diff --git a/pocx/__init__.py b/pocx/__init__.py index 9fc787e..182be45 100644 --- a/pocx/__init__.py +++ b/pocx/__init__.py @@ -1,4 +1,4 @@ -__version__ = '0.2.0' +__version__ = '0.2.1' from .aio_poc import AioPoc from .basic_poc import BasicPoc diff --git a/pocx/aio_poc.py b/pocx/aio_poc.py index c4391e1..4f0c437 100644 --- a/pocx/aio_poc.py +++ b/pocx/aio_poc.py @@ -3,6 +3,14 @@ import asyncio import httpx import urllib3 +import ssl + +try: + ssl_context = httpx.create_ssl_context() +except: + ssl_context = ssl.create_default_context() +ssl_context.options ^= ssl.OP_NO_TLSv1 # Enable TLS 1.0 back + urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) httpx._config.DEFAULT_CIPHERS += ":ALL:@SECLEVEL=1" @@ -14,7 +22,10 @@ def __init__(self) -> None: self.name = "AioPoc" self.cve = '' self.example = '' - self.session = httpx.AsyncClient(verify=False) + try: + self.session = httpx.AsyncClient(verify=False) + except Exception as e: + self.session = httpx.AsyncClient(verify=ssl_context) self.session.headers = {"User-Agent": "Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"} logger.info(f'Testing {self.name} with {self.mode}.') diff --git a/pocx/basic_poc.py b/pocx/basic_poc.py index e94e0f8..5c25c46 100644 --- a/pocx/basic_poc.py +++ b/pocx/basic_poc.py @@ -2,6 +2,14 @@ from loguru import logger import httpx import urllib3 +import ssl + +try: + ssl_context = httpx.create_ssl_context() +except: + ssl_context = ssl.create_default_context() +ssl_context.options ^= ssl.OP_NO_TLSv1 # Enable TLS 1.0 back + urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) httpx._config.DEFAULT_CIPHERS += ":ALL:@SECLEVEL=1" @@ -13,7 +21,10 @@ def __init__(self) -> None: self.name = "BasicPoc" self.cve = '' self.example = '' - self.session = httpx.Client(verify=False) + try: + self.session = httpx.Client(verify=False) + except Exception as e: + self.session = httpx.Client(verify=ssl_context) self.session.headers = {"User-Agent": "Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"} logger.info(f'Testing {self.name} with {self.mode}.') diff --git a/pocx/funcs/fofa.py b/pocx/funcs/fofa.py index e4d3bc3..63d512d 100644 --- a/pocx/funcs/fofa.py +++ b/pocx/funcs/fofa.py @@ -2,6 +2,17 @@ import json import base64 from loguru import logger +import urllib3 +import ssl + +try: + ssl_context = httpx.create_ssl_context() +except: + ssl_context = ssl.create_default_context() +ssl_context.options ^= ssl.OP_NO_TLSv1 # Enable TLS 1.0 back + +urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) +httpx._config.DEFAULT_CIPHERS += ":ALL:@SECLEVEL=1" class Fofa(): @@ -60,14 +71,13 @@ def _search(self, grammar: str, page: int = 1, size: int = 100): furl = f'https://{self.domain}/api/v1/search/all?email={self.email}&key={self.key}&qbase64={b64}&{grammar}&page={page}&size={size}' try: assets = httpx.get(furl).content.decode('utf-8') - result = json.loads(assets) - if not result['error']: - return result - logger.error(f'Fofa API error: {result["errmsg"]}') - return None - except Exception as e: - logger.error(e) - return None + except Exception as _: + assets = httpx.get(furl, verify=ssl_context).content.decode('utf-8') + result = json.loads(assets) + if not result['error']: + return result + logger.error(f'Fofa API error: {result["errmsg"]}') + return None @logger.catch(level='ERROR') def assets(self, grammar: str, page: int = 1, size: int = 100): @@ -116,6 +126,12 @@ def asset_pages(self, grammar: str, size: int = 100): results = self._search(grammar, 1, 1) if not results: return 1 - count = results['size'] % size - pages = results['size'] // size if count == 0 else results['size'] // size + 1 + all_counts = results['size'] + if all_counts >= 10000: + logger.warning("Fofa's asset counts is {all_counts}, which is too much, so we only search the first 10000.") + count = 10000 % size + pages = 10000 // size if count == 0 else 10000 // size + 1 + else: + count = results['size'] % size + pages = all_counts // size if count == 0 else all_counts // size + 1 return pages diff --git a/pyproject.toml b/pyproject.toml index b0d685f..10332d9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "pocx" -version = "0.2.0" +version = "0.2.1" description = "A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode." authors = ["antx "] license = "MIT"