forked from p34709852/monkey
rename function that finds vulnerable node IDs
This commit is contained in:
parent
cec57c1604
commit
6e2678473c
|
@ -25,8 +25,8 @@ def check_drupal_cache(r: requests.Response) -> bool:
|
|||
return 'X-Drupal-Cache' in r.headers and r.headers['X-Drupal-Cache'] == 'HIT'
|
||||
|
||||
|
||||
def find_articles(base_url: str, lower: int = 1, upper: int = 10):
|
||||
""" Find a target article that does not 404 and is not cached """
|
||||
def find_exploitbale_article_ids(base_url: str, lower: int = 1, upper: int = 10) -> set:
|
||||
""" Find target articles that do not 404 and are not cached """
|
||||
articles = set()
|
||||
while lower < upper:
|
||||
u = urljoin(base_url, str(lower))
|
||||
|
@ -66,7 +66,7 @@ class DrupalExploiter(WebRCE):
|
|||
:return: None (in-place addition)
|
||||
"""
|
||||
for url in potential_urls:
|
||||
node_ids = find_articles(url)
|
||||
node_ids = find_exploitbale_article_ids(url)
|
||||
if node_ids is None:
|
||||
LOG.info('Could not find a Drupal node to attack')
|
||||
continue
|
||||
|
|
Loading…
Reference in New Issue