def exploit(self, target, port):
try:
http = proto.http.apihttp(target, port)
http.setparam('Host', 'http://google.com')
http.setparam('User-Agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.14) Firefox/3.0.14')
http.setparam("Accept", "text/html")
http.cnx = http.connect()
data = http.request('GET', '/').read()
http.cnx.close()
except xmlrpclib.Fault, fault:
print fault.faultString
return
def path_disclosure(self, target, port):
self.log.info('Test path disclosure')
http = proto.http.apihttp(target, port)
http.setparam('Accept', 'text/html')
http.setparam('Cookie', 'PHPSESSID=123@@123')
try:
http.cnx = http.connect()
resp = http.request('GET', '/')
body = resp.read()
http.cnx.close()
except xmlrpclib.Fault, fault:
print fault.faultString
return
def http_headers(self, target, port):
try:
http = proto.http.apihttp(target, port)
self.log.info('List headers')
if port == 443:
http.use_https(1)
http.cnx = http.connect()
resp = http.request('GET', '/')
nfo = http.get_info_header(resp)
http.cnx.close()
except xmlrpclib.Fault, fault:
print fault.faultString
return