diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000..f0e0492 Binary files /dev/null and b/.DS_Store differ diff --git a/README.md b/README.md index 8b56100..93e0629 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,81 @@ # Cloud-Bucket-Leak-Detection-Tools 想写个存储桶的利用,先给自己画个饼 + +**画饼进度** + +1、阿里云存储桶利用 + +不太会用Git,代码写的也烂,有BUG直接提Issue即可(好像我连issue可能都用不明白) + +# 0x00 依赖 + ++ pip3 install oss2 ++ pip3 install colorlog ++ pip3 install logging ++ pip3 argparse + +# 0x01 使用方法 + +```bash +git clone https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools.git +python3 main.py -h +``` + +随后在config/conf.py中写入自己的阿里云AK,作用如下 + +1、如果可以劫持,会用该AK创建同名的存储桶 + +2、用来验证合法用户 + +![image-20220304184757595](https://uzjumakdown-1256190082.cos.ap-guangzhou.myqcloud.com/UzJuMarkDownImageimage-20220304184757595.png) + +## 1、当存储桶Policy权限可获取时 + +![image-20220304185015693](https://uzjumakdown-1256190082.cos.ap-guangzhou.myqcloud.com/UzJuMarkDownImageimage-20220304185015693.png) + +## 2、当存储桶不存在时(自动创建并劫持) + +![image-20220304185434168](https://uzjumakdown-1256190082.cos.ap-guangzhou.myqcloud.com/UzJuMarkDownImageimage-20220304185434168.png) + +输入存储桶地址即可自动检测,功能如下 + ++ 1、检测当前存储桶是否可劫持 + + 如果可劫持,自动在config中写入的AK账号上创建同命名的存储桶并开放所有权限 ++ 2、检测当前存储桶是否可列出Object ++ 3、检测当前存储桶是否可获取ACL ++ 4、检测当前存储桶是否可获取Policy策略表 ++ 5、检测存储桶是否可上传Object + +## 一、阿里云存储桶利用 + +### 1、实现思路 + +首先实现了`OssBucketCheckFromSDK`类 + ++ AliyunOssBucketDoesBucketExist + + + 用来判断当前存储桶是否存在,首先如果存储桶存在那么就返回一个True,继续走下面的流程,如果存储桶不存在,那么就调用OssBucketExploitFromSDK类,创建存储桶,并且设置ACL权限,上传访问策略,随后上传一个文件进行验证,如果存储桶此时存在或者为AccessDenied,继续走下面的流程 + ++ AliyunOssGetBucketObjectList + + + 判断是否可以遍历存储桶中的内容,如果可以,则会选择前3个内容进行遍历并显示 + + > 如果想遍历更多的内容,可以查看aliyunOss.py中的AliyunOssGetBucketObjectList方法 + ++ AliyunOssGetBucketAcl + + + 判断能否访问当前Bucket的ACL,如果可以的话,就返回当前Bucket的ACL,如果不可以就继续走下面的Check流程 + ++ AliyunOssGetBucketPolicy + + + 判断能否访问当前Bucket的Policy,如果可以的话,就会返回当前Bucket的ACL,如果不可以就继续走下面的Check + ++ AliyunOssGetBucketObject + + + 尝试上传一个文件,是否可以成功上传 + +### + + + diff --git a/config/BannerInfo.py b/config/BannerInfo.py new file mode 100644 index 0000000..82a23df --- /dev/null +++ b/config/BannerInfo.py @@ -0,0 +1,189 @@ +""" +Banner Info From http://patorjk.com/software/taag/#p=display&f=TRaC%20Mini&t=UzJu +""" + +import random + +Banner_1 = ''' + ,---._ + .-- -.' \ + ,--, | | : + ,'_ /| ,----, : ; | ,--, + .--. | | : .' .`| : | ,'_ /| +,'_ /| : . | .' .' .' | : : .--. | | : +| ' | | . . ,---, ' ./ : ,'_ /| : . | +| | ' | | | ; | .' / | ; || ' | | . . +: | | : ' ; `---' / ;--, ___ l | | ' | | | +| ; ' | | ' / / / .`|/ /\ J :: | : ; ; | +: | : ; ; | ./__; .'/ ../ `..- ,' : `--' \ +' : `--' \; | .' \ \ ; : , .-./ +: , .-./`---' \ \ ,' `--`----' + `--`----' "---....--' + + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' +Banner_2 = ''' + + /$$ /$$ /$$$$$ +| $$ | $$ |__ $$ +| $$ | $$ /$$$$$$$$ | $$ /$$ /$$ +| $$ | $$|____ /$$/ | $$| $$ | $$ +| $$ | $$ /$$$$/ /$$ | $$| $$ | $$ +| $$ | $$ /$$__/ | $$ | $$| $$ | $$ +| $$$$$$/ /$$$$$$$$| $$$$$$/| $$$$$$/ + \______/ |________/ \______/ \______/ + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' +Banner_3 = ''' + + .----------------. .----------------. .----------------. .----------------. +| .--------------. || .--------------. || .--------------. || .--------------. | +| | _____ _____ | || | ________ | || | _____ | || | _____ _____ | | +| ||_ _||_ _|| || | | __ _| | || | |_ _| | || ||_ _||_ _|| | +| | | | | | | || | |_/ / / | || | | | | || | | | | | | | +| | | ' ' | | || | .'.' _ | || | _ | | | || | | ' ' | | | +| | \ `--' / | || | _/ /__/ | | || | | |_' | | || | \ `--' / | | +| | `.__.' | || | |________| | || | `.___.' | || | `.__.' | | +| | | || | | || | | || | | | +| '--------------' || '--------------' || '--------------' || '--------------' | + '----------------' '----------------' '----------------' '----------------' + + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' + +Banner_4 = ''' +.------..------..------..------. +|U.--. ||Z.--. ||J.--. ||U.--. | +| (\/) || :(): || :(): || (\/) | +| :\/: || ()() || ()() || :\/: | +| '--'U|| '--'Z|| '--'J|| '--'U| +`------'`------'`------'`------' + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' + +Banner_5 = ''' + + ___ ___ ___ + /\ \ /\__\ ___ /\ \ + \:\ \ /::| | /\__\ \:\ \ + \:\ \ /:/:| | /:/__/ \:\ \ + ___ \:\ \ /:/|:| |__ /::\ \ ___ \:\ \ + /\ \ \:\__\ /:/ |:| /\__\ \/\:\ \ /\ \ \:\__| + \:\ \ /:/ / \/__|:|/:/ / ~~\:\ \ \:\ \ /:/ / + \:\ /:/ / |:/:/ / \:\__\ \:\ /:/ / + \:\/:/ / |::/ / /:/ / \:\/:/ / + \::/ / |:/ / /:/ / \::/ / + \/__/ |/__/ \/__/ \/__/ + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' +Banner_6 = """ + +d b sSSSSSs d d b +S S s S S S +S S s S S S +S S s S S S +S S s d P S S + S S s S S S S + "sss" sSSSSSs "sss" "sss" + + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +""" + +Banner_7 = ''' + _ _ _ + | | | | ___ _ | | _ _ + | |_| | |_ / | || | | +| | + \___/ _/__| _\__/ \_,_| +_|"""""|_|"""""|_|"""""|_|"""""| +"`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-' + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' +Banner_8 = ''' + +██╗ ██╗███████╗ ██╗██╗ ██╗ +██║ ██║╚══███╔╝ ██║██║ ██║ +██║ ██║ ███╔╝ ██║██║ ██║ +██║ ██║ ███╔╝ ██ ██║██║ ██║ +╚██████╔╝███████╗╚█████╔╝╚██████╔╝ + ╚═════╝ ╚══════╝ ╚════╝ ╚═════╝ + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju + +''' + +Banner_9 = ''' + + █ ██ ▒███████▒ ▄▄▄██▀▀▀█ ██ + ██ ▓██▒▒ ▒ ▒ ▄▀░ ▒██ ██ ▓██▒ +▓██ ▒██░░ ▒ ▄▀▒░ ░██ ▓██ ▒██░ +▓▓█ ░██░ ▄▀▒ ░▓██▄██▓ ▓▓█ ░██░ +▒▒█████▓ ▒███████▒ ▓███▒ ▒▒█████▓ +░▒▓▒ ▒ ▒ ░▒▒ ▓░▒░▒ ▒▓▒▒░ ░▒▓▒ ▒ ▒ +░░▒░ ░ ░ ░░▒ ▒ ░ ▒ ▒ ░▒░ ░░▒░ ░ ░ + ░░░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░░░ ░ ░ + ░ ░ ░ ░ ░ ░ + ░ + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' + +Banner_10 = ''' + + ▄ ▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄ ▄ ▄ +▐░▌ ▐░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░▌ ▐░▌ +▐░▌ ▐░▌ ▀▀▀▀▀▀▀▀▀█░▌ ▀▀▀▀▀█░█▀▀▀ ▐░▌ ▐░▌ +▐░▌ ▐░▌ ▐░▌ ▐░▌ ▐░▌ ▐░▌ +▐░▌ ▐░▌ ▄▄▄▄▄▄▄▄▄█░▌ ▐░▌ ▐░▌ ▐░▌ +▐░▌ ▐░▌▐░░░░░░░░░░░▌ ▐░▌ ▐░▌ ▐░▌ +▐░▌ ▐░▌▐░█▀▀▀▀▀▀▀▀▀ ▐░▌ ▐░▌ ▐░▌ +▐░▌ ▐░▌▐░▌ ▐░▌ ▐░▌ ▐░▌ +▐░█▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄█░▌ ▐░█▄▄▄▄▄▄▄█░▌ +▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░▌ ▐░░░░░░░░░░░▌ + ▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ + + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju + +''' + +Banner_11 = ''' + + _ _ _ _ _ _ _ _ + (c).-.(c) (c).-.(c) (c).-.(c) (c).-.(c) + / ._. \ / ._. \ / ._. \ / ._. \ + __\( Y )/__ __\( Y )/__ __\( Y )/__ __\( Y )/__ +(_.-/'-'\-._)(_.-/'-'\-._)(_.-/'-'\-._)(_.-/'-'\-._) + || U || || Z || || J || || U || + _.' `-' '._ _.' `-' '._ _.' `-' '._ _.' `-' '._ +(.-./`-'\.-.)(.-./`-'\.-.)(.-./`-'\.-.)(.-./`-'\.-.) + `-' `-' `-' `-' `-' `-' `-' `-' + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' +Banner_12 = ''' + +=================================== += ==== ============== ======== += ==== =============== ========= += ==== =============== ========= += ==== == ======= === = = += ==== ====== ======= === = = += ==== ===== ======== === = = += ==== ==== ==== === === = = += == === ===== === === = = +== === === ===== = +=================================== + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju +''' +Banner_13 = ''' + +>=> >=> >=> +>=> >=> >=> +>=> >=> >====>>=> >=> >=> >=> +>=> >=> >=> >=> >=> >=> +>=> >=> >=> >=> >=> >=> +>=> >=> >=> >> >=> >=> >=> + >====> >=======> >===> >==>=> + Autor: UzJu Email: UzJuer@163.com GitHub: github.com/uzju + +''' + + +def echoRandomBannerInfo(): + eval(f"print(Banner_{random.randint(1, 13)})") diff --git a/config/UzJu.html b/config/UzJu.html new file mode 100644 index 0000000..bbf7375 --- /dev/null +++ b/config/UzJu.html @@ -0,0 +1 @@ +Put By https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools.git \ No newline at end of file diff --git a/config/__init__.py b/config/__init__.py new file mode 100644 index 0000000..745d1c9 --- /dev/null +++ b/config/__init__.py @@ -0,0 +1,7 @@ +#!/usr/bin/python3.8.4 (python版本) +# -*- coding: utf-8 -*- +# @Author : UzJu@菜菜狗 +# @Email : UzJuer@163.com +# @Software: PyCharm +# @Time : 2022/2/28 5:25 PM +# @File : __init__.py diff --git a/config/conf.py b/config/conf.py new file mode 100644 index 0000000..4a244a3 --- /dev/null +++ b/config/conf.py @@ -0,0 +1,17 @@ +#!/usr/bin/python3.8.4 (python版本) +# -*- coding: utf-8 -*- +# @Author : UzJu@菜菜狗 +# @Email : UzJuer@163.com +# @Software: PyCharm +# @Time : 2022/2/28 5:18 PM +# @File : conf.py + +from fake_useragent import UserAgent +UA = UserAgent(use_cache_server=False) + +headers = { + "UserAgent": UA.random +} + +AK = "" +SECRET = "" diff --git a/config/echoToFile.py b/config/echoToFile.py new file mode 100644 index 0000000..c02b700 --- /dev/null +++ b/config/echoToFile.py @@ -0,0 +1,14 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# @Author : UzJu@菜菜狗 +# @Email : UzJuer@163.com +# @Software: PyCharm +# @Time : 2022/3/4 下午5:24 +# @File : echoToFile.py + +import csv + + +class Echo: + def __init__(self): + pass diff --git a/core/aliyunOss.py b/core/aliyunOss.py new file mode 100644 index 0000000..ca95c9d --- /dev/null +++ b/core/aliyunOss.py @@ -0,0 +1,202 @@ +#!/usr/bin/python3.8.4 (python版本) +# -*- coding: utf-8 -*- +# @Author : UzJu@菜菜狗 +# @Email : UzJuer@163.com +# @Software: PyCharm +# @Time : 2022/2/28 4:52 PM +# @File : aliyunOss.py +# 你猜我什么时候画的饼:) +''' +代码实现思路 +1、使用GET POST PUT的请求来获取 +2、使用OSS2 SDK实现 +''' +# 以下代码思路是使用OssSDK来实现 +from itertools import islice +import oss2 +import json +from config import conf +import logging +import os +import csv + +module_logger = logging.getLogger("mainModule.AliyunOss") + + +def putCsvInfoResult(target, info): + with open(f'{os.getcwd()}/results/{target}.csv', 'a+', newline='') as f: + f_csv = csv.writer(f) + rows = [ + [f"{target}", info] + ] + f_csv.writerows(rows) + + +def setCsvHeaders(target): + headers = ['存储桶地址', '权限'] + with open(f'{os.getcwd()}/results/{target}.csv', 'a+', newline='') as f: + f_csv = csv.writer(f) + f_csv.writerow(headers) + + +class OssBucketExploitFromSDK: + def __init__(self, target, location): + self.target = target + self.location = location + auth = oss2.Auth(conf.AK, conf.SECRET) + self.bucket = oss2.Bucket(auth, f'http://{location}.aliyuncs.com', self.target) + self.logger = logging.getLogger("mainModule.AliyunOss.Exploit.module") + + def AliyunOssCreateBucket_Exp(self): + try: + self.bucket.create_bucket() + self.logger.info(f"BucketName {self.target} Ceate Success:)") + self.AliyunOssPutBucketAcl_Exp() + self.AliyunOssPutBucketPolicy_Exp() + self.AliyunOssPutObject_Exp() + self.AliyunOssGetBucketPolicy_Exp() + except Exception as e: + self.logger.warning(f"BucketName {self.target} Ceate FAILD:( {e}") + + def AliyunOssPutBucketAcl_Exp(self): + try: + self.bucket.put_bucket_acl(oss2.BUCKET_ACL_PUBLIC_READ_WRITE) + self.logger.info(f"BucketName {self.target} Acl Permissions PUBLIC_READ_WRITE:)") + except Exception as e: + self.logger.warning(f"BucketName {self.target} Acl Put FAILD:( {e}") + + def AliyunOssGetBucketPolicy_Exp(self): + try: + result = self.bucket.get_bucket_policy() + policy_json = json.loads(result.policy) + self.logger.info(f"BucketName {self.target} Policy Get Success :)\n {policy_json}") + except Exception as e: + self.logger.warning(f"BucketName {self.target} Policy Get FAILD:( {e}") + + def AliyunOssPutBucketPolicy_Exp(self): + try: + bucket_info = self.bucket.get_bucket_info() + strategy = { + "Version": "1", + "Statement": [{ + "Effect": "Allow", + "Action": [ + "oss:*" + ], + "Principal": [ + "*" + ], + "Resource": [ + f"acs:oss:*:{bucket_info.owner.id}:{self.target}", + f"acs:oss:*:{bucket_info.owner.id}:{self.target}/*" + ] + }] + } + + self.bucket.put_bucket_policy(json.dumps(strategy)) + self.logger.info(f"BucketName {self.target} Policy Put Success :)") + except Exception as e: + self.logger.warning(f"BucketName {self.target} Policy Put FAILD:( {e}") + + def AliyunOssPutObject_Exp(self): + try: + self.bucket.put_object_from_file("UzJu.html", f"{os.getcwd()}/config/UzJu.html") + self.logger.info(f"BucketName {self.target} Put Object Success:)") + self.logger.info(f"Go Browser Open {self.target}.{self.location}.aliyuncs.com/UzJu.html") + + except Exception as e: + self.logger.warning(f"BucketName {self.target} Put Object FAILD:( {e}") + + +class OssBucketCheckFromSDK: + def __init__(self, target, location): + self.target = target + self.location = location + self.logger = logging.getLogger("mainModule.AliyunOss.module") + auth = oss2.Auth(conf.AK, conf.SECRET) + self.bucket = oss2.Bucket(auth, f'http://{location}.aliyuncs.com', self.target) + self.Exploit = OssBucketExploitFromSDK(self.target, location) + # 设置csvHeaders头 + # setCsvHeaders(f"{target}.{location}.aliyuncs.com") + self.headers = [['Bucket', 'ListObject', 'GetBucketPolicy', 'PutBucketPolicy', 'GetBucketAcl', 'PutBucketAcl', 'PutBucketObject']] + self.CheckResult = [] + + def AliyunOssPutBucketPolicy(self, getOssResource): + """ + PutBucketPolicy + 危险操作,会更改存储桶的策略组,建议查看AliyunOssgetBucketPolicy来自行判断 + 是否拥有AliyunOssPutBucketPolicy权限,如果用代码的方式写入会存在问题 + 1、写入后无法还原(当然这里可以使用备份原有的策略,然后再上传新的策略)这里又会遇到一个新的问题 + 如果只是存在PutBucketPolicy我们Put后是无法知道对方的ResourceID的 + + 所以该函数只在OssBucketExploitFromSDK类中实现了,详情请看AliyunOssPutBucketPolicy_Exp方法 + """ + pass + + def AliyunOssGetBucketPolicy(self): + try: + result = self.bucket.get_bucket_policy() + policy_json = json.loads(result.policy) + self.logger.info(f"Target: {self.target}, get Bucket Policy:)\n{policy_json}") + except oss2.exceptions.AccessDenied: + self.logger.warning(f"Target: {self.target}, Bucket Policy AccessDenied:(") + + def AliyunOssBucketDoesBucketExist(self): + try: + self.bucket.get_bucket_info() + self.logger.info(f"Target: {self.target}, Bucket Exist:)") + return True + except oss2.exceptions.NoSuchBucket: + self.logger.warning(f"Target: {self.target}, NoSuckBucket:) Now Hijack Bucket") + self.Exploit.AliyunOssCreateBucket_Exp() + return False + except oss2.exceptions.AccessDenied: + self.logger.warning(f"Target: {self.target}, AccessDenied:(") + return True + except Exception as e: + self.logger.error(f"Target: {self.target} Except INFO: {e}") + + def AliyunOssGetBucketAcl(self): + try: + self.logger.info(f"Target: {self.target} Bucket Acl: {self.bucket.get_bucket_acl().acl}") + except oss2.exceptions.AccessDenied: + self.logger.warning(f"Target: {self.target} get Bucket Acl AccessDenied:(") + + def AliyunOssPutbucketAcl(self): + try: + self.bucket.put_bucket_acl(oss2.BUCKET_ACL_PUBLIC_READ_WRITE) + self.logger.info(f"Target: {self.target} Put Bucket Acl Success:)") + except oss2.exceptions.AccessDenied: + self.logger.warning(f"Target: {self.target} Put Bucket Acl AccessDenied:(") + + def AliyunOssGetBucketObjectList(self): + try: + self.logger.info("Try to list Object") + for Object in islice(oss2.ObjectIterator(self.bucket), 3): + self.logger.info(f"Object Name: {Object.key}") + except oss2.exceptions.AccessDenied: + self.logger.warning(f"Target: {self.target} ListObject AccessDenid") + return + self.logger.info(f"Target: {self.target} Exsit traverse Object:)") + # putCsvInfoResult(f"{self.target}.{self.location}.aliyuncs.com", "ListObject") + + def AliyunOssPutBucketObject(self): + try: + self.bucket.put_object_from_file('UzJu.txt', f'{os.getcwd()}/config/UzJu.html') + self.logger.info(f"Target: {self.target} Put Object Success:)") + self.logger.info(f"Go Browser Open {self.target}.{self.location}.aliyuncs.com/UzJu.html") + except oss2.exceptions.AccessDenied: + self.logger.warning(f"Target: {self.target} Put Object AccessDenied:(") + + +def CheckBucket(target, location): + try: + check = OssBucketCheckFromSDK(target, location) + if check.AliyunOssBucketDoesBucketExist(): + check.AliyunOssGetBucketObjectList() + check.AliyunOssGetBucketAcl() + check.AliyunOssGetBucketPolicy() + check.AliyunOssPutBucketObject() + module_logger.info(">" * 80) + except Exception as e: + module_logger.error(f"Target: {target} Chceck Faild:( {e}") diff --git a/main.py b/main.py new file mode 100644 index 0000000..78bbfa1 --- /dev/null +++ b/main.py @@ -0,0 +1,100 @@ +#!/usr/bin/env python +# -*- coding: UTF-8 -*- +''' +@Project :UzJuSecurityTools +@File :main.py +@Author :UzJu +@Date :2022/2/22 18:19 +@Email :UzJuer@163.com +''' +import logging +import sys + +import colorlog +import datetime +from config import BannerInfo +import requests +import argparse +from core import aliyunOss + +NowTime = datetime.datetime.now().strftime('%Y-%m-%d_%H_%M_%S') + +logger = logging.getLogger("mainModule") +log_colors_config = { + 'DEBUG': 'white', # cyan white + 'INFO': 'green', + 'WARNING': 'yellow', + 'ERROR': 'red', + 'CRITICAL': 'bold_red', +} + +# 输出到控制台 +console_handler = logging.StreamHandler() +# 输出到文件 +file_handler = logging.FileHandler(filename=f'./logs/{NowTime}.log', mode='a', encoding='utf8') + +# 日志级别,logger 和 handler以最高级别为准,不同handler之间可以不一样,不相互影响 +logger.setLevel(logging.DEBUG) +console_handler.setLevel(logging.DEBUG) +file_handler.setLevel(logging.INFO) + +# 日志输出格式 +file_formatter = logging.Formatter( + fmt='[%(asctime)s.%(msecs)03d] %(filename)s -> %(funcName)s line:%(lineno)d [%(levelname)s] : %(message)s', + datefmt='%Y-%m-%d %H:%M:%S' +) +console_formatter = colorlog.ColoredFormatter( + fmt='%(log_color)s[%(asctime)s.%(msecs)03d] %(filename)s -> %(funcName)s line:%(lineno)d [%(levelname)s] : %(message)s', + datefmt='%Y-%m-%d %H:%M:%S', + log_colors=log_colors_config +) +console_handler.setFormatter(console_formatter) +file_handler.setFormatter(file_formatter) + +# 重复日志问题: +# 1、防止多次addHandler; +# 2、loggername 保证每次添加的时候不一样; +# 3、显示完log之后调用removeHandler +if not logger.handlers: + logger.addHandler(console_handler) + logger.addHandler(file_handler) + + +def initialize(target): + """ + UserDisable + 错误消息:UserDisable + 问题原因:账号欠费或者由于安全原因,账号被禁用。 + 解决方案:请检查账号是否已欠费,或联系技术支持进行安全受限核查。 + """ + try: + resp = requests.get(f"http://{target}") + print("Target>>>> ", target) + print("resp.info>>>> ", resp.text) + if 'html' in resp.text or 'UserDisable' in resp.text: + return False + else: + return True + except requests.exceptions.ConnectionError as e: + logger.error(f"Target: {target}ConnectionError Except INFO: {e}") + return False + + +if __name__ == '__main__': + BannerInfo.echoRandomBannerInfo() + try: + parser = argparse.ArgumentParser() + parser.add_argument('-aliyun', dest='aliyun', help='python3 -aliyun UzJu.oss-cn-beijing.aliyuncs.com') + parser.add_argument('-f', '--file', dest='file', help='python3 -f/--file url.txt') + args = parser.parse_args() + if args.aliyun: + getTargetBucket = args.aliyun.split(".") + aliyunOss.CheckBucket(getTargetBucket[0], getTargetBucket[1]) + if args.file: + with open(args.file, 'r') as f: + for i in f.read().splitlines(): + getTargetBucket = i.split(".") + aliyunOss.CheckBucket(getTargetBucket[0], getTargetBucket[1]) + + except KeyboardInterrupt: + logger.error("KeyError Out")