Thursday, February 23, 2017

The bad and good urllib.

This is a simple python script:
import urllib
opener = urllib.FancyURLopener({})
f = opener.open("http://www.ra___aer.ro/")
d=f.read()
fo = open('workfile.txt', 'w')
fo.write(d)
fo.close()
The really bad news come from here:
http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html