扫描抛出异常

[GXNU315]

Traceback (most recent call last):
File "D:\Anaconda3\lib\site-packages\urllib3\connectionpool.py", line 670, in urlopen
httplib_response = self._make_request(
File "D:\Anaconda3\lib\site-packages\urllib3\connectionpool.py", line 426, in _make_request
six.raise_from(e, None)
File "", line 3, in raise_from
File "D:\Anaconda3\lib\site-packages\urllib3\connectionpool.py", line 421, in _make_request
httplib_response = conn.getresponse()
File "D:\Anaconda3\lib\http\client.py", line 1332, in getresponse
response.begin()
File "D:\Anaconda3\lib\http\client.py", line 303, in begin
version, status, reason = self._read_status()
File "D:\Anaconda3\lib\http\client.py", line 264, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "D:\Anaconda3\lib\socket.py", line 669, in readinto
return self._sock.recv_into(b)
File "D:\Anaconda3\lib\site-packages\gevent_socket3.py", line 505, in recv_into
return self._sock.recv_into(*args)
ConnectionResetError: [WinError 10054] 远程主机强迫关闭了一个现有的连接。

[zhzyker]

emm并看不到vulmap的哪个文件发生错误

[GXNU315]

emm并看不到vulmap的哪个文件发生错误

可能是Anaconda3环境的原因

[GXNU315]

emm并看不到vulmap的哪个文件发生错误

D:\Tools\vulmap-0.6\vulmap-0.6>python vulmap.py
__
[ |
_ __ __ _ | | _ .--..--. ,--. _ .--.
[ \ [ ][ | | | | | [ .-. .-. | '\ :[ '/'`\
\ / / | _/ |, | | | | | | | | // | |,| _/ |
_/ '.__.'/[][||||]'-;/| ;./
[_|
[15:10:42] [INFO] Currently the latest version: 0.6
Traceback (most recent call last):
File "C:\Python\Python38\lib\site-packages\urllib3\connection.py", line 169, in _new_conn
conn = connection.create_connection(
File "C:\Python\Python38\lib\site-packages\urllib3\util\connection.py", line 73, in create_connection
for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM):
File "C:\Python\Python38\lib\site-packages\gevent_socketcommon.py", line 247, in getaddrinfo
addrlist = get_hub().resolver.getaddrinfo(host, port, family, type, proto, flags)
File "C:\Python\Python38\lib\site-packages\gevent\resolver\thread.py", line 63, in getaddrinfo
return self.pool.apply(_socket.getaddrinfo, args, kwargs)
File "C:\Python\Python38\lib\site-packages\gevent\pool.py", line 161, in apply
return self.spawn(func, *args, **kwds).get()
File "src\gevent\event.py", line 329, in gevent._gevent_cevent.AsyncResult.get
File "src\gevent\event.py", line 359, in gevent._gevent_cevent.AsyncResult.get
File "src\gevent\event.py", line 347, in gevent._gevent_cevent.AsyncResult.get
File "src\gevent\event.py", line 327, in gevent._gevent_cevent.AsyncResult._raise_exception
File "C:\Python\Python38\lib\site-packages\gevent_compat.py", line 65, in reraise
raise value.with_traceback(tb)
File "C:\Python\Python38\lib\site-packages\gevent\threadpool.py", line 167, in __run_task
thread_result.set(func(*args, **kwargs))
socket.gaierror: [Errno 11002] getaddrinfo failed

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "C:\Python\Python38\lib\site-packages\urllib3\connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "C:\Python\Python38\lib\site-packages\urllib3\connectionpool.py", line 394, in _make_request
conn.request(method, url, **httplib_request_kw)
File "C:\Python\Python38\lib\site-packages\urllib3\connection.py", line 234, in request
super(HTTPConnection, self).request(method, url, body=body, headers=headers)
File "C:\Python\Python38\lib\http\client.py", line 1230, in request
self._send_request(method, url, body, headers, encode_chunked)
File "C:\Python\Python38\lib\http\client.py", line 1276, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "C:\Python\Python38\lib\http\client.py", line 1225, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "C:\Python\Python38\lib\http\client.py", line 1004, in _send_output
self.send(msg)
File "C:\Python\Python38\lib\http\client.py", line 944, in send
self.connect()
File "C:\Python\Python38\lib\site-packages\urllib3\connection.py", line 200, in connect
conn = self._new_conn()
File "C:\Python\Python38\lib\site-packages\urllib3\connection.py", line 181, in _new_conn
raise NewConnectionError(
urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPConnection object at 0x000001AFB47E04F0>: Failed to establish a new connection: [Errno 11002] getaddrinfo failed

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "C:\Python\Python38\lib\site-packages\requests\adapters.py", line 439, in send
resp = conn.urlopen(
File "C:\Python\Python38\lib\site-packages\urllib3\connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "C:\Python\Python38\lib\site-packages\urllib3\util\retry.py", line 573, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPConnectionPool(host='api.ceye.io', port=80): Max retries exceeded with url: /v1/records?type=dns&token=2490ae17e5a04f03def427a596438995 (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x000001AFB47E04F0>: Failed to establish a new connection: [Errno 11002] getaddrinfo failed'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "vulmap.py", line 91, in
core.control_options(args) # 运行核心选项控制方法用于处理不同选项并开始扫描
File "D:\Tools\vulmap-0.6\vulmap-0.6\core\core.py", line 41, in control_options
ceye() # 测试ceye连接性
File "D:\Tools\vulmap-0.6\vulmap-0.6\module\api\ceye.py", line 16, in ceye
res = requests.get(api_url, headers=headers, timeout=timeout, verify=False)
File "C:\Python\Python38\lib\site-packages\requests\api.py", line 76, in get
return request('get', url, params=params, **kwargs)
File "C:\Python\Python38\lib\site-packages\requests\api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "C:\Python\Python38\lib\site-packages\requests\sessions.py", line 542, in request
resp = self.send(prep, **send_kwargs)
File "C:\Python\Python38\lib\site-packages\requests\sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "C:\Python\Python38\lib\site-packages\requests\adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='api.ceye.io', port=80): Max retries exceeded with url: /v1/records?type=dns&token=2490ae17e5a04f03def427a596438995 (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x000001AFB47E04F0>: Failed to establish a new connection: [Errno 11002] getaddrinfo failed'))

[zhzyker]

昨天发现这个bug了，问题在于core.py的41行ceye() # 测试ceye连接性
ceye的模块没有try，导致在内网使用时连接失败，这个问题在 #29 发现，并在 a3a9d7f 中修复
师傅更新一哈就好

[GXNU315]

昨天发现这个bug了，问题在于core.py的41行ceye() # 测试ceye连接性
ceye的模块没有try，导致在内网使用时连接失败，这个问题在 #29 发现，并在 a3a9d7f 中修复
师傅更新一哈就好

好的，谢谢师傅

[GXNU315]

昨天发现这个bug了，问题在于core.py的41行ceye() # 测试ceye连接性
ceye的模块没有try，导致在内网使用时连接失败，这个问题在 #29 发现，并在 a3a9d7f 中修复
师傅更新一哈就好

好的，谢谢师傅

师傅，我想利用的结果，执行命令是没有回显的？

[zhzyker]

有些漏洞确实没有回显，可以参考dnslog测试

[zilong3033]

大佬好呀，从文件中获取很多url扫描出错，抛了个异常后，其他俩就不再扫描了。

Traceback (most recent call last):
  File "vulmap.py", line 91, in <module>
    core.control_options(args)  # 运行核心选项控制方法用于处理不同选项并开始扫描
  File "D:\Program Files\vulmap\core\core.py", line 72, in control_options
    core.control_webapps("file", args.file, args.app, "poc")
  File "D:\Program Files\vulmap\core\core.py", line 168, in control_webapps
    if survival_check(furl) == "f":  # 如果存活检测失败就跳过
  File "D:\Program Files\vulmap\module\allcheck.py", line 66, in survival_check
    requests.get(target, timeout=timeout, headers=headers, verify=False)
  File "C:\Python37\lib\site-packages\requests\api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "C:\Python37\lib\site-packages\requests\api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "C:\Python37\lib\site-packages\requests\sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "C:\Python37\lib\site-packages\requests\sessions.py", line 677, in send
    history = [resp for resp in gen]
  File "C:\Python37\lib\site-packages\requests\sessions.py", line 677, in <listcomp>
    history = [resp for resp in gen]
  File "C:\Python37\lib\site-packages\requests\sessions.py", line 245, in resolve_redirects
    **adapter_kwargs
  File "C:\Python37\lib\site-packages\requests\sessions.py", line 655, in send
    r = adapter.send(request, **kwargs)
  File "C:\Python37\lib\site-packages\requests\adapters.py", line 414, in send
    raise InvalidURL(e, request=request)
requests.exceptions.InvalidURL: No host specified.

[zilong3033]

大佬好呀，从文件中获取很多url扫描出错，抛了个异常后，其他俩就不再扫描了。
Traceback (most recent call last): File "vulmap.py", line 91, in <module> core.control_options(args) # 运行核心选项控制方法用于处理不同选项并开始扫描 File "D:\Program Files\vulmap\core\core.py", line 72, in control_options core.control_webapps("file", args.file, args.app, "poc") File "D:\Program Files\vulmap\core\core.py", line 168, in control_webapps if survival_check(furl) == "f": # 如果存活检测失败就跳过 File "D:\Program Files\vulmap\module\allcheck.py", line 66, in survival_check requests.get(target, timeout=timeout, headers=headers, verify=False) File "C:\Python37\lib\site-packages\requests\api.py", line 76, in get return request('get', url, params=params, **kwargs) File "C:\Python37\lib\site-packages\requests\api.py", line 61, in request return session.request(method=method, url=url, **kwargs) File "C:\Python37\lib\site-packages\requests\sessions.py", line 542, in request resp = self.send(prep, **send_kwargs) File "C:\Python37\lib\site-packages\requests\sessions.py", line 677, in send history = [resp for resp in gen] File "C:\Python37\lib\site-packages\requests\sessions.py", line 677, in <listcomp> history = [resp for resp in gen] File "C:\Python37\lib\site-packages\requests\sessions.py", line 245, in resolve_redirects **adapter_kwargs File "C:\Python37\lib\site-packages\requests\sessions.py", line 655, in send r = adapter.send(request, **kwargs) File "C:\Python37\lib\site-packages\requests\adapters.py", line 414, in send raise InvalidURL(e, request=request) requests.exceptions.InvalidURL: No host specified.

加个异常抛出：
except requests.exceptions.InvalidURL:
return "f"

[zhzyker]

@zilong3033 可以贴一下你的从文件中获取很多url扫描出错这个url大致的格式吗？我看看具体格式

加个异常抛出：
except requests.exceptions.InvalidURL:
return "f"

这个可以加入存活检测