http://mail.ah165.net/

好像不有JSP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/5bc6ea5f/attachment.htm

随手看了一个链接：
http://61.241.130.83/main/main.py?jsp=mailreg/mobilereg36.jsp

还真是诡异的url...
猜想大概只是用python做了一个入口，相当于url dispatch或者filter之类的？

然后直接试了试这个url：
http://61.241.130.83/main/mailreg/mobilereg36.jsp

不能忍了...连服务器端的源代码都直接拿下来了...里头还真是嵌的python。
安全性做到这个份上，谁还敢用啊。

On 6/23/06, jejwe <jejwester at gmail.com> wrote:
>
> http://mail.ah165.net/
>
> 好像不有JSP
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/d3da45f0/attachment.html

那不是可以照着样子学习一下python写网页。。。？？
在06-6-23，swordsp <sparas2006 at gmail.com> 写道：
>
> 随手看了一个链接：
> http://61.241.130.83/main/main.py?jsp=mailreg/mobilereg36.jsp
>
> 还真是诡异的url...
> 猜想大概只是用python做了一个入口，相当于url dispatch或者filter之类的？
>
> 然后直接试了试这个url：
> http://61.241.130.83/main/mailreg/mobilereg36.jsp
>
> 不能忍了...连服务器端的源代码都直接拿下来了...里头还真是嵌的python。
> 安全性做到这个份上，谁还敢用啊。
>
>
> On 6/23/06, jejwe <jejwester at gmail.com> wrote:
> >
> >  http://mail.ah165.net/
> >
> > 好像不有JSP
> >
> >
>
> _______________________________________________
> python-chinese
> Post: send python-chinese at lists.python.cn
> Subscribe: send subscribe to python-chinese-request at lists.python.cn
> Unsubscribe: send unsubscribe to  python-chinese-request at lists.python.cn
> Detail Info: http://python.cn/mailman/listinfo/python-chinese
>
>


-- 
花开邑大，漫步心月湖。
http://www.ewyu.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/29236d84/attachment.htm

写成这样的网站有啥好学的，能学也千万别学。

On 6/23/06, 谢小漫 <cat at ewyu.com> wrote:
>
>
> 那不是可以照着样子学习一下python写网页。。。？？
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/5dd7c046/attachment.htm

代码是PYTHON？

JSP？？
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/bf2da83f/attachment.html

下载下来的是python的。
python实在太好玩了，搞到都不知道拿来干什么。。。
小点的python网站实例有吗？


在06-6-23，jejwe <jejwester at gmail.com> 写道：
>
>  代码是PYTHON？
>
> JSP？？
>
> _______________________________________________
> python-chinese
> Post: send python-chinese at lists.python.cn
> Subscribe: send subscribe to python-chinese-request at lists.python.cn
> Unsubscribe: send unsubscribe to  python-chinese-request at lists.python.cn
> Detail Info: http://python.cn/mailman/listinfo/python-chinese
>
>


-- 
翻版谢小漫
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/2d55c805/attachment.htm

http://61.241.130.83/main/main.py?pyhp="c:\winnt\regedit.exe"
刚那个网站...无意中测试了下这个pyhp参数是干什么的:
 $
Traceback (most recent call last):
  File "C:\mailpro\web\ver8\main\jpyhp.py", line 581, in dopage
    pypath=compilepage(page)
  File "C:\mailpro\web\ver8\main\jpyhp.py", line 614, in compilepage
    ftime=os.stat(page)[stat.ST_MTIME]
OSError: [Errno 2] No such file or directory: '"c:\\windows\\regedit.exe"'
Content-Type: text/html
Pragma: no-cache
Expires: Monday,1-Jan-80 00:00:00 GMT
Cache-control: private
Cache-control: no-cache
Set-Cookie: sessionid="I933445133\012.";

物理地址都暴了~


2006/6/23, 翻版谢小漫 <littlecn at gmail.com>:
>
>  下载下来的是python的。
> python实在太好玩了，搞到都不知道拿来干什么。。。
> 小点的python网站实例有吗？
>
>
> 在06-6-23，jejwe <jejwester at gmail.com> 写道：
> >
> >  代码是PYTHON？
> >
> > JSP？？
> >
>
> _______________________________________________
> python-chinese
> Post: send python-chinese at lists.python.cn
> Subscribe: send subscribe to python-chinese-request at lists.python.cn
> Unsubscribe: send unsubscribe to   python-chinese-request at lists.python.cn
> Detail Info: http://python.cn/mailman/listinfo/python-chinese
>
>
>
>
> --
>
> 翻版谢小漫
>
> _______________________________________________
> python-chinese
> Post: send python-chinese at lists.python.cn
> Subscribe: send subscribe to python-chinese-request at lists.python.cn
> Unsubscribe: send unsubscribe to  python-chinese-request at lists.python.cn
> Detail Info: http://python.cn/mailman/listinfo/python-chinese
>
>


-- 
Andelf
BLOG:http://blog.sohu.com/members/andelf/
http://andelf.spaces.msn.com/
http://blog.sina.com.cn/u/1145264221
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/b308a5c0/attachment.html

报告下分析结果,swordsp说的很有道理,这样的网站确实最好别学,漏洞很容易就被利用了~
不过,还是有值得大家看看的好代码:
http://61.241.130.83/main/main.py?pyhp=imgproduce.py 验证图片生成
http://61.241.130.83/main/main.py?pyhp=main.py 就是那个main.py,我都没想到这样就可以暴它代码
因为main.py的问题,缩进没了~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060623/84ecef4f/attachment.htm

我收代码的而已。。哈哈。
还想看看那个验证码怎么做的，原来是这个，谢谢了。


在06-6-23，Andelf <andelf at gmail.com> 写道：
>
>  报告下分析结果,swordsp说的很有道理,这样的网站确实最好别学,漏洞很容易就被利用了~
> 不过,还是有值得大家看看的好代码:
> http://61.241.130.83/main/main.py?pyhp=imgproduce.py 验证图片生成
> http://61.241.130.83/main/main.py?pyhp=main.py 就是那个main.py,我都没想到这样就可以暴它代码
> 因为main.py的问题,缩进没了~
>
> _______________________________________________
> python-chinese
> Post: send python-chinese at lists.python.cn
> Subscribe: send subscribe to python-chinese-request at lists.python.cn
> Unsubscribe: send unsubscribe to  python-chinese-request at lists.python.cn
> Detail Info: http://python.cn/mailman/listinfo/python-chinese
>
>


-- 
翻版谢小漫
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060624/2fe3c3f6/attachment.html

Skipped content of type multipart/alternative-------------- next part --------------
######################################################################### 
"""
 __main.py 
 -- Example main cgi entry point for all pages on a site 
 Copyright (c) 1999-2000, Archaeopteryx Software, Inc. 
 All rights reserved. 
 Written by Stephan R.A. Deibel (sdeibel at archaeopteryx.com) and 
 John Ehresman (jpe at archaeopteryx.com) 
 Permission is hereby granted, free of charge, 
 to any person obtaining a copy of this software 
 and associated documentation files (the "Software"), 
 to deal in the Software without restriction, 
 including without limitation the rights to use, 
 copy, modify, merge, publish, distribute, sublicense, 
 and/or sell copies of the Software, 
 and to permit persons to whom the Software is furnished to do so, 
 subject to the following conditions: The above copyright notice 
 and this permission notice shall be included in all copies or 
 substantial portions of the Software. 
 THE SOFTWARE IS PROVIDED "AS IS", 
 WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 
 INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 
 IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, 
 DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 
 TORT OR OTHERWISE, ARISING FROM, 
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 
 ------------- 
 Modifications: 
 $Log: main.py,v 
 $ Revision 1.18 2005/05/12 09:27:59 yushu no message 
 Revision 1.9 2005/04/26 09:28:54 yushu no message 
 Revision 1.8 2005/04/26 09:25:20 yushu no message 
 Revision 1.7 2005/04/25 07:15:52 yushu no message 
 Revision 1.6 2005/04/22 17:30:33 huanghui no message 
 Revision 1.5 2005/04/22 06:10:13 huanghui no message 
 Revision 1.4 2005/04/14 06:38:23 yushu no message 
 Revision 1.3 2005/04/14 05:34:44 yushu no message 
 Revision 1.2 2005/04/05 06:00:57 yangbing no message 
 Revision 1.1 2005/04/05 05:28:43 huanghui no message 
 Revision 1.1 2005/04/04 10:46:51 yangbing no message 
 Revision 1.1 2004/11/25 02:37:49 huanghui no message 
 Revision 1.7 2004/10/31 13:17:00 huanghui no message 
 Revision 1.6 2004/10/10 06:00:10 huanghui no message 
 Revision 1.5 2004/09/20 06:20:55 yangbing no message 
 Revision 1.1 2004/09/17 06:06:53 yangbing no message 
 Revision 1.11 2004/08/26 06:37:03 huanghui no message 
 Revision 1.10 2004/07/27 02:43:02 huanghui no message 
 Revision 1.9 2004/07/21 13:24:52 huanghui no message 
 Revision 1.1.1.3 2002/05/05 02:35:42 jiangmeng no message 
 Revision 1.1.1.2 2002/05/03 02:24:55 yushu no message 
 Revision 1.1.1.1 2002/04/30 10:56:16 jiangmeng no message 
 Revision 1.1 2000/08/30 21:32:16 sdeibel Readied for release 
""" 
######################################################################### 
#print "Content-type: text/html\n" 
# Useful for debugging sometimes 
# Causes this file to be run within the Wing IDE debugger if present 
#try: 
# import wingdbstub 
#except: 
# pass 
####################################################################### 
# Execution starts here 
# Each request loads the session (or creates a new one as needed), 
# processes the request in the context of the session, outputting 
# the resulting page HTML, and saves the session for next request 
# All work is via page servlets invoked dynamically from DoPage() 
import os 
import sys 
import time 
import StringIO 
#limit uploading file size to 20MB here, hard coding 
import cgi 
cgi.maxlen=20*1024*1024 
# Import the session module 
import _session 
import jpyhp 
import srpc 
import wmlib 

class MySession(_session.CSession): 
    #----------------------------------------------------------------------- 
    def OutputHTTPHeaders(self, content_type=None): 
        """ 
        Output http headers to precede all text sent back to the browser; content_type is assumed text/html unless specified. 
        """ 
        assert self.fSessionID != -1, "Invalid session: LoadSession() first" 
        # Output content type header 
        if content_type == None: 
            content_type = "text/html" 
        #if in wap server, uncomment the next line and comment the previous line 
        #content_type = "text/vnd.wap.wml" 
        #self._P("Status: 200 ") 
        self._P("Content-Type: " + content_type) 
        #self._P("WWW-Authenticate") 
        self._P("Pragma: no-cache") 
        self._P("Expires: Monday,1-Jan-80 00:00:00 GMT") 
        self._P("Cache-control: private") 
        self._P("Cache-control: no-cache") 
        # Output Set-Cookie header for next page sent to web browser 
        self._P(self.getCookie()) 
        # Output blank seperator line (required) 
        self._P("") 
        
    #def _NextSessionID(self): 
    #""" Should return next available session id for a new session """ 
        # Find ID based on process ID 
        #import os 
        #import time 
        #session_id = float(str(time.time()) + str(os.getpid())) 
        #while self._SessionFileExists(session_id): 
            #session_id = session_id + 1 
            # Touch file to reserve id 
            #f = self._OpenSessionFile(session_id, "w+b") #f.close() 
            # Success 
        #return session_id 
    #----------------------------------------------------------------------- 
    def OutputLocation( self,url): 
        """ Output location redirector header. """ 
        self._ClearBuffer(nohttpheader=1) 
        self._P("Location: %s\r\n" % url) 
        self._P("") 
        return 
    #-------------------------------------------------------------------- 
    def OutputHeader(self): 
        """Output standard HTML header""" 
        pass 
    #-------------------------------------------------------------------- 
    def OutputFooter(self): 
        """Output HTML footer """ 
        pass 
    #----------------------------------------------------------------------- 
    
class BufferedIO(StringIO.StringIO): 
    def __init__(self,stdout=sys.stdout): 
        self.stdout=stdout 
        StringIO.StringIO.__init__(self) 
        
    def flush(self): 
        if self.closed:
            raise ValueError, "I/O operation on closed file" 
        self.stdout.write(self.getvalue()) 
        self.buf='' 
        
    def __del__(self): 
        if not self.closed: 
            self.flush()
            
def cgimain(): 
    begintime=time.time() 
    import os 
    if os.name=='nt': 
        logdir=wmlib.pfGetStrVal('jpyhp.logdir','c:/temp/') 
        logpath="c:/temp/cgilog/" 
    else: 
        logdir=wmlib.pfGetStrVal('jpyhp.logdir','/temp/')
        logpath="/temp/cgilog/" 
    jpyhp.logfile=os.path.join(logdir,'jpyhp.log') 
    debug=wmlib.pfGetStrVal('webmail.debug','1') 
    SESSION_SERVER_IP=wmlib.pfGetStrVal('session.server.ip','127.0.0.1') 
    SESSION_SERVER_PORT=wmlib.pfGetStrVal('session.server.port','7020') 
    cli=wmlib.connectServer() 
    session = MySession('home',SESSION_SERVER_IP,SESSION_SERVER_PORT) 
    session.stdout=BufferedIO() 
    session.cli=cli 
    session.StartTimes = time.time() 
    session.LoadSession() 
    session.NetWork1Times = time.time() 
    if debug=='1': 
        filename=str(os.getpid())+'.txt' 
        f = open(os.path.join(logpath,filename),'w',0) 
    if session.env.has_key('QUERY_STRING'): 
        f.write('QUERY_STRING: '+session.env['QUERY_STRING']+'\r\n\r\n'); 
        for key in session.fCGIData.keys(): 
            f.write(key+':\r\n') 
            val=session.fCGIData[key] 
            if hasattr(val, 'value'): 
                if val.filename is None: 
                    f.write('\t%s\r\n\r\n' % val.value) 
                else: 
                    f.write('\t%s(%s bytes)\r\n\r\n' % (val.filename,len(val.value))) 
    session.DoPage() 
    session.SaveSession() 
    session.stdout.flush() 
    if cli: 
        cli.Close() 
    if debug=='1': 
        counttime=time.time()-begintime 
        f.write('count time: ' + str(counttime) + ' seconds\r\n') 
        f.write('fCGIData.length: ' + str(session.fCGIData.length) + ' bytes\r\n') 
        f.close() 
        if counttime > 30: 
            newfilename=os.path.join(logpath+"long",filename) 
            try:
                os.remove(newfilename) 
            except:
                pass 
            os.rename(os.path.join(logpath,filename),newfilename) 
        else: 
            try:
                os.remove(logpath +filename) 
            except:
                pass 
                
def hammer_DoPage(isapi_stdio): 
    begintime=time.time() 
    import os 
    if os.name=='nt': 
        logdir=wmlib.pfGetStrVal('jpyhp.logdir','c:/temp/') 
        logpath="c:/temp/cgilog/" 
    else: 
        logdir=wmlib.pfGetStrVal('jpyhp.logdir','/temp/') 
        logpath="/temp/cgilog/" 
    jpyhp.logfile=os.path.join(logdir,'jpyhp.log') 
    debug=wmlib.pfGetStrVal('webmail.debug','1') 
    SESSION_SERVER_IP=wmlib.pfGetStrVal('session.server.ip','127.0.0.1') 
    SESSION_SERVER_PORT=wmlib.pfGetStrVal('session.server.port','7020') 
    isapi_stdio.write( "HTTP/1.1 200 Ok\r\n") 
    cli=wmlib.connectServer() 
    session = MySession('home',SESSION_SERVER_IP,SESSION_SERVER_PORT) 
    session.stdin=isapi_stdio 
    session.stdout=isapi_stdio 
    session.env =isapi_stdio.env 
    session.cli =cli 
    session.StartTimes = time.time() 
    session.LoadSession() 
    session.NetWork1Times = time.time() 
    if debug=='1': 
        filename=str(os.getpid())+'.txt' 
        f = open(os.path.join(logpath,filename),'w',0) 
    if session.env.has_key('QUERY_STRING'): 
        f.write('QUERY_STRING: '+session.env['QUERY_STRING']+'\r\n\r\n'); 
    for key in session.fCGIData.keys(): 
        f.write(key+':\r\n') 
        val=session.fCGIData[key] 
        if hasattr(val, 'value'): 
            if val.filename is None: 
                f.write('\t%s\r\n\r\n' % val.value) 
            else: f.write('\t%s(%s bytes)\r\n\r\n' % (val.filename,len(val.value)))
    session.DoPage() 
    session.SaveSession() 
    if cli: 
        cli.Close() 
    if debug=='1': 
        counttime=time.time()-begintime 
        f.write('count time: ' + str(counttime) + ' seconds\r\n') 
        f.write('fCGIData.length: ' + str(session.fCGIData.length) + ' bytes\r\n') 
        f.close() 
    if counttime > 30: 
        newfilename=os.path.join(logpath+"long",filename) 
        try:
            os.remove(newfilename) 
        except:
            pass 
        os.rename(os.path.join(logpath,filename),newfilename) 
    else: 
        try:
            os.remove(logpath +filename) 
        except:
            pass 

if __name__ == '__main__': 
    cgimain() 
-------------- next part --------------
#---------------------------------
# 
#name: imgproduce.py 
# 
#parameter: session['text'] 
# 
#author: yehuaqing 
# 
#date: 2004-9-7 
# 
#---------------------------------
# 
from string import ascii_letters, digits 
import Image 
import ImageDraw 
import ImageFont 
import random 
import ImageFilter 
import md5 
import os 
import sys 

if os.name=='nt': 
    import msvcrt 
    msvcrt.setmode(0,os.O_BINARY) 
    msvcrt.setmode(1,os.O_BINARY) 
    # load default fonts path 
    dir = os.getcwd() 
    sys.path.append(dir+'\\fonts') 
    import _session 
    import wmlib 
    
class MySession(_session.CSession): 
    pass 

def convert(text,bgimg='', fontfile='charI14.pil',stdout=sys.stdout): 
    try: 
        font = ImageFont.load_path(fontfile) 
    except IOError: 
        sys.exit() 
    size = font.getsize(text) 
    size=(size[0]+24,size[1]+5) 
    if bgimg=='': 
        img = Image.new('RGBA',size,(214,214,214)) 
    else: 
        img = Image.open(bgimg) 
    draw = ImageDraw.Draw(img) 
    i=0 
    x=5 
    while iimg.size[0]: 
        x-=2*11 
    if x<=0: 
        x+=2*11 
    i+=1 
    for i in range(0,70): 
        x=random.randint(0, img.size[0]) 
        y=random.randint(0, img.size[1]) 
        draw.point((x, y),'black') 
        del(draw) 
    stdout.write('Content-type: image/png\r\n') 
    stdout.write('\r\n') 
    img=img.filter(ImageFilter.SMOOTH) 
    img.save(stdout, "PNG") 
    stdout.close() 
    return 

def cgimain(): 
    text='' 
    #make a random number     
    for i in range(4): 
        text+=str(random.randint(0, 9)) 
    SESSION_SERVER_IP=wmlib.pfGetStrVal('session.server.ip','127.0.0.1') 
    SESSION_SERVER_PORT=wmlib.pfGetStrVal('session.server.port','7020') 
    session = MySession('home',SESSION_SERVER_IP,SESSION_SERVER_PORT) 
    session.LoadSession() 
    session['TEXT']=md5.new(text).digest() 
    #save it to session 
    session.SaveSession() 
    convert(text,'','helvB10.pil') 
    
def hammer_DoPage(isapi_stdio): 
    text='' 
    #make a random number 
    for i in range(4): 
        text+=str(random.randint(0, 9)) 
    SESSION_SERVER_IP=wmlib.pfGetStrVal('session.server.ip','127.0.0.1') 
    SESSION_SERVER_PORT=wmlib.pfGetStrVal('session.server.port','7020') 
    isapi_stdio.write( "HTTP/1.1 200 Ok\r\n") 
    session = MySession('home',SESSION_SERVER_IP,SESSION_SERVER_PORT) 
    session.LoadSession() 
    session['TEXT']=md5.new(text).digest() 
    #save it to session 
    session.SaveSession() 
    convert(text,'','helvB10.pil',isapi_stdio) 
    
if __name__ == '__main__': 
    cgimain()

缩进不太对,好象代码还少了一部分
  while iimg.size[0]: 这里串行了
所以调试出错了
呃~谁有兴趣研究验证码自己改去,也不太难


在06-6-24，swordsp <sparas2006 at gmail.com> 写道：
>
> 哈，我正想发呢，没想到被你抢先了。
> 这种时候就感觉到python缩进语法的不便了...
>
> 顺手整理了一下格式，不保证正确，有兴趣的轻便...
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.exoweb.net/pipermail/python-chinese/attachments/20060624/9172fb8c/attachment.html