Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

在protocol自动修正存在bug #427

Open
expzhizhuo opened this issue Aug 2, 2024 · 1 comment
Open

在protocol自动修正存在bug #427

expzhizhuo opened this issue Aug 2, 2024 · 1 comment

Comments

@expzhizhuo
Copy link

expzhizhuo commented Aug 2, 2024
edited
Loading

在请求一个站点例如http://127.0.0.1:8088/jeecg-boot/
image
会自动修正为https类型
image
这里的主要使用的为self.url去获取攻击目标地址
@expzhizhuo expzhizhuo changed the title 在protocol自动插件存在bug 在protocol自动修正存在bug Aug 2, 2024
@13ph03nix
Copy link
Contributor

确实存在问题。目前的逻辑是 http 访问返回 40x 状态码后会尝试以 https 访问,能握手成功自动切换到 https。

pocsuite3/pocsuite3/lib/core/poc.py

Lines 344 to 376 in 10f952d

for url in urls:
try:
time.sleep(0.1)
res = requests.get(url, allow_redirects=allow_redirects)
"""
https://github.com/knownsec/pocsuite3/issues/330
https://github.com/knownsec/pocsuite3/issues/356
status_code:
- 20x
- 30x
- 40x
- 50x
"""
# if HTTPS handshake is successful, return directly
if url.startswith('https://'):
break
# if we send an HTTP request to an HTTPS service, but the server may return 20x
for k in redirect_https_keyword:
if k.lower() in res.text.lower():
redirect_https_keyword_found = True
break
if redirect_https_keyword_found:
continue
# if we send an HTTP request to an HTTPS service, the server may return 30x, 40x, or 50x...
if not str(res.status_code).startswith('20'):
continue
break
except requests.RequestException:
pass

可以用 --no-check 禁用协议自动纠正。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@13ph03nix @expzhizhuo