Commit 5895ed71 by Marcin Bury

Ignore verifying SSL certificates.

parent 7a077535
...@@ -43,7 +43,7 @@ class Exploit(exploits.Exploit): ...@@ -43,7 +43,7 @@ class Exploit(exploits.Exploit):
url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path)) url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
try: try:
r = requests.get(url) r = requests.get(url, verify=False)
except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema): except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
print_error("Invalid URL format: %s" % url) print_error("Invalid URL format: %s" % url)
return return
...@@ -88,7 +88,7 @@ class Exploit(exploits.Exploit): ...@@ -88,7 +88,7 @@ class Exploit(exploits.Exploit):
user, password = data.next() user, password = data.next()
user = user.encode('utf-8').strip() user = user.encode('utf-8').strip()
password = password.encode('utf-8').strip() password = password.encode('utf-8').strip()
r = requests.get(url, auth=(user, password)) r = requests.get(url, auth=(user, password), verify=False)
if r.status_code != 401: if r.status_code != 401:
running.clear() running.clear()
......
...@@ -40,7 +40,7 @@ class Exploit(exploits.Exploit): ...@@ -40,7 +40,7 @@ class Exploit(exploits.Exploit):
url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path)) url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
try: try:
r = requests.get(url) r = requests.get(url, verify=False)
except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema): except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
print_error("Invalid URL format: %s" % url) print_error("Invalid URL format: %s" % url)
return return
...@@ -79,7 +79,7 @@ class Exploit(exploits.Exploit): ...@@ -79,7 +79,7 @@ class Exploit(exploits.Exploit):
line = data.next().split(":") line = data.next().split(":")
user = line[0].encode('utf-8').strip() user = line[0].encode('utf-8').strip()
password = line[1].encode('utf-8').strip() password = line[1].encode('utf-8').strip()
r = requests.get(url, auth=(user, password)) r = requests.get(url, auth=(user, password), verify=False)
if r.status_code != 401: if r.status_code != 401:
running.clear() running.clear()
......
...@@ -46,7 +46,7 @@ class Exploit(exploits.Exploit): ...@@ -46,7 +46,7 @@ class Exploit(exploits.Exploit):
url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path)) url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
try: try:
requests.get(url) requests.get(url, verify=False)
except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema): except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
print_error("Invalid URL format: %s" % url) print_error("Invalid URL format: %s" % url)
return return
...@@ -99,7 +99,7 @@ class Exploit(exploits.Exploit): ...@@ -99,7 +99,7 @@ class Exploit(exploits.Exploit):
password = "A" * i password = "A" * i
postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password) postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
r = requests.post(url, headers=headers, data=postdata) r = requests.post(url, headers=headers, data=postdata, verify=False)
l = len(r.text) l = len(r.text)
if i == 0: if i == 0:
...@@ -112,7 +112,7 @@ class Exploit(exploits.Exploit): ...@@ -112,7 +112,7 @@ class Exploit(exploits.Exploit):
def detect_form(self): def detect_form(self):
url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path)) url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
r = requests.get(url) r = requests.get(url, verify=False)
soup = BeautifulSoup(r.text, "lxml") soup = BeautifulSoup(r.text, "lxml")
form = soup.find("form") form = soup.find("form")
...@@ -150,7 +150,7 @@ class Exploit(exploits.Exploit): ...@@ -150,7 +150,7 @@ class Exploit(exploits.Exploit):
password = password.strip() password = password.strip()
postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password) postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
r = requests.post(url, headers=headers, data=postdata) r = requests.post(url, headers=headers, data=postdata, verify=False)
l = len(r.text) l = len(r.text)
if l < self.invalid["min"] or l > self.invalid["max"]: if l < self.invalid["min"] or l > self.invalid["max"]:
......
...@@ -44,7 +44,7 @@ class Exploit(exploits.Exploit): ...@@ -44,7 +44,7 @@ class Exploit(exploits.Exploit):
url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path)) url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
try: try:
requests.get(url) requests.get(url, verify=False)
except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema): except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
print_error("Invalid URL format: %s" % url) print_error("Invalid URL format: %s" % url)
return return
...@@ -92,7 +92,7 @@ class Exploit(exploits.Exploit): ...@@ -92,7 +92,7 @@ class Exploit(exploits.Exploit):
password = "A" * i password = "A" * i
postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password) postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
r = requests.post(url, headers=headers, data=postdata) r = requests.post(url, headers=headers, data=postdata, verify=False)
l = len(r.text) l = len(r.text)
if i == 0: if i == 0:
...@@ -105,7 +105,7 @@ class Exploit(exploits.Exploit): ...@@ -105,7 +105,7 @@ class Exploit(exploits.Exploit):
def detect_form(self): def detect_form(self):
url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path)) url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
r = requests.get(url) r = requests.get(url, verify=False)
soup = BeautifulSoup(r.text, "lxml") soup = BeautifulSoup(r.text, "lxml")
form = soup.find("form") form = soup.find("form")
...@@ -143,7 +143,7 @@ class Exploit(exploits.Exploit): ...@@ -143,7 +143,7 @@ class Exploit(exploits.Exploit):
password = line[1].strip() password = line[1].strip()
postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password) postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
r = requests.post(url, headers=headers, data=postdata) r = requests.post(url, headers=headers, data=postdata, verify=False)
l = len(r.text) l = len(r.text)
if l < self.invalid["min"] or l > self.invalid["max"]: if l < self.invalid["min"] or l > self.invalid["max"]:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment