def exploit(request, response, method, key, is_array=False):
if config.dbconn().fetch_rows('result', condition="exploit='%s' and result != 'continue' and `host`='%s'" % (os.path.basename(__file__)[:-3], request['host']), order="id asc", limit="1", fetchone=True): return
allow = requests.options(request['uri']).headers.get('Allow', '')
if allow.find('PUT') != -1 or allow.find('PATCH') != -1:
return {'result': 'vul', 'info': "Server support put/patch method", 'hash': None, 'level': "middle"}
else:
return {'result': 'safe', 'info': "Server does not support put/patch method", 'hash': None, 'level': "middle"}
评论列表
文章目录
