w-digital-scanner / w13scan Goto Github PK
View Code? Open in Web Editor NEWPassive Security Scanner (被动式安全扫描器)
License: GNU General Public License v2.0
Passive Security Scanner (被动式安全扫描器)
License: GNU General Public License v2.0
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sl/index.aspx?KindID=589&Type=304&FileID=2926 1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\command_system.py", line 75, in audit
r = requests.get(netloc, params=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Running version: 0.9.6
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
just test function:createGithubIssue```
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.3
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /cps/site/poll?cb=jsonp_bridge_1566198787223_2558439268470897&l=1&v=156619869541649774&s=11778604&e=18705410&dev=0&auth=%7B%22anonym%22%3A0%2C%22key%22%3A%223202696151260324680jmyv10874592888%22%2C%22sn%22%3A%22715595305%22%2C%22id%22%3A%22156619869541649774%22%2C%22from%22%3A4%2C%22token%22%3A%22bridge%22%7D&_time=1566198787223 HTTP/1.1
host: p.qiao.baidu.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: */*
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.zzmind.com/
cookie: *
Traceback (most recent call last):
File "E:\tools\poc\批量\w13scan\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "D:\python\python3.7\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "D:\python\python3.7\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.0
Operating system: Darwin-17.5.0-x86_64-i386-64bit
Threads: 51
request raw:
GET / HTTP/1.1
host: push-socketio.kcs.top
connection: Upgrade
pragma: no-cache
cache-control: no-cache
upgrade: websocket
origin: https://www.kcs.top
sec-websocket-version: 13
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
cookie: *
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 544, in _get_chunk_left
chunk_left = self._read_next_chunk_size()
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 511, in _read_next_chunk_size
return int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 576, in _readinto_chunked
chunk_left = self._get_chunk_left()
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 546, in _get_chunk_left
raise IncompleteRead(b'')
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 397, in _error_catcher
yield
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 479, in read
data = self._fp.read(amt)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 447, in read
n = self.readinto(b)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 481, in readinto
return self._readinto_chunked(b)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 592, in _readinto_chunked
raise IncompleteRead(bytes(b[0:total_bytes]))
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/usr/local/lib/python3.7/site-packages/W13SCAN/plugins/PerScheme/backup_domain.py", line 72, in audit
content = r.raw2.read(10)
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.6.0-x86_64-i386-64bit
Threads: 5
Traceback (most recent call last):
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/go0p/Pycode/w13scan/W13SCAN/plugin/PerFile/struts2_009.py", line 62, in audit
r'class.classLoader.jarPath=%28%23context["xwork.MethodAccessor.denyMethodExecution"]%3d+new+java.lang.Boolean%28false%29%2c+%23_memberAccess["allowStaticMethodAccess"]%3dtrue%2c+%23a%3d%40java.lang.Runtime%40getRuntime%28%29.exec%28%27' + lin + '%27%29.getInputStream%28%29%2c%23b%3dnew+java.io.InputStreamReader%28%23a%29%2c%23c%3dnew+java.io.BufferedReader%28%23b%29%2c%23d%3dnew+char[50000]%2c%23c.read%28%23d%29%2c%23sbtest%3d%40org.apache.struts2.ServletActionContext%40getResponse%28%29.getWriter%28%29%2c%23sbtest.println%28%23d%29%2c%23sbtest.close%28%29%29%28meh%29&z[%28class.classLoader.jarPath%29%28%27meh%27%29]',
NameError: name 'lin' is not defined
https://github.com/boy-hack/w13scan/blob/master/W13SCAN/plugins/PerFile/sql_inject_bool.py
in 94
lines:
if ratio <= 0.98:
return False
self.findDynamicContent(resp_str, r.text)
count = 0
while 1:
count += 1
if count > self.retry:
return
r = requests.get(url, headers=headers)
self.findDynamicContent(resp_str, self.removeDynamicContent(r.text))
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
GET /admin/ HTTP/1.1
host: emlog.demo
proxy-connection: keep-alive
cache-control: max-age=0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://emlog.demo/admin/
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9,en;q=0.8
cookie: *
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 75, in audit
raise Exception("test 11")
Exception: test 11
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /lineindex.aspx?id=002008001 1.1
host: www.21sj-tour.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_time.py", line 254, in audit
if not self.init(flag, k, copy.deepcopy(data)):
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_time.py", line 65, in init
r3 = requests.get(self.netloc, params=data, headers=self.headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in send
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in <listcomp>
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 247, in resolve_redirects
**adapter_kwargs
File "c:\python3\lib\site-packages\requests\sessions.py", line 640, in send
adapter = self.get_adapter(url=request.url)
File "c:\python3\lib\site-packages\requests\sessions.py", line 731, in get_adapter
raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'returninfovalue:ID%20%e9%94%99%e8%af%af'
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
Traceback (most recent call last):
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 479, in do_GET
response = Response(request, self._proxy_sock)
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 206, in __init__
data = h.read()
File "/usr/lib/python3.7/http/client.py", line 464, in read
return self._readall_chunked()
File "/usr/lib/python3.7/http/client.py", line 571, in _readall_chunked
chunk_left = self._get_chunk_left()
File "/usr/lib/python3.7/http/client.py", line 554, in _get_chunk_left
chunk_left = self._read_next_chunk_size()
File "/usr/lib/python3.7/http/client.py", line 514, in _read_next_chunk_size
line = self.fp.readline(_MAXLINE + 1)
File "/usr/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
socket.timeout: timed out
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.3
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
request raw:
GET /6438.html 1.1
host: www.agesec.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate,
referer: https://www.baidu.com/link?url=Mi7hLV2gzitFOek7DR-IOHkMuySqMjM2kk1ZvcUKtdeR0gOEoBzjV8jMPtUmBBw9&wd=&eqid=be559993002a2788000000065d5dff39
connection: keep-alive
cookie: *
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 639, in _update_chunk_length
self.chunk_left = int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 704, in read_chunked
self._update_chunk_length()
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 643, in _update_chunk_length
raise httplib.IncompleteRead(line)
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 732, in read_chunked
self._original_response.close()
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_error.py", line 52, in audit
r = requests.get(url, headers=tmp_headers, cookies=urlencode(cookie))
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "d:\program files (x86)\microsoft visual studio\shared\python37_64\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
request raw:
GET /chp_wap/ HTTP/1.1
host: www.jk725.cn
connection: keep-alive
cache-control: max-age=0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.jk725.cn/chp_wap/web/hospital/goYuYueTiJian
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "d:\program files\python37\lib\site-packages\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "d:\program files\python37\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "d:\program files\python37\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
File "d:\program files\python37\lib\ssl.py", line 1034, in sendall
v = self.send(byte_view[count:])
File "d:\program files\python37\lib\ssl.py", line 1003, in send
return self._sslobj.write(data)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
有时候有退出的包,或者是删除的包不小心触发了就麻烦了。
您的主体代码我大致上看了下,代码写得很棒,我从中学到了不少组织代码结构的思路,但是有一个地方我觉得有改进的空间,不知道我说的是否正确。
在看代码的时候,我始终有一个疑惑,这个入口点在哪,并不是指程序的入口点,是请求进来后,是在哪拦截的,loader插件是把所有的插件怼上去,但是从哪进 loader,我大致上看了一遍后并没有找到,然后我在 https://github.com/boy-hack/w13scan/blob/master/lib/baseproxy.py#L460 发现了,是从这进来的,觉得这一处放置的位置并不是太合理,我更倾向于应该移动到主体代码中去,这样结构上会更明晰
在扫描dvwa靶机时,dvwa的登陆密码直接被 修改了,sql注入的时候可能修改了数据库
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
Traceback (most recent call last):
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 485, in do_GET
self.request.sendall(response.to_data())
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 297, in to_data
res_data = res_data.encode(self.decoding if self.decoding else 'utf-8')
UnicodeEncodeError: 'ascii' codec can't encode characters in position 170-178: ordinal not in range(128)
建议搞成可视化web界面,方便团队共享使用
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /lineindex.aspx?id=002008001 1.1
host: www.21sj-tour.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\command_system.py", line 75, in audit
r = requests.get(netloc, params=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in send
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 668, in <listcomp>
history = [resp for resp in gen] if allow_redirects else []
File "c:\python3\lib\site-packages\requests\sessions.py", line 247, in resolve_redirects
**adapter_kwargs
File "c:\python3\lib\site-packages\requests\sessions.py", line 640, in send
adapter = self.get_adapter(url=request.url)
File "c:\python3\lib\site-packages\requests\sessions.py", line 731, in get_adapter
raise InvalidSchema("No connection adapters were found for '%s'" % url)
requests.exceptions.InvalidSchema: No connection adapters were found for 'returninfovalue:ID%20%e9%94%99%e8%af%af'
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET / HTTP/1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerScheme\sensitive_folders.py", line 44, in audit
r = requests.get(test_url, headers=headers, allow_redirects=False)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sl/index.aspx?KindID=762&Type=303&FileID=3835 1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\xpath_inject.py", line 79, in audit
r = requests.get(netloc, headers=headers, params=data)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
w13scan bug report test
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
url_flag = {
"set|set&set": [
'Path=[\s\S]*?PWD=',
'Path=[\s\S]*?PATHEXT=',
'Path=[\s\S]*?SHELL=',
'Path\x3d[\s\S]*?PWD\x3d',
'Path\x3d[\s\S]*?PATHEXT\x3d',
'Path\x3d[\s\S]*?SHELL\x3d',
'SERVER_SIGNATURE=[\s\S]*?SERVER_SOFTWARE=',
'SERVER_SIGNATURE\x3d[\s\S]*?SERVER_SOFTWARE\x3d',
'Non-authoritative\sanswer:\s+Name:\s*',
'Server:\s*.*?\nAddress:\s*'
],
"echo `echo 6162983|base64`6162983".format(randint): [
"NjE2Mjk4Mwo=6162983"
]
}
应改为
url_flag = {
"|set|set&set": [
'Path=[\s\S]*?PWD=',
'Path=[\s\S]*?PATHEXT=',
'Path=[\s\S]*?SHELL=',
'Path\x3d[\s\S]*?PWD\x3d',
'Path\x3d[\s\S]*?PATHEXT\x3d',
'Path\x3d[\s\S]*?SHELL\x3d',
'SERVER_SIGNATURE=[\s\S]*?SERVER_SOFTWARE=',
'SERVER_SIGNATURE\x3d[\s\S]*?SERVER_SOFTWARE\x3d',
'Non-authoritative\sanswer:\s+Name:\s*',
'Server:\s*.*?\nAddress:\s*'
],
"|echo `echo 6162983|base64`6162983".format(randint): [
"NjE2Mjk4Mwo=6162983"
]
}
POST /osrun/whois.php HTTP/1.1
Host: webscantest.com
Content-Length: 56
Cache-Control: max-age=0
Origin: http://webscantest.com
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://webscantest.com/osrun/whois.php
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
Cookie: NB_SRVID=srv140700; TEST_SESSIONID=hj1gtcbkulk0df7vhggg0vf4o4
Connection: close
X-XSS-Protection:0
domain=example.com|echo%20`echo%206162983|base64`6162983
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sl/index.aspx?KindID=589&Type=304&FileID=2926 1.1
host: www.xxyw.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.xxyw.com/
dnt: 1
connection: keep-alive
upgrade-insecure-requests: 1
cache-control: max-age=0
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\sql_inject_bool.py", line 126, in audit
r2 = requests.get(netloc, params=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
request raw:
POST /control/auth_cross/email.php HTTP/1.1
host: 129.211.28.20:8010
proxy-connection: keep-alive
content-length: 28
cache-control: max-age=0
origin: http://129.211.28.20:8010
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://129.211.28.20:8010/control/auth_cross/email.php
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "/usr/local/lib/python3.7/dist-packages/W13SCAN/lib/baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "/usr/lib/python3.7/http/server.py", line 481, in send_error
self.wfile.write(body)
File "/usr/lib/python3.7/socketserver.py", line 799, in write
self._sock.sendall(b)
BrokenPipeError: [Errno 32] Broken pipe
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.3
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /js/12/000/0000/41160546/CA120000000411605460002.js HTTP/1.1
host: dcs.conac.cn
proxy-connection: keep-alive
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
referer: http://www.zjjy.com.cn/18/list.htm
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "D:\Python37\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "D:\Python37\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
W13scan baseproxy get request traceback:
Running version: 0.9.6
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception 111")
Exception: test exception
baseproxy抓取链接的时候,有时候是/index.php?a=111 有时候是http://www.example.com/index.php?a=111
导致无法进入
def _is_replay(self):
'''
决定是否放行
:return:
'''
ret = True
target = self.path
print(target)
if not self.is_connected:
target = self._target
for i in INCLUDES:
match = re.search(i, target, re.I)
if match:
ret = False
for i in EXCLUDES:
match = re.search(i, target, re.I)
if match:
ret = True
break
return ret
下面是抓取的信息
[2019-07-17 10:55:04] INFO HTTPServer is running at address( 0.0.0.0 , 7778 )......
/index.php?name=111
/index.php?name=111
/index.php?name=111
/index.php?name=111
clients4.google.com:443
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.6.0-x86_64-i386-64bit
Threads: 5
Traceback (most recent call last):
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/go0p/Pycode/w13scan/W13SCAN/plugins/PerFile/struts2.py", line 60, in audit
print('headers',headers+'\n')
TypeError: unsupported operand type(s) for +: 'dict' and 'str'
Python version: 3.7.4
Operating system: Linux-4.19.0-kali5-amd64-x86_64-with-Kali-kali-rolling-kali-rolling
Threads: 51
Traceback (most recent call last):
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 479, in do_GET
response = Response(request, self._proxy_sock)
File "/code/python_code/w13scan-master/W13SCAN/lib/baseproxy.py", line 193, in __init__
h.begin()
File "/usr/lib/python3.7/http/client.py", line 306, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.7/http/client.py", line 267, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
socket.timeout: timed out
类似https://www.example.com/1.html?a=1&b=2这样的连接没法抓取么?
我已经吧'.html'写入到acceptedExt
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.0
Operating system: Darwin-17.5.0-x86_64-i386-64bit
Threads: 51
request raw:
GET /socket.io/?token=2neAiuYvAU5cbMXpmsXD5OJlewXCKryg8dSpDCgag8ZwbZpn3uIHi0A1AOtpCibAwoXOiOG0Q0EbVvV2-RmJlZlfk8UDDLr3ciVQDIpjdsDpzXIW4N48I6qRyqznCVt1whuoNZhpWWEvf2GkomuuY5SIJbriLwX8.kJCJKG3RCVTLsAd5fjQ7cA%3D%3D&format=json&acceptUserMessage=true&connectId=connect_welcome&EIO=3&transport=websocket HTTP/1.1
host: push-socketio.kcs.top
connection: Upgrade
pragma: no-cache
cache-control: no-cache
upgrade: websocket
origin: https://www.kcs.top
sec-websocket-version: 13
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
cookie: *
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 639, in _update_chunk_length
self.chunk_left = int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 397, in _error_catcher
yield
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 704, in read_chunked
self._update_chunk_length()
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 643, in _update_chunk_length
raise httplib.IncompleteRead(line)
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/requests/models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 732, in read_chunked
self._original_response.close()
File "/usr/local/Cellar/python/3.7.0/Frameworks/Python.framework/Versions/3.7/lib/python3.7/contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python3.7/site-packages/urllib3/response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/usr/local/lib/python3.7/site-packages/W13SCAN/plugins/PerFile/crlf.py", line 63, in audit
r = requests.get(url, headers=headers, params=data)
File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.7/site-packages/W13SCAN/thirdpart/requests/__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py", line 686, in send
r.content
File "/usr/local/lib/python3.7/site-packages/requests/models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "/usr/local/lib/python3.7/site-packages/requests/models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
W13scan plugin traceback:
Running version: 0.9.9
Python version: 3.7.3
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
request raw:
GET /index.php?g=portal&m=list&a=index&id=36 1.1
host: hrsa.shenyang.gov.cn
proxy-connection: keep-alive
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
soapaction:
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 639, in _update_chunk_length
self.chunk_left = int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 704, in read_chunked
self._update_chunk_length()
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 643, in _update_chunk_length
raise httplib.IncompleteRead(line)
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 732, in read_chunked
self._original_response.close()
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "F:\hack\EXP\w13scan-master\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "F:\hack\EXP\w13scan-master\W13SCAN\plugins\PerFile\xss.py", line 70, in audit
r = requests.get(url, headers=headers, params=data)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "F:\hack\EXP\w13scan-master\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "C:\Users\Canon\AppData\Local\Programs\Python\Python37-32\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read))
W13scan plugin traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Windows-10-10.0.18362-SP0
Threads: 51
Traceback (most recent call last):
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\adapters.py", line 412, in send
conn = self.get_connection(request.url, proxies)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\adapters.py", line 315, in get_connection
conn = self.poolmanager.connection_from_url(url)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\urllib3\poolmanager.py", line 283, in connection_from_url
pool_kwargs=pool_kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\urllib3\poolmanager.py", line 222, in connection_from_host
raise LocationValueError("No host specified.")
urllib3.exceptions.LocationValueError: No host specified.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\Tools\w13scan\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "D:\Tools\w13scan\W13SCAN\plugins\PerFile\command_system.py", line 76, in audit
r = requests.get(url1, headers=headers)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "D:\Tools\w13scan\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 668, in send
history = [resp for resp in gen] if allow_redirects else []
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 668, in <listcomp>
history = [resp for resp in gen] if allow_redirects else []
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 247, in resolve_redirects
**adapter_kwargs
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python37\lib\site-packages\requests\adapters.py", line 414, in send
raise InvalidURL(e, request=request)
requests.exceptions.InvalidURL: No host specified.
W13scan plugin traceback:
Running version: 0.9.10
Python version: 3.7.0
Operating system: Darwin-17.5.0-x86_64-i386-64bit
Threads: 51
request raw:
GET /kumex-trade/market/ 1.1
host: kitchen.kumex.top
connection: keep-alive
pragma: no-cache
cache-control: no-cache
accept: application/json, text/plain, */*
origin: https://www.kumex.top
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
referer: https://www.kumex.top/refer/overview
accept-encoding: gzip, deflate,
accept-language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
cookie: *
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/usr/local/lib/python3.7/site-packages/W13SCAN/plugins/PerFolder/filescan.py", line 114, in audit
if payload["content-type_no1"]:
KeyError: 'content-type_no1'
请问 https://github.com/boy-hack/w13scan/blob/master/lib/controller.py#L80 中的 KB["task_queue"]
是什么时候 put 进去值的?
我 debug 时,访问一个 url 之后 KB["task_queue"]
中就有值了,我实在找不到是怎么放到队列中的,希望作者解答一下,谢谢。
还有就是 KB 这个字典是什么单词的缩写啊 Orz
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /e/tags/?tagname=清华大学朱令 1.1
host: www.oao2o.cn
proxy-connection: keep-alive
cache-control: max-age=0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
cookie: *
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 707, in read_chunked
chunk = self._handle_chunk(amt)
File "c:\python3\lib\site-packages\urllib3\response.py", line 662, in _handle_chunk
returned_chunk = self._fp._safe_read(self.chunk_left)
File "c:\python3\lib\http\client.py", line 622, in _safe_read
raise IncompleteRead(b''.join(s), amt)
http.client.IncompleteRead: IncompleteRead(8468 bytes read, 1265 more expected)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 527, in stream
for line in self.read_chunked(amt, decode_content=decode_content):
File "c:\python3\lib\site-packages\urllib3\response.py", line 732, in read_chunked
self._original_response.close()
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ('Connection broken: IncompleteRead(8468 bytes read, 1265 more expected)', IncompleteRead(8468 bytes read, 1265 more expected))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\cookie.py", line 46, in audit
r = requests.get(url, cookies=data, headers=headers)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ('Connection broken: IncompleteRead(8468 bytes read, 1265 more expected)', IncompleteRead(8468 bytes read, 1265 more expected))
W13scan baseproxy get request traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /favicon.ico HTTP/1.1
host: www.xuekeedu.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
cookie: *
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\baseproxy.py", line 500, in do_GET
self.send_error(404, 'response is None {}'.format(errMsg))
File "c:\python3\lib\http\server.py", line 481, in send_error
self.wfile.write(body)
File "c:\python3\lib\socketserver.py", line 799, in write
self._sock.sendall(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.4
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=70831585&guest_id=10816134092004&status=0&guest_name=&guest_ip=122.55.63.80&guest_ip_info=%E8%8F%B2%E5%BE%8B%E5%AE%BE&area=%E9%A9%AC%E5%B0%BC%E6%8B%89%E9%83%BD%E4%BC%9A%E5%8C%BA%2D%E6%8B%89%E6%96%AF%E7%9A%AE%E7%BA%B3%E6%96%AF%E5%B8%82&from_page=&talk_page=http%3A%2F%2Fwww.tbqfx.com%2F&kf_time=1566389819&bto_id6d=-99&time=1566389880158&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=firefox&os=os_other&is_revisit=0&page_title=%E5%A4%AA%E7%99%BD%E9%9D%92%E5%B3%B0%E5%B3%A1%E6%A3%AE%E6%9E%97%E5%85%AC%E5%9B%AD HTTP/1.1
host: accwww23.53kf.com
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
accept: */*
accept-language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
accept-encoding: gzip, deflate
referer: http://www.tbqfx.com/
cookie: *
Traceback (most recent call last):
File "c:\python3\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "c:\python3\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "c:\python3\lib\http\client.py", line 457, in read
n = self.readinto(b)
File "c:\python3\lib\http\client.py", line 501, in readinto
n = self.fp.readinto(b)
File "c:\python3\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionAbortedError: [WinError 10053] 你的主机中的软件中止了一个已建立的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "c:\python3\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "c:\python3\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "c:\python3\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "c:\python3\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None)", ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\site-packages\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "c:\python3\lib\site-packages\W13SCAN\plugins\PerFile\crlf.py", line 63, in audit
r = requests.get(url, headers=headers, params=data)
File "c:\python3\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "c:\python3\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "c:\python3\lib\site-packages\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "c:\python3\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "c:\python3\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "c:\python3\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None)", ConnectionAbortedError(10053, '你的主机中的软件中止了一个已建立的连接。', None, 10053, None))
类似https://example.com/a/b
我看了一下self.path有时候抓取的是https://example.com/a/b 有时候是/a/b
W13scan baseproxy get request traceback:
Running version: 0.9.7
Python version: 3.7.4
Operating system: Darwin-18.6.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/baseproxy.py", line 482, in do_GET
response = Response(request, self._proxy_sock)
File "/Users/go0p/Pycode/w13scan/W13SCAN/lib/baseproxy.py", line 194, in __init__
h.begin()
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 306, in begin
version, status, reason = self._read_status()
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/http/client.py", line 267, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 1071, in recv_into
return self.read(nbytes, buffer)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py", line 929, in read
return self._sslobj.read(len, buffer)
socket.timeout: The read operation timed out
W13scan plugin traceback:
Running version: 0.9.8
Python version: 3.7.3
Operating system: Windows-10-10.0.17763-SP0
Threads: 51
request raw:
GET /index.php?p=productsshow&id=265&c_id=56&lanmu=5117 1.1
host: zonicy.cn
proxy-connection: keep-alive
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
accept-language: zh-CN,zh;q=0.9
Traceback (most recent call last):
File "D:\Python37\lib\site-packages\urllib3\response.py", line 397, in _error_catcher
yield
File "D:\Python37\lib\site-packages\urllib3\response.py", line 479, in read
data = self._fp.read(amt)
File "D:\Python37\lib\http\client.py", line 447, in read
n = self.readinto(b)
File "D:\Python37\lib\http\client.py", line 491, in readinto
n = self.fp.readinto(b)
File "D:\Python37\lib\socket.py", line 589, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\Python37\lib\site-packages\requests\models.py", line 750, in generate
for chunk in self.raw.stream(chunk_size, decode_content=True):
File "D:\Python37\lib\site-packages\urllib3\response.py", line 531, in stream
data = self.read(amt=amt, decode_content=decode_content)
File "D:\Python37\lib\site-packages\urllib3\response.py", line 496, in read
raise IncompleteRead(self._fp_bytes_read, self.length_remaining)
File "D:\Python37\lib\contextlib.py", line 130, in __exit__
self.gen.throw(type, value, traceback)
File "D:\Python37\lib\site-packages\urllib3\response.py", line 415, in _error_catcher
raise ProtocolError('Connection broken: %r' % e, e)
urllib3.exceptions.ProtocolError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\lib\plugins.py", line 51, in execute
output = self.audit()
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\plugins\PerFile\command_system.py", line 75, in audit
r = requests.get(netloc, params=data, headers=headers)
File "D:\Python37\lib\site-packages\requests\api.py", line 75, in get
return request('get', url, params=params, **kwargs)
File "D:\Python37\lib\site-packages\requests\api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "D:\hacker系列\扫描工具\w13scan-master\w13scan-master\W13SCAN\thirdpart\requests\__init__.py", line 77, in session_request
resp = self.send(prep, **send_kwargs)
File "D:\Python37\lib\site-packages\requests\sessions.py", line 686, in send
r.content
File "D:\Python37\lib\site-packages\requests\models.py", line 828, in content
self._content = b''.join(self.iter_content(CONTENT_CHUNK_SIZE)) or b''
File "D:\Python37\lib\site-packages\requests\models.py", line 753, in generate
raise ChunkedEncodingError(e)
requests.exceptions.ChunkedEncodingError: ("Connection broken: ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None)", ConnectionResetError(10054, '远程主机强迫关闭了一个现有的连接。', None, 10054, None))
Python version: 3.7.4
Operating system: Darwin-18.7.0-x86_64-i386-64bit
Threads: 51
Traceback (most recent call last):
File "/Users/boyhack/programs/w13scan/W13SCAN/lib/plugins.py", line 51, in execute
output = self.audit()
File "/Users/boyhack/programs/w13scan/W13SCAN/plugins/PerFile/analyze_parameter.py", line 60, in audit
raise Exception("test exception")
Exception: test exception
请问,我看到config.py中level>=1加载部分插件,默认配置是level0,请问level0会加载哪些插件?其他的2-5分别会怎么工作?在哪个文件里有描述?我找了一下,没找到。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.