脚本判断Zabbix版本

web漏洞挖掘中遇到zabbix需要测试历史漏洞，不知道具体版本号。参考zabbix使用手册，发送特定请求获取版本号。附脚本

参考文档：版本https://www.zabbix.com/documentation/current/zh/manual/api/reference/apiinfo/version

import requestsdef get_zabbix_api_version(target, use_https=False):protocol = "https" if use_https else "http"url = f"{protocol}://{target}/api_jsonrpc.php"headers = {"Content-Type": "application/json-rpc"}payload = {"jsonrpc": "2.0","method": "apiinfo.version","params": [],"id": 1}try:# 创建一个不验证SSL证书的sessionresponse = requests.post(url, headers=headers, json=payload, timeout=10, verify=False)response.raise_for_status()  # 抛出异常以处理非200响应return response.json()except requests.exceptions.RequestException as e:return {"error": str(e)}def main():use_https = input("是否使用HTTPS（y/n）？").lower() == 'y'target = input("请输入Zabbix服务器的IP或域名: ")result = get_zabbix_api_version(target, use_https)if "error" in result:print("请求失败:", result["error"])elif "result" in result:print("Zabbix API版本:", result["result"])else:print("未知错误，无法解析响应")input("按任意键退出...")if __name__ == "__main__":main()

使用截图