LandGrey / CVE-2019-7609

exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts
MIT License
160 stars 64 forks source link

fix for running with python3 #4

Open bibaf opened 2 years ago

bibaf commented 2 years ago

hi, i did fix to use this script with python3, i got erros: TypeError: a bytes-like object is required, not 'str'

i commente my lines with: --FIXED

def get_kibana_version(url): headers = { 'Referer': url, 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0', } url = "{}{}".format(url.rstrip("/"), "/app/kibana") r = requests.get(url, verify=False, headers=headers, timeout=30) a = (r.content) -- FIXED b = (a.decode("UTF-8", "replace")) -- FIXED patterns = ['"version":"(.?)",', '"version":"(.?)",'] for pattern in patterns: match = re.findall(pattern, b) -- FIXED if match: return match[0] return '9.9.9'

def verify(url): global version

if not version or not version_compare(["5.6.15", "6.6.1"], version):
    return False
headers = {
    'Content-Type': 'application/json;charset=utf-8',
    'Referer': url,
    'kbn-version': version,
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0',
}
data = '{"sheet":[".es(*)"],"time":{"from":"now-1m","to":"now","mode":"quick","interval":"auto","timezone":"Asia/Shanghai"}}'
url = "{}{}".format(url.rstrip("/"), "/api/timelion/run")
r = requests.post(url, data=data, verify=False, headers=headers, timeout=20)
a = (r.content) -- FIXED
b = (a.decode("UTF-8", "replace")) -- FIXED

if r.status_code == 200 and 'application/json' in r.headers.get('content-type', '') and '"seriesList"' in b:   --FIXED
    return True
else:
    return False
joaopmarcal commented 1 year ago

hi there is an error with this two functions, change them and it will work! def get_kibana_version(url): headers = { 'Referer': url, 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0', } url = "{}{}".format(url.rstrip("/"), "/app/kibana") r = requests.get(url, verify=False, headers=headers, timeout=30) patterns = ['"version":"(.?)",', '"version":"(.?)",'] for pattern in patterns: match = re.findall(pattern, r.content.decode('utf-8')) # Decode the content as UTF-8 if match: return match[0] return '9.9.9'

def verify(url): global version

if not version or not version_compare(["5.6.15", "6.6.1"], version):
    return False
headers = {
    'Content-Type': 'application/json;charset=utf-8',
    'Referer': url,
    'kbn-version': version,
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0',
}
data = '{"sheet":[".es(*)"],"time":{"from":"now-1m","to":"now","mode":"quick","interval":"auto","timezone":"Asia/Shanghai"}}'
url = "{}{}".format(url.rstrip("/"), "/api/timelion/run")
r = requests.post(url, data=data, verify=False, headers=headers, timeout=20)
if r.status_code == 200 and 'application/json' in r.headers.get('content-type', '') and '"seriesList"' in r.content.decode('utf-8'):
    return True
else:
    return False