PHPipam开源IP地址管理系统弱口令漏洞
I have developed a tool for local testing and POC development, which is for technical learning reference only. Please do not use it for illegal purposes. Any direct or indirect consequences and losses caused by individuals or organizations using the information provided in this article are the responsibility of the user themselves and have nothing to do with the author!!!
PhpIPAM is an open source web IP address management application. Its goal is to provide a simple IP address management application. Phpipam has a default weak password, which can be exploited by attackers to obtain relevant information.
pip install -r requirements.txt
python PHPipam弱口令.py -h
usage: PHPipam弱口令.py [-h] (--url URL | -f FILE) (-u USERNAME | -U USERNAME_LIST) (-p PASSWORD | -P PASSWORD_LIST)
[--random-agent RANDOM_AGENT] [--time-out TIME_OUT] [-d DELAY] [-t THREAD] [--proxy PROXY]
PHPipam Open Source IP Address Management System Weak Password Vulnerability.
optional arguments:
-h, --help show this help message and exit
--url URL Enter target object
-f FILE, --file FILE Input target object file
-u USERNAME, --username USERNAME
Enter username
-U USERNAME_LIST, --username-list USERNAME_LIST
Enter the file path containing the username
-p PASSWORD, --password PASSWORD
Enter password
-P PASSWORD_LIST, --password-list PASSWORD_LIST
Enter the file path containing the password
--random-agent RANDOM_AGENT
Using random user agents
--time-out TIME_OUT Set the HTTP access timeout range (setting range from 0 to 5)
-d DELAY, --delay DELAY
Set multi threaded access latency (setting range from 0 to 5)
-t THREAD, --thread THREAD
Set the number of program threads (setting range from 1 to 50)
--proxy PROXY Set up HTTP proxy