w-digital-scanner / w13scan Goto Github PK
View Code? Open in Web Editor NEWPassive Security Scanner (被动式安全扫描器)
License: GNU General Public License v2.0
w13scan's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
m4d3bug spoock1024 re-expoc harry1080 huangyuan666 liuchengyan blankm1 lw1988 nepire nr4v3n imjdl bgrstar loveshell attackgithub awesome-security wucaishi azuremistake popmedd thinkergod arryboom triplekill end2dne aimorc no0d1es xiaoshuier 957204459 deeby kmwin dabing1205 linnoah jackyyvan 0x6b7966 j4ckzh0u nsdown heartway ic3-cr3am bailongwang1 s4copsd4v zztytu ch3ngxuyuan lonehand mixiyihao zshell seabreg grayguest luyg24 wdjcy sry309 51g53gv yangshuangfu darkyantou evi1hack maxncu hulala789 yizhimanpadewoniu xiaoqin00 skskevin korsanye trevor3000 1870387 ricardsu lukw00heck kenanat ziqi521 qq431169079 hotsunrize yuexia-martin shellsec saxaul zjacai s1xg0d heartbee yut0u bigbrobro secsystem liwanlei echocipher kevinoclam morns0 junyjiang dreamsroid geck01 tengfei1010 a0xpg jonathanzhou348 qing-q twn850811 webs3c sdgdsffdsfff webvul ershu1 summerxxoo longofo yogistudio xxooo gkfnf badaozhenjun pgy866 sickoleager jack51706w13scan's Issues
Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
Unhandled exception (#f156b3a2)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sl/index.aspx?KindID=589&Type=304&FileID=2926 1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\command_system.py", line 75, in audit
r = requests.get(netloc, params=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Unhandled exception (#d41d8cd9)
Running version: 0.9.6
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
just test function:createGithubIssue```
Unhandled exception (#4abca377)
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.3
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /cps/site/poll?cb=jsonp_bridge_1566198787223_2558439268470897&l=1&v=156619869541649774&s=11778604&e=18705410&dev=0&auth=%7B%22anonym%22%3A0%2C%22key%22%3A%223202696151260324680jmyv10874592888%22%2C%22sn%22%3A%22715595305%22%2C%22id%22%3A%22156619869541649774%22%2C%22from%22%3A4%2C%22token%22%3A%22bridge%22%7D&_time=1566198787223 HTTP/1.1
host: p.qiao.baidu.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: */*
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.zzmind.com/
cookie: *
Traceback (most recent call last):
File "E:\tools\poc\批量\w13scan\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "D:\python\python3.7\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "D:\python\python3.7\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
Unhandled exception (#c42e76f5)
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.0
Operating system: Darwin-17.5.0-x86_64-i386-64bit
Threads: 51
request raw:
GET / HTTP/1.1
host: push-socketio.kcs.top
connection: Upgrade
pragma: no-cache
cache-control: no-cache
upgrade: websocket
origin: https://www.kcs.top
sec-websocket-version: 13
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
cookie: *
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 544, in _get_chunk_left
chunk_left = self._read_next_chunk_size()
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 511, in _read_next_chunk_size
return int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 576, in _readinto_chunked
chunk_left = self._get_chunk_left()
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 546, in _get_chunk_left
raise IncompleteRead(b'')
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 397, in _error_catcher
yield
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 479, in read
data = self._fp.read(amt)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 447, in read
n = self.readinto(b)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 481, in readinto
return self._readinto_chunked(b)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 592, in _readinto_chunked
raise IncompleteRead(bytes(b[0:total_bytes]))
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/usr/local/lib/python3.7/site-packages/W13SCAN/plugins/PerScheme/backup_domain.py", line 72, in audit
content = r.raw2.read(10)
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
Unhandled exception (#f4dee8ae)
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.6.0-x86_64-i386-64bit
Threads: 5
Traceback (most recent call last):
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/go0p/Pycode/w13scan/W13SCAN/plugin/PerFile/struts2_009.py", line 62, in audit
r'class.classLoader.jarPath=%28%23context["xwork.MethodAccessor.denyMethodExecution"]%3d+new+java.lang.Boolean%28false%29%2c+%23_memberAccess["allowStaticMethodAccess"]%3dtrue%2c+%23a%3d%40java.lang.Runtime%40getRuntime%28%29.exec%28%27' + lin + '%27%29.getInputStream%28%29%2c%23b%3dnew+java.io.InputStreamReader%28%23a%29%2c%23c%3dnew+java.io.BufferedReader%28%23b%29%2c%23d%3dnew+char[50000]%2c%23c.read%28%23d%29%2c%23sbtest%3d%40org.apache.struts2.ServletActionContext%40getResponse%28%29.getWriter%28%29%2c%23sbtest.println%28%23d%29%2c%23sbtest.close%28%29%29%28meh%29&z[%28class.classLoader.jarPath%29%28%27meh%27%29]',
NameError: name 'lin' is not defined
疑似一处笔误 `plugins/PerFile/sql_inject_bool.py`: 94
https://github.com/boy-hack/w13scan/blob/master/W13SCAN/plugins/PerFile/sql_inject_bool.py
in 94 lines:
if ratio <= 0.98:
return False
self.findDynamicContent(resp_str, r.text)
count = 0
while 1:
count += 1
if count > self.retry:
return
r = requests.get(url, headers=headers)
self.findDynamicContent(resp_str, self.removeDynamicContent(r.text))Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
Unhandled exception (#c868d7fd)
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
GET /admin/ HTTP/1.1
host: emlog.demo
proxy-connection: keep-alive
cache-control: max-age=0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://emlog.demo/admin/
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9,en;q=0.8
cookie: *
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 75, in audit
raise Exception("test 11")
Exception: test 11
Unhandled exception (#1e44e892)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /lineindex.aspx?id=002008001 1.1
host: www.21sj-tour.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_time.py", line 254, in audit
if not self.init(flag, k, copy.deepcopy(data)):
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_time.py", line 65, in init
r3 = requests.get(self.netloc, params=data, headers=self.headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in send
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in <listcomp>
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 247, in resolve_redirects
**adapter_kwargs
File "c:\python3\lib\site-packages\requests\sessions.py", line 640, in send
adapter = self.get_adapter(url=request.url)
File "c:\python3\lib\site-packages\requests\sessions.py", line 731, in get_adapter
raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'returninfovalue:ID%20%e9%94%99%e8%af%af'
Unhandled exception (#84a13f36)
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
Traceback (most recent call last):
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 479, in do_GET
response = Response(request, self._proxy_sock)
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 206, in __init__
data = h.read()
File "/usr/lib/python3.7/http/client.py", line 464, in read
return self._readall_chunked()
File "/usr/lib/python3.7/http/client.py", line 571, in _readall_chunked
chunk_left = self._get_chunk_left()
File "/usr/lib/python3.7/http/client.py", line 554, in _get_chunk_left
chunk_left = self._read_next_chunk_size()
File "/usr/lib/python3.7/http/client.py", line 514, in _read_next_chunk_size
line = self.fp.readline(_MAXLINE + 1)
File "/usr/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
socket.timeout: timed out
Unhandled exception (#c05eab8b)
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.3
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
request raw:
GET /6438.html 1.1
host: www.agesec.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate,
referer: https://www.baidu.com/link?url=Mi7hLV2gzitFOek7DR-IOHkMuySqMjM2kk1ZvcUKtdeR0gOEoBzjV8jMPtUmBBw9&wd=&eqid=be559993002a2788000000065d5dff39
connection: keep-alive
cookie: *
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 639, in _update_chunk_length
self.chunk_left = int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 704, in read_chunked
self._update_chunk_length()
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 643, in _update_chunk_length
raise httplib.IncompleteRead(line)
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 732, in read_chunked
self._original_response.close()
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_error.py", line 52, in audit
r = requests.get(url, headers=tmp_headers, cookies=urlencode(cookie))
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
Unhandled exception (#a45d6048)
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
request raw:
GET /chp_wap/ HTTP/1.1
host: www.jk725.cn
connection: keep-alive
cache-control: max-age=0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.jk725.cn/chp_wap/web/hospital/goYuYueTiJian
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "d:\program files\python37\lib\site-packages\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "d:\program files\python37\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "d:\program files\python37\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
File "d:\program files\python37\lib\ssl.py", line 1034, in sendall
v = self.send(byte_view[count:])
File "d:\program files\python37\lib\ssl.py", line 1003, in send
return self._sslobj.write(data)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
被动扫描的时候尽量加上黑名单功能
有时候有退出的包,或者是删除的包不小心触发了就麻烦了。
感觉有一丝需要改动的地方
您的主体代码我大致上看了下,代码写得很棒,我从中学到了不少组织代码结构的思路,但是有一个地方我觉得有改进的空间,不知道我说的是否正确。
在看代码的时候,我始终有一个疑惑,这个入口点在哪,并不是指程序的入口点,是请求进来后,是在哪拦截的,loader插件是把所有的插件怼上去,但是从哪进 loader,我大致上看了一遍后并没有找到,然后我在 https://github.com/boy-hack/w13scan/blob/master/lib/baseproxy.py#L460 发现了,是从这进来的,觉得这一处放置的位置并不是太合理,我更倾向于应该移动到主体代码中去,这样结构上会更明晰
关于dvwa靶机的问题
在扫描dvwa靶机时,dvwa的登陆密码直接被 修改了,sql注入的时候可能修改了数据库
Unhandled exception (#fb764a1a)
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
Traceback (most recent call last):
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 485, in do_GET
self.request.sendall(response.to_data())
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 297, in to_data
res_data = res_data.encode(self.decoding if self.decoding else 'utf-8')
UnicodeEncodeError: 'ascii' codec can't encode characters in position 170-178: ordinal not in range(128)
建议搞成可视化web界面
建议搞成可视化web界面,方便团队共享使用
Unhandled exception (#f3bb5d83)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /lineindex.aspx?id=002008001 1.1
host: www.21sj-tour.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\command_system.py", line 75, in audit
r = requests.get(netloc, params=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in send
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in <listcomp>
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 247, in resolve_redirects
**adapter_kwargs
File "c:\python3\lib\site-packages\requests\sessions.py", line 640, in send
adapter = self.get_adapter(url=request.url)
File "c:\python3\lib\site-packages\requests\sessions.py", line 731, in get_adapter
raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'returninfovalue:ID%20%e9%94%99%e8%af%af'
Unhandled exception (#d2f28143)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET / HTTP/1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerScheme\sensitive_folders.py", line 44, in audit
r = requests.get(test_url, headers=headers, allow_redirects=False)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Unhandled exception (#5f2fee18)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sl/index.aspx?KindID=762&Type=303&FileID=3835 1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\xpath_inject.py", line 79, in audit
r = requests.get(netloc, headers=headers, params=data)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Unhandled exception
w13scan bug report test
Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
command_system和post_command_system 插件验证错误
url_flag = {
"set|set&set": [
'Path=[\s\S]*?PWD=',
'Path=[\s\S]*?PATHEXT=',
'Path=[\s\S]*?SHELL=',
'Path\x3d[\s\S]*?PWD\x3d',
'Path\x3d[\s\S]*?PATHEXT\x3d',
'Path\x3d[\s\S]*?SHELL\x3d',
'SERVER_SIGNATURE=[\s\S]*?SERVER_SOFTWARE=',
'SERVER_SIGNATURE\x3d[\s\S]*?SERVER_SOFTWARE\x3d',
'Non-authoritative\sanswer:\s+Name:\s*',
'Server:\s*.*?\nAddress:\s*'
],
"echo `echo 6162983|base64`6162983".format(randint): [
"NjE2Mjk4Mwo=6162983"
]
}
应改为
url_flag = {
"|set|set&set": [
'Path=[\s\S]*?PWD=',
'Path=[\s\S]*?PATHEXT=',
'Path=[\s\S]*?SHELL=',
'Path\x3d[\s\S]*?PWD\x3d',
'Path\x3d[\s\S]*?PATHEXT\x3d',
'Path\x3d[\s\S]*?SHELL\x3d',
'SERVER_SIGNATURE=[\s\S]*?SERVER_SOFTWARE=',
'SERVER_SIGNATURE\x3d[\s\S]*?SERVER_SOFTWARE\x3d',
'Non-authoritative\sanswer:\s+Name:\s*',
'Server:\s*.*?\nAddress:\s*'
],
"|echo `echo 6162983|base64`6162983".format(randint): [
"NjE2Mjk4Mwo=6162983"
]
}
POST /osrun/whois.php HTTP/1.1
Host: webscantest.com
Content-Length: 56
Cache-Control: max-age=0
Origin: http://webscantest.com
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://webscantest.com/osrun/whois.php
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
Cookie: NB_SRVID=srv140700; TEST_SESSIONID=hj1gtcbkulk0df7vhggg0vf4o4
Connection: close
X-XSS-Protection:0
domain=example.com|echo%20`echo%206162983|base64`6162983
Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
Unhandled exception (#bab72f14)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sl/index.aspx?KindID=589&Type=304&FileID=2926 1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_bool.py", line 126, in audit
r2 = requests.get(netloc, params=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Unhandled exception (#3ba2b4f1)
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
request raw:
POST /control/auth_cross/email.php HTTP/1.1
host: 129.211.28.20:8010
proxy-connection: keep-alive
content-length: 28
cache-control: max-age=0
origin: http://129.211.28.20:8010
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://129.211.28.20:8010/control/auth_cross/email.php
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "/usr/local/lib/python3.7/dist-packages/W13SCAN/lib/baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "/usr/lib/python3.7/http/server.py", line 481, in send_error
self.wfile.write(body)
File "/usr/lib/python3.7/socketserver.py", line 799, in write
self._sock.sendall(b)
BrokenPipeError: [Errno 32] Broken pipe
Unhandled exception (#a6eaf2c0)
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.3
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /js/12/000/0000/41160546/CA120000000411605460002.js HTTP/1.1
host: dcs.conac.cn
proxy-connection: keep-alive
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
referer: http://www.zjjy.com.cn/18/list.htm
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "D:\Python37\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "D:\Python37\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
Unhandled exception (#b104940c)
W13scan baseproxy get request traceback:
Running version: 0.9.6
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception 111")
Exception: test exception
关于baseproxy.py 获取请求的问题。
baseproxy抓取链接的时候,有时候是/index.php?a=111 有时候是http://www.example.com/index.php?a=111
导致无法进入
def _is_replay(self):
'''
决定是否放行
:return:
'''
ret = True
target = self.path
print(target)
if not self.is_connected:
target = self._target
for i in INCLUDES:
match = re.search(i, target, re.I)
if match:
ret = False
for i in EXCLUDES:
match = re.search(i, target, re.I)
if match:
ret = True
break
return ret
下面是抓取的信息
[2019-07-17 10:55:04] INFO HTTPServer is running at address( 0.0.0.0 , 7778 )......
/index.php?name=111
/index.php?name=111
/index.php?name=111
/index.php?name=111
clients4.google.com:443
Unhandled exception (#43ba8d57)
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.6.0-x86_64-i386-64bit
Threads: 5
Traceback (most recent call last):
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/go0p/Pycode/w13scan/W13SCAN/plugins/PerFile/struts2.py", line 60, in audit
print('headers',headers+'\n')
TypeError: unsupported operand type(s) for +: 'dict' and 'str'
Unhandled exception (#69f481bf)
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
Traceback (most recent call last):
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 479, in do_GET
response = Response(request, self._proxy_sock)
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 193, in __init__
h.begin()
File "/usr/lib/python3.7/http/client.py", line 306, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.7/http/client.py", line 267, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
socket.timeout: timed out
和w12scan的有些什么区别呢
html文件没法抓取
类似https://www.example.com/1.html?a=1&b=2这样的连接没法抓取么?
我已经吧'.html'写入到acceptedExt
Unhandled exception (#99914635)
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.0
Operating system: Darwin-17.5.0-x86_64-i386-64bit
Threads: 51
request raw:
GET /socket.io/?token=2neAiuYvAU5cbMXpmsXD5OJlewXCKryg8dSpDCgag8ZwbZpn3uIHi0A1AOtpCibAwoXOiOG0Q0EbVvV2-RmJlZlfk8UDDLr3ciVQDIpjdsDpzXIW4N48I6qRyqznCVt1whuoNZhpWWEvf2GkomuuY5SIJbriLwX8.kJCJKG3RCVTLsAd5fjQ7cA%3D%3D&format=json&acceptUserMessage=true&connectId=connect_welcome&EIO=3&transport=websocket HTTP/1.1
host: push-socketio.kcs.top
connection: Upgrade
pragma: no-cache
cache-control: no-cache
upgrade: websocket
origin: https://www.kcs.top
sec-websocket-version: 13
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
cookie: *
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 639, in _update_chunk_length
self.chunk_left = int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 397, in _error_catcher
yield
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 704, in read_chunked
self._update_chunk_length()
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 643, in _update_chunk_length
raise httplib.IncompleteRead(line)
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/requests/models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 732, in read_chunked
self._original_response.close()
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/usr/local/lib/python3.7/site-packages/W13SCAN/plugins/PerFile/crlf.py", line 63, in audit
r = requests.get(url, headers=headers, params=data)
File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.7/site-packages/W13SCAN/thirdpart/requests/__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 686, in send
r.content
File "/usr/local/lib/python3.7/site-packages/requests/models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "/usr/local/lib/python3.7/site-packages/requests/models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
Unhandled exception (#a6a80196)
W13scan plugin traceback:
Running version: 0.9.9
Python version: 3.7.3
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
request raw:
GET /index.php?g=portal&m=list&a=index&id=36 1.1
host: hrsa.shenyang.gov.cn
proxy-connection: keep-alive
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
soapaction:
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 639, in _update_chunk_length
self.chunk_left = int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 704, in read_chunked
self._update_chunk_length()
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 643, in _update_chunk_length
raise httplib.IncompleteRead(line)
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 732, in read_chunked
self._original_response.close()
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "F:\hack\EXP\w13scan-master\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "F:\hack\EXP\w13scan-master\W13SCAN\plugins\PerFile\xss.py", line 70, in audit
r = requests.get(url, headers=headers, params=data)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "F:\hack\EXP\w13scan-master\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
Unhandled exception (#ce330470)
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
Traceback (most recent call last):
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\adapters.py", line 412, in send
conn = self.get_connection(request.url, proxies)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\adapters.py", line 315, in get_connection
conn = self.poolmanager.connection_from_url(url)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\urllib3\poolmanager.py", line 283, in connection_from_url
pool_kwargs=pool_kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\urllib3\poolmanager.py", line 222, in connection_from_host
raise LocationValueError("No host specified.")
urllib3.exceptions.LocationValueError: No host specified.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\Tools\w13scan\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "D:\Tools\w13scan\W13SCAN\plugins\PerFile\command_system.py", line 76, in audit
r = requests.get(url1, headers=headers)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "D:\Tools\w13scan\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 668, in send
history = [resp for resp in gen] if allow_redirects else []
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 668, in <listcomp>
history = [resp for resp in gen] if allow_redirects else []
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 247, in resolve_redirects
**adapter_kwargs
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\adapters.py", line 414, in send
raise InvalidURL(e, request=request)
requests.exceptions.InvalidURL: No host specified.
Unhandled exception (#7a4c5b51)
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.0
Operating system: Darwin-17.5.0-x86_64-i386-64bit
Threads: 51
request raw:
GET /kumex-trade/market/ 1.1
host: kitchen.kumex.top
connection: keep-alive
pragma: no-cache
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://www.kumex.top
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
referer: https://www.kumex.top/refer/overview
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
cookie: *
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/usr/local/lib/python3.7/site-packages/W13SCAN/plugins/PerFolder/filescan.py", line 114, in audit
if payload["content-type_no1"]:
KeyError: 'content-type_no1'
python新手的一个小问题
请问 https://github.com/boy-hack/w13scan/blob/master/lib/controller.py#L80 中的 KB["task_queue"] 是什么时候 put 进去值的?
我 debug 时,访问一个 url 之后 KB["task_queue"] 中就有值了,我实在找不到是怎么放到队列中的,希望作者解答一下,谢谢。
还有就是 KB 这个字典是什么单词的缩写啊 Orz
Unhandled exception (#cb465701)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /e/tags/?tagname=清华大学朱令 1.1
host: www.oao2o.cn
proxy-connection: keep-alive
cache-control: max-age=0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 707, in read_chunked
chunk = self._handle_chunk(amt)
File "c:\python3\lib\site-packages\urllib3\response.py", line 662, in _handle_chunk
returned_chunk = self._fp._safe_read(self.chunk_left)
File "c:\python3\lib\http\client.py", line 622, in _safe_read
raise IncompleteRead(b''.join(s), amt)
http.client.IncompleteRead: IncompleteRead(8468 bytes read, 1265 more expected)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "c:\python3\lib\site-packages\urllib3\response.py", line 732, in read_chunked
self._original_response.close()
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(8468 bytes read, 1265 more expected)', IncompleteRead(8468 bytes read, 1265 more expected))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\cookie.py", line 46, in audit
r = requests.get(url, cookies=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(8468 bytes read, 1265 more expected)', IncompleteRead(8468 bytes read, 1265 more expected))
Unhandled exception (#ec951fe2)
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /favicon.ico HTTP/1.1
host: www.xuekeedu.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
cookie: *
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "c:\python3\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "c:\python3\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
回显错误
不知道是不是证书的问题
Unhandled exception (#2bd1781c)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=70831585&guest_id=10816134092004&status=0&guest_name=&guest_ip=122.55.63.80&guest_ip_info=%E8%8F%B2%E5%BE%8B%E5%AE%BE&area=%E9%A9%AC%E5%B0%BC%E6%8B%89%E9%83%BD%E4%BC%9A%E5%8C%BA%2D%E6%8B%89%E6%96%AF%E7%9A%AE%E7%BA%B3%E6%96%AF%E5%B8%82&from_page=&talk_page=http%3A%2F%2Fwww.tbqfx.com%2F&kf_time=1566389819&bto_id6d=-99&time=1566389880158&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=firefox&os=os_other&is_revisit=0&page_title=%E5%A4%AA%E7%99%BD%E9%9D%92%E5%B3%B0%E5%B3%A1%E6%A3%AE%E6%9E%97%E5%85%AC%E5%9B%AD HTTP/1.1
host: accwww23.53kf.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: */*
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.tbqfx.com/
cookie: *
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None)", ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\crlf.py", line 63, in audit
r = requests.get(url, headers=headers, params=data)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None)", ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None))
伪静态的无法抓取么?
类似https://example.com/a/b
我看了一下self.path有时候抓取的是https://example.com/a/b 有时候是/a/b
Unhandled exception (#7ff66dda)
W13scan baseproxy get request traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.6.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/baseproxy.py", line 482, in do_GET
response = Response(request, self._proxy_sock)
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/baseproxy.py", line 194, in __init__
h.begin()
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 306, in begin
version, status, reason = self._read_status()
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 267, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 1071, in recv_into
return self.read(nbytes, buffer)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 929, in read
return self._sslobj.read(len, buffer)
socket.timeout: The read operation timed out
Unhandled exception (#822025b3)
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.3
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /index.php?p=productsshow&id=265&c_id=56&lanmu=5117 1.1
host: zonicy.cn
proxy-connection: keep-alive
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
Traceback (most recent call last):
File "D:\Python37\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "D:\Python37\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "D:\Python37\lib\http\client.py", line 447, in read
n = self.readinto(b)
File "D:\Python37\lib\http\client.py", line 491, in readinto
n = self.fp.readinto(b)
File "D:\Python37\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\Python37\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "D:\Python37\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "D:\Python37\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "D:\Python37\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "D:\Python37\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\plugins\PerFile\command_system.py", line 75, in audit
r = requests.get(netloc, params=data, headers=headers)
File "D:\Python37\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "D:\Python37\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "D:\Python37\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "D:\Python37\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "D:\Python37\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Unhandled exception (#740d9ac2)
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
默认配置的level0是怎么理解的?
请问,我看到config.py中level>=1加载部分插件,默认配置是level0,请问level0会加载哪些插件?其他的2-5分别会怎么工作?在哪个文件里有描述?我找了一下,没找到。
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.