cve-2021-41773 和 cve-2021-42013 批量验证python脚本
运行环境:python3
用法:python3 poc.py url.txt
url.txt放待检测的url,存在漏洞的url会被写入success.txt
验证内容很简单,get请求发送cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd就行,但是我用requests发包发现不行,抓包发现%2e会被自动解码成.,于是采用urllib发包,发现没问题,本地测试成功。