Bugcloud-POC
[] [centos_shell]1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
"""
Created on Sat Apr 28 15:52:59 2018
@author: root
"""
import requests
import time
import datetime
import os
import re
import random
headers = {
'accept': 'application/json, text/plain, */*',
'Host': '192.168.****',
'Referer': 'http://192.168.****/',
'cookie': '****',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:46.0) Gecko/20100101 Firefox/46.0',
}
def get_page(url):
try:
response = requests.get(url, headers=headers)
if response.status_code == 200:
return response.json()
except requests.ConnectionError as e:
print('Error', e.args)
def mkdir(path):
import os
path = path.strip()
path = path.rstrip("\\")
isExists = os.path.exists(path)
if not isExists:
os.makedirs(path)
print("OK")
return True
else:
print("False")
return False
def validateTitle(title):
rstr = r"[\/\\\:\*\?\"\<\>\|]"
new_title = re.sub(rstr, "_", title)
return new_title
def savefile(atype,aname,bugname,bugcode):
file = os.path.join(atype,aname)
mkdir(file)
file = file + '\\'
print(file)
with open(file + bugname, 'a+') as f:
f.write(bugcode)
if __name__ == '__main__':
page = 0
while (1):
page = page + 1
url = "http://192.168.****/cloud/pluginvuln/?page=" + str(page)
print(url)
time.sleep(random.randint(1,10))
json_dict = get_page(url)
items = json_dict['results']
for item in items:
title = item['plugin']['title']
code = item['plugin']['source_code']
type = item['vtype']
appname = item['fp_app_name']
newtitle = validateTitle(title)
try:
savefile(str(type),str(appname),str(newtitle),code)
except Exception as e:
cotent = str(type) + str(appname) + str(newtitle)
with open("error.txt", 'a+') as f:
f.write(cotent)
continue
print(title,type,appname)
|
