by id desc"); $num = "15"; //每页显示30条 @$page=isset($_GET['page'])?intval($_GET['page']):1; @$total=mysql_num_rows($qs); //查询数据的总数total @$pagenum=ceil($total/$num); @$offset=($page-1)*$num; @$$drops_result2222 = mysql_query("select * from drops where title like '%".@$q."%' or link like '%".@$q."%' group by id order by id desc limit ".$offset.",15"); if (mysql_num_rows($$drops_result2222)>0) { echo ' <fieldset class="layui-elem-field layui-field-title" style="margin-top: 50px;"> <legend> 搜索结果 </legend> </fieldset> <table class="layui-table"> <colgroup> <col> <col> <col> </colgroup> <thead> <tr> <th> 标题 </th> <th> 链接 </th> <th> 操作 </th> </tr> </thead>'; echo "<tbody>"; while(@$row223 = mysql_fetch_array($$drops_result2222)){ echo "<tr>"; echo '<td>'.$row223['title'].'</td>'. PHP_EOL; echo '<td>'.$row223['link'].'</td>'. PHP_EOL; echo '<td> <a href="http://'.$_SERVER["SERVER_ADDR"].$row223['link'].'" class="layui-btn layui-btn-normal">查看</a></td>'. PHP_EOL; echo "</tr>"; } echo '</tbody>'; echo '</table>'; echo '<div style="float:right;padding:10px 30px 0 0">'; @$page = $_GET['page']?$_GET['page']:1;//当前页数,默认是1 if($page==1){ $prepage=1; }else{ $prepage=$page-1; } if($page==$pagenum){ $nextpage=$pagenum; }else{ $nextpage=$page+1; } echo '<center>'.$total.' 条记录'; echo ','.$pagenum.' 页 '; echo '<a href="drops.php?q='.$q.'&page=1" class="layui-btn layui-btn-sm">首页</a>'. PHP_EOL; echo '<a href="drops.php?q='.$q.'&page='.$prepage.'" class="layui-btn layui-btn-primary layui-btn-sm">上一页</a>'. PHP_EOL; echo '<a href="drops.php?q='.$q.'&page='.$nextpage.'" class="layui-btn layui-btn-primary layui-btn-sm">下一页</a>'. PHP_EOL; echo '<a href="drops.php?q='.$q.'&page='.$pagenum.'" class="layui-btn layui-btn-danger layui-btn-sm">末页</a></center>'. PHP_EOL; echo '</div>'; }else{ echo '<blockquote class="layui-elem-quote layui-text layui-mt-5">未检索到相关内容!</blockquote>'; } } ?> </div> <!---检索结果-end--> <div class="layui-col-xs6 layui-col-md12"style="margin-bottom: 100px;"> <fieldset class="layui-elem-field layui-field-title" style="margin-top: 50px;"> <legend> 随机文章 </legend> </fieldset> <?php @$drops_random = mysql_query("SELECT * FROM drops WHERE id >= ((SELECT MAX(id) FROM drops)-(SELECT MIN(id) FROM drops)) * RAND() + (SELECT MIN(id) FROM drops) LIMIT 5"); @$drops_random = mysql_query("SELECT * FROM drops WHERE id >= ((SELECT MAX(id) FROM drops)-(SELECT MIN(id) FROM drops)) * RAND() + (SELECT MIN(id) FROM drops) LIMIT 5"); if (mysql_num_rows($drops_random)>0) { echo ' <table class="layui-table"> <colgroup> <col> <col> <col> </colgroup> <thead> <tr> <th> 标题 </th> <th> 链接 </th> <th> 操作 </th> </tr> </thead>'; echo "<tbody>"; while(@$row223333 = mysql_fetch_array($drops_random)){ echo "<tr>"; echo '<td>'.$row223333['title'].'</td>'. PHP_EOL; echo '<td>'.$row223333['link'].'</td>'. PHP_EOL; echo '<td> <a href="http://'.$_SERVER["SERVER_ADDR"].$row223333['link'].'" class="layui-btn layui-btn-normal">查看</a></td>'. PHP_EOL; echo "</tr>"; } echo '</tbody>'; echo '</table>'; } ?> </div> </div> <div class="layui-footer" style="margin-top: 50px;"> <ul> <li><a href="/">wooyun.org</a></li> </ul> </div> </body> <script charset="utf-8" src="/layui/layui.js"> </script> </html>

文件夹目录如下

搭建乌云漏洞库+知识库

成果

搭建乌云漏洞库+知识库

所需文件

https://github.com/NS-Sp4ce/wooyun-drops-tools

  • blogger
分享本文至:

文章作者:Mr.刘 作者QQ:905690245
文章地址:http://www.blog.qixiwangluo.com/?post=204
版权所有 © 转载时必须以链接形式注明作者和原始出处!

发表评论:



如有侵犯您的版权请发送QQ邮件至905690245@qq.com

CopyRight 2021 七夕云黑帽博客-专注互联网络安全.All rights reserved.

技术支持:攀枝花七夕云网络