Ignore verifying SSL certificates.

5895ed71 · Marcin Bury · 7a077535 · 5895ed71 · 5895ed71 · 5895ed71
Commit 5895ed71 authored Apr 20, 2016 by Marcin Bury
4 changed files
--- a/routersploit/modules/creds/http_basic_bruteforce.py
+++ b/routersploit/modules/creds/http_basic_bruteforce.py
@@ -43,7 +43,7 @@ class Exploit(exploits.Exploit):
        url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))

        try:
-            r = requests.get(url)
+            r = requests.get(url, verify=False)
        except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
            print_error("Invalid URL format: %s" % url)
            return
@@ -88,7 +88,7 @@ class Exploit(exploits.Exploit):
                user, password = data.next()
                user = user.encode('utf-8').strip()
                password = password.encode('utf-8').strip()
-                r = requests.get(url, auth=(user, password))
+                r = requests.get(url, auth=(user, password), verify=False)

                if r.status_code != 401:
                    running.clear()

--- a/routersploit/modules/creds/http_basic_default.py
+++ b/routersploit/modules/creds/http_basic_default.py
@@ -40,7 +40,7 @@ class Exploit(exploits.Exploit):
        url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))

        try:
-            r = requests.get(url)
+            r = requests.get(url, verify=False)
        except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
            print_error("Invalid URL format: %s" % url)
            return
@@ -79,7 +79,7 @@ class Exploit(exploits.Exploit):
                line = data.next().split(":")
                user = line[0].encode('utf-8').strip()
                password = line[1].encode('utf-8').strip()
-                r = requests.get(url, auth=(user, password))
+                r = requests.get(url, auth=(user, password), verify=False)

                if r.status_code != 401:
                    running.clear()

--- a/routersploit/modules/creds/http_form_bruteforce.py
+++ b/routersploit/modules/creds/http_form_bruteforce.py
@@ -46,7 +46,7 @@ class Exploit(exploits.Exploit):
        url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))

        try:
-            requests.get(url)
+            requests.get(url, verify=False)
        except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
            print_error("Invalid URL format: %s" % url)
            return
@@ -99,7 +99,7 @@ class Exploit(exploits.Exploit):
            password = "A" * i

            postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
-            r = requests.post(url, headers=headers, data=postdata)
+            r = requests.post(url, headers=headers, data=postdata, verify=False)
            l = len(r.text)

            if i == 0:
@@ -112,7 +112,7 @@ class Exploit(exploits.Exploit):

    def detect_form(self):
        url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
-        r = requests.get(url)
+        r = requests.get(url, verify=False)
        soup = BeautifulSoup(r.text, "lxml")

        form = soup.find("form")
@@ -150,7 +150,7 @@ class Exploit(exploits.Exploit):
                password = password.strip()

                postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
-                r = requests.post(url, headers=headers, data=postdata)
+                r = requests.post(url, headers=headers, data=postdata, verify=False)
                l = len(r.text)

                if l < self.invalid["min"] or l > self.invalid["max"]:

--- a/routersploit/modules/creds/http_form_default.py
+++ b/routersploit/modules/creds/http_form_default.py
@@ -44,7 +44,7 @@ class Exploit(exploits.Exploit):
        url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))

        try:
-            requests.get(url)
+            requests.get(url, verify=False)
        except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
            print_error("Invalid URL format: %s" % url)
            return
@@ -92,7 +92,7 @@ class Exploit(exploits.Exploit):
            password = "A" * i

            postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
-            r = requests.post(url, headers=headers, data=postdata)
+            r = requests.post(url, headers=headers, data=postdata, verify=False)
            l = len(r.text)

            if i == 0:
@@ -105,7 +105,7 @@ class Exploit(exploits.Exploit):

    def detect_form(self):
        url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
-        r = requests.get(url)
+        r = requests.get(url, verify=False)
        soup = BeautifulSoup(r.text, "lxml")

        form = soup.find("form")
@@ -143,7 +143,7 @@ class Exploit(exploits.Exploit):
                password = line[1].strip()

                postdata = self.data.replace("{{USER}}", user).replace("{{PASS}}", password)
-                r = requests.post(url, headers=headers, data=postdata)
+                r = requests.post(url, headers=headers, data=postdata, verify=False)
                l = len(r.text)

                if l < self.invalid["min"] or l > self.invalid["max"]: