lollms-webui/tests/pentests/path_traversal/open_file_vulenerability.py

41 lines
1.4 KiB
Python
Raw Normal View History

2024-02-14 23:35:04 +00:00
import os
import requests
def test_vulnerabilities():
"""
This function tests for two vulnerabilities in the '/open_file' endpoint.
1. Path Traversal vulnerability: It attempts to access sensitive files by providing a payload with multiple "../" to traverse directories.
2. Command Injection vulnerability: It attempts to execute additional commands by appending a payload with "&&" and an echo statement.
:return: None
"""
# Test path traversal vulnerability
payload = "../../../../../../../../../../etc/passwd"
url = "http://localhost:9600/open_file"
data = {"path": payload}
response = requests.post(url, json=data)
if response.status_code == 200:
if "root:x" in response.text:
print("Path Traversal vulnerability found!")
else:
print("Path Traversal vulnerability not found.")
else:
print("Error: ", response.status_code)
# Test command injection vulnerability
payload = "&& echo 'Command Injection Test'"
data = {"path": payload}
response = requests.post(url, json=data)
if response.status_code == 200:
if "Command Injection Test" in response.text:
print("Command Injection vulnerability found!")
else:
print("Command Injection vulnerability not found.")
else:
print("Error: ", response.status_code)
# Call the test function
test_vulnerabilities()