初始化: Web安全攻防知识库

- 靶场环境: DVWA/WebGoat/Pikachu/BWAPP/SQLi-Labs/XSS-Labs - SQL注入工具: sqli-scanner.py, blind-sqli.py, sqli-exploit.go - XSS工具: xss-fuzzer.py, xss-scanner.go - 认证攻击: web-brute.py, jwt-cracker.py - 服务端安全: port-scanner.py, tls-scanner.py - 防御配置: nginx-hardening.conf - 案例研究: 福建政采网安全评估报告 (13份) - 同步脚本: sync-gitea.sh
2026-03-16 17:10:23 -07:00
--- a/06-case-studies/fujian-gov-procurement/scripts/http_fuzz.sh
+++ b/06-case-studies/fujian-gov-procurement/scripts/http_fuzz.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+export PATH="/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin"
+
+TARGET_IPS="112.54.45.252 120.35.30.176 114.115.172.176"
+PATHS="/ /login /admin /api /api/v1 /gateway /actuator /actuator/health /swagger-ui.html /v2/api-docs /.env /.git/config /robots.txt /server-status /portal"
+
+echo "Starting HTTP Web Directory Fuzzing on port 8080..."
+
+for ip in $TARGET_IPS; do 
+    for path in $PATHS; do 
+        # Perform silent request to get the status code only
+        code=$(curl -k -s -o /dev/null -w "%{http_code}" -m 3 "http://$ip:8080$path" 2>/dev/null)
+        
+        # Only print if valid code and not 404 (or connection refused 000)
+        if [ "$code" != "404" ] && [ "$code" != "000" ] && [ ! -z "$code" ]; then 
+            echo "[HTTP $code] http://$ip:8080$path"
+        fi
+    done
+done
+
+echo "Fuzzing complete."