乌云2年多了。。突发奇想在内网搭建个知识库+漏洞库
准备 为了方便,我用了Windows服务器,详细配置如下
服务器配置
Windows Server 2016 DC
所需文件下载地址
知识库:https://pan.baidu.com/s/1CZVZxdHzl7L8y3dGWN-aOQ https://pan.baidu.com/s/1LGSwDmVwtlffyM8I-1hQzw
步骤 漏洞库
将漏洞库中的wooyun目录下所有文件移入mysql的data目录,然后查看数据库中是否存在名称为wooyun的数据库库和bugs、whitehats的数据表mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | | wooyun | +--------------------+ 5 rows in set (0.00 sec) mysql> use wooyun Database changed mysql> SHOW TABLES; +------------------+? | Tables_in_wooyun | +------------------+ | bugs | | whitehats | +------------------+ 3 rows in set (0.00 sec)
更改bugs\conn.php的内容为你数据库信息
访问查看查看是否正常,如页面显示报错信息,删掉那一行即可
知识库 知识库均为静态内容,为了方便浏览,写了个python脚本插入数据库
CREATE TABLE `drops` ( `id` int (11 ) NOT NULL AUTO_INCREMENT, `title` text NOT NULL , `link` text NOT NULL , PRIMARY KEY (`id`) ) ENGINE= InnoDB AUTO_INCREMENT= 1270 DEFAULT CHARSET= utf8
Python脚本如下(Python 3)
import osimport reimport timeimport pymysqlpath = "" def getFiles (path ): dirs = os.listdir(path) file = [] i = 0 for dir in dirs: file.append(dir ) i += 1 print ('文件夹读取完毕,共有' +str (i)+'个文件' ) return file def insertDB (string ): url='/content/' +titles conn=pymysql.connect(host='localhost' , port=3306 , user='root' , password="" , db='wooyun' , charset='utf8' ) cur = conn.cursor() insert_sql ="""INSERT INTO drops (title,link) VALUES ('%s','%s');""" cur.execute(insert_sql%(string,url)) conn.commit() def getTitle (file ): global titles for titles in file: if not os.path.isdir(path + '\\' + titles): with open (path + '\\' + titles, 'r' ,encoding='utf-8' ) as files: p1 = re.compile ('<title>([\s\S]*)</title>' ) try : for line in files: match1 = p1.search(line) if match1: string=match1.group(0 ) string=string.replace('<title>' ,'' ) string=string.replace(' | WooYun知识库</title>' ,'' ) try : insertDB(string) print ('[+]' + string + '<->插入成功' ) except : print ('[-]' + string + '<->插入失败' ) fo = open ('error.txt' , "ab+" ) fo.write(('\r' '[-]' + string + "--------插入失败" + '\r\n' ).encode('UTF-8' )) fo.close() except : fo = open ('error.txt' , "ab+" ) fo.write(('\r' '[-]' + titles + "--------获取失败" + '\r\n' ).encode('UTF-8' )) fo.close() return titles if __name__ == "__main__" : getTitle(getFiles(path))
入完库后做个页面来查询【PS:写的不好 见谅。。】
dops.php
<?php require ('conn.php' );?> <!DOCTYPE html> <html> <head> <meta charset="utf-8" > <title> 乌云知识库 </title> <meta content="webkit" name="renderer" > <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible" > <meta content="width=device-width, initial-scale=1, maximum-scale=1" name="viewport" > <link href="/layui/css/layui.css" media="all" rel="stylesheet" > </head> <body class ="layui -main "> <div class ="layui -container "> <div class ="layui -col -xs6 layui -col -md12 "> <div class ="layui -field -title "> <h1 ><a href ="#">乌云知识库</a ></h1 > <h2 ><a href ="#">WooYun Drops </a ></h2 > </div > </div > <hr class ="layui -bg -blue "> <div class ="layui -col -xs6 layui -col -md12 layui -text -center layui -mt -5 layui -mb -5"> <h1 class ="layui -text -h1 ">乌云知识库</h1 > </div > <div class ="layui -col -xs6 layui -col -md12 layui -mt -5"> <form class ="layui -form " action ="" method ="get "> <div class ="layui -form -item " style ="width : 90%;margin : 0 auto "> <div class ="layui -input -inline "> <input type ="text " name ="q " required ="" lay -verify ="required " placeholder ="搜索条件" class ="layui -input "> </div > <button class ="layui -btn layui -btn -normal " type ="submit ">搜索</button > </div > </form > </div > <div class ="layui -col -xs6 layui -col -md12 "> <!--检索结果-start --> <? if (isset ($_GET ['q '])) { @$q0 =isset ($_GET ['q' ])?$_GET ['q' ]:'SQL注射' ; @$q = str_replace ("'" ,"" ,$q0 ); $qs = mysql_query ("select * from drops where title like '%" .@$q ."%' or link like '%" .@$q ."%' group by id order by id desc" ); $num = "15" ; @$page =isset ($_GET ['page' ])?intval ($_GET ['page' ]):1 ; @$total =mysql_num_rows ($qs ); @$pagenum =ceil ($total /$num ); @$offset =($page -1 )*$num ; @$$drops_result2222 = mysql_query ("select * from drops where title like '%" .@$q ."%' or link like '%" .@$q ."%' group by id order by id desc limit " .$offset .",15" ); if (mysql_num_rows ($$drops_result2222 )>0 ) { echo ' <fieldset class="layui-elem-field layui-field-title" style="margin-top: 50px;"> <legend> 搜索结果 </legend> </fieldset> <table class="layui-table"> <colgroup> <col> <col> <col> </colgroup> <thead> <tr> <th> 标题 </th> <th> 链接 </th> <th> 操作 </th> </tr> </thead>' ; echo "<tbody>" ; while (@$row223 = mysql_fetch_array ($$drops_result2222 )){ echo "<tr>" ; echo '<td>' .$row223 ['title' ].'</td>' . PHP_EOL; echo '<td>' .$row223 ['link' ].'</td>' . PHP_EOL; echo '<td> <a href="http://' .$_SERVER ["SERVER_ADDR" ].$row223 ['link' ].'" class="layui-btn layui-btn-normal">查看</a></td>' . PHP_EOL; echo "</tr>" ; } echo '</tbody>' ; echo '</table>' ; echo '<div style="float:right;padding:10px 30px 0 0">' ; @$page = $_GET ['page' ]?$_GET ['page' ]:1 ; if ($page ==1 ){ $prepage =1 ; }else { $prepage =$page -1 ; } if ($page ==$pagenum ){ $nextpage =$pagenum ; }else { $nextpage =$page +1 ; } echo '<center> 共 ' .$total .' 条记录' ; echo ',' .$pagenum .' 页 ' ; echo '<a href="drops.php?q=' .$q .'&page=1" class="layui-btn layui-btn-sm">首页</a>' . PHP_EOL; echo '<a href="drops.php?q=' .$q .'&page=' .$prepage .'" class="layui-btn layui-btn-primary layui-btn-sm">上一页</a>' . PHP_EOL; echo '<a href="drops.php?q=' .$q .'&page=' .$nextpage .'" class="layui-btn layui-btn-primary layui-btn-sm">下一页</a>' . PHP_EOL; echo '<a href="drops.php?q=' .$q .'&page=' .$pagenum .'" class="layui-btn layui-btn-danger layui-btn-sm">末页</a></center>' . PHP_EOL; echo '</div>' ; }else { echo '<blockquote class="layui-elem-quote layui-text layui-mt-5">未检索到相关内容!</blockquote>' ; } } ?> </div> <!---检索结果-end--> <div class ="layui -col -xs6 layui -col -md12 "style ="margin -bottom : 100px ;"> <fieldset class ="layui -elem -field layui -field -title " style ="margin -top : 50px ;"> <legend > 随机文章 </legend > </fieldset > <?php @$drops_random = mysql_query ("SELECT * FROM drops WHERE id >= ((SELECT MAX (id ) FROM drops )-(SELECT MIN (id ) FROM drops )) * RAND () + (SELECT MIN (id ) FROM drops ) LIMIT 5"); @$drops_random = mysql_query ("SELECT * FROM drops WHERE id >= ((SELECT MAX (id ) FROM drops )-(SELECT MIN (id ) FROM drops )) * RAND () + (SELECT MIN (id ) FROM drops ) LIMIT 5"); if (mysql_num_rows ($drops_random )>0) { echo ' <table class="layui-table"> <colgroup> <col> <col> <col> </colgroup> <thead> <tr> <th> 标题 </th> <th> 链接 </th> <th> 操作 </th> </tr> </thead>' ; echo "<tbody>" ; while (@$row223333 = mysql_fetch_array ($drops_random )){ echo "<tr>" ; echo '<td>' .$row223333 ['title' ].'</td>' . PHP_EOL; echo '<td>' .$row223333 ['link' ].'</td>' . PHP_EOL; echo '<td> <a href="http://' .$_SERVER ["SERVER_ADDR" ].$row223333 ['link' ].'" class="layui-btn layui-btn-normal">查看</a></td>' . PHP_EOL; echo "</tr>" ; } echo '</tbody>' ; echo '</table>' ; } ?> </div> </div> <div class ="layui -footer " style ="margin -top : 50px ;"> <ul > <li ><a href ="/">wooyun .org </a ></li > </ul > </div > </body > <script charset ="utf -8" src ="/layui /layui .js "> </script > </html >
文件夹目录如下
成果
所需文件 https://github.com/NS-Sp4ce/wooyun-drops-tools
