| # Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable | |
| # to integer overflow vulnerability in nginx range filter module resulting into leak | |
| # of potentially sensitive information triggered by specially crafted request. | |
| # * CVE-2017-7529 | |
| # - By @BlackViruScript / @Black#4544 | |
| import urllib.parse, requests, argparse | |
| global colorama, termcolor | |
| try: | |
| import colorama, termcolor | |
| colorama.init(autoreset=True) |
FWIW: I'm not the author of the content presented here (which is an outline from Edmond Lau's book). I've just copy-pasted it from somewhere over the Internet, but I cannot remember what exactly the original source is. I was also not able to find the author's name, so I cannot give him/her the proper credits.
| package main | |
| import ( | |
| "bytes" | |
| "compress/gzip" | |
| "database/sql/driver" | |
| "errors" | |
| "fmt" | |
| "github.com/jmoiron/sqlx" | |
| _ "github.com/mattn/go-sqlite3" |
| package main | |
| // run this file with `go run clientDoGzip.go, and then file tmp.out to verify body is gzipped | |
| import "compress/gzip" | |
| import "net/http" | |
| import "fmt" | |
| import "io" | |
| import "log" | |
| import "os" |