jetty bleed漏洞利用工具

两个exp:

https://github.com/AppSecConsulting/Pentest-Tools/blob/master/jetty-bleed.py

https://github.com/GDSSecurity/Jetleak-Testing-Script

 

from subprocess import Popen

def runexp(filename,t):    
    print \'----------------------------------\'
    print "run " + filename + \'.....\'
    cmd =  pythondir + \'  \' +  filename  + \'   \' + t 
    try:
        proc = Popen(cmd.split(),shell=False).wait()
    except Exception,e:
        print e
        pass

if __name__ == "__main__":		
f = open(\'target.txt\',\'r\')
pythondir =  \'/home/leo/Desktop/envxlcscan/bin/python\'
for line in f:
    line =line.strip()
    
    runexp(\'jetty-bleed.py\',line)
    runexp(\'jetleak_tester.py\',line)


f.close()