requests.get 301重定向问题

[ycdxsb]

在使用的时候发现有的时候会出现这个问题

Traceback (most recent call last):
  File "vulmap.py", line 67, in <module>
    core.control_options(args)  # 运行核心选项控制方法用于处理不同选项并开始扫描
  File "/root/shell/core/core.py", line 78, in control_options
    core.control_webapps("file", args.file, args.app, "poc")
  File "/root/shell/core/core.py", line 186, in control_webapps
    if survival_check(furl) == "f":  # 如果存活检测失败就跳过
  File "/root/shell/module/allcheck.py", line 105, in survival_check
    elif _http_conn(url) == "s":
  File "/root/shell/module/allcheck.py", line 93, in _http_conn
    requests.get(target, timeout=timeout, headers=headers, verify=False)
  File "/root/shell/thirdparty/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/root/shell/thirdparty/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/root/shell/thirdparty/requests/sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "/root/shell/thirdparty/requests/sessions.py", line 677, in send
    history = [resp for resp in gen]
  File "/root/shell/thirdparty/requests/sessions.py", line 677, in <listcomp>
    history = [resp for resp in gen]
  File "/root/shell/thirdparty/requests/sessions.py", line 166, in resolve_redirects
    raise TooManyRedirects('Exceeded {} redirects.'.format(self.max_redirects), response=resp)
thirdparty.requests.exceptions.TooManyRedirects: Exceeded 30 redirects.

[zhzyker]

  File "/root/shell/module/allcheck.py", line 93, in _http_conn
    requests.get(target, timeout=timeout, headers=headers, verify=False)

看起来常规请求就出错了，可能没有try好，我得找个站复现一下

[ycdxsb]

我这有一个，你可以看下

python3 vulmap.py -u http://172.104.12.102:8090/

                                +---------------+
 How to find vulnerabilities?   |    vulmap     |
                                +---------------+
    (╯▔＾▔)╯                        \ (•◡ •) /
     \   |                            |   /
￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣￣
Traceback (most recent call last):
  File "vulmap.py", line 67, in <module>
    core.control_options(args)  # 运行核心选项控制方法用于处理不同选项并开始扫描
  File "/root/test/core/core.py", line 61, in control_options
    if survival_check(args.url) == "f":  # 检查目标存活状态
  File "/root/test/module/allcheck.py", line 105, in survival_check
    elif _http_conn(url) == "s":
  File "/root/test/module/allcheck.py", line 93, in _http_conn
    requests.get(target, timeout=timeout, headers=headers, verify=False)
  File "/root/test/thirdparty/requests/api.py", line 76, in get
    return request('get', url, params=params, **kwargs)
  File "/root/test/thirdparty/requests/api.py", line 61, in request
    return session.request(method=method, url=url, **kwargs)
  File "/root/test/thirdparty/requests/sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "/root/test/thirdparty/requests/sessions.py", line 677, in send
    history = [resp for resp in gen]
  File "/root/test/thirdparty/requests/sessions.py", line 677, in <listcomp>
    history = [resp for resp in gen]
  File "/root/test/thirdparty/requests/sessions.py", line 166, in resolve_redirects
    raise TooManyRedirects('Exceeded {} redirects.'.format(self.max_redirects), response=resp)
thirdparty.requests.exceptions.TooManyRedirects: Exceeded 30 redirects.

[zhzyker]

没有try完整石锤了，之前在 #30 中没有修复完整

后续补全， 现在有个--check off 选项可以跳过存货检测来暂时正常扫描