fixed ssl error when using aio mode and fofa requests

antx-code · May 7, 2022 · c11d3a2 · c11d3a2
1 parent 0b01de1
commit c11d3a2
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 14 deletions.
diff --git a/pocx/__init__.py b/pocx/__init__.py
@@ -1,4 +1,4 @@
-__version__ = '0.2.0'
+__version__ = '0.2.1'
 
 from .aio_poc import AioPoc
 from .basic_poc import BasicPoc
diff --git a/pocx/aio_poc.py b/pocx/aio_poc.py
@@ -3,6 +3,14 @@
 import asyncio
 import httpx
 import urllib3
+import ssl
+
+try:
+    ssl_context = httpx.create_ssl_context()
+except:
+    ssl_context = ssl.create_default_context()
+ssl_context.options ^= ssl.OP_NO_TLSv1  # Enable TLS 1.0 back
+
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 httpx._config.DEFAULT_CIPHERS += ":ALL:@SECLEVEL=1"
 
@@ -14,7 +22,10 @@ def __init__(self) -> None:
         self.name = "AioPoc"
         self.cve = ''
         self.example = ''
-        self.session = httpx.AsyncClient(verify=False)
+        try:
+            self.session = httpx.AsyncClient(verify=False)
+        except Exception as e:
+            self.session = httpx.AsyncClient(verify=ssl_context)
         self.session.headers = {"User-Agent": "Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"}
         logger.info(f'Testing {self.name} with {self.mode}.')
 

diff --git a/pocx/basic_poc.py b/pocx/basic_poc.py
@@ -2,6 +2,14 @@
 from loguru import logger
 import httpx
 import urllib3
+import ssl
+
+try:
+    ssl_context = httpx.create_ssl_context()
+except:
+    ssl_context = ssl.create_default_context()
+ssl_context.options ^= ssl.OP_NO_TLSv1  # Enable TLS 1.0 back
+
 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
 httpx._config.DEFAULT_CIPHERS += ":ALL:@SECLEVEL=1"
 
@@ -13,7 +21,10 @@ def __init__(self) -> None:
         self.name = "BasicPoc"
         self.cve = ''
         self.example = ''
-        self.session = httpx.Client(verify=False)
+        try:
+            self.session = httpx.Client(verify=False)
+        except Exception as e:
+            self.session = httpx.Client(verify=ssl_context)
         self.session.headers = {"User-Agent": "Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"}
         logger.info(f'Testing {self.name} with {self.mode}.')
 

diff --git a/pocx/funcs/fofa.py b/pocx/funcs/fofa.py
@@ -2,6 +2,17 @@
 import json
 import base64
 from loguru import logger
+import urllib3
+import ssl
+
+try:
+    ssl_context = httpx.create_ssl_context()
+except:
+    ssl_context = ssl.create_default_context()
+ssl_context.options ^= ssl.OP_NO_TLSv1  # Enable TLS 1.0 back
+
+urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+httpx._config.DEFAULT_CIPHERS += ":ALL:@SECLEVEL=1"
 
 
 class Fofa():
@@ -60,14 +71,13 @@ def _search(self, grammar: str, page: int = 1, size: int = 100):
         furl = f'https://{self.domain}/api/v1/search/all?email={self.email}&key={self.key}&qbase64={b64}&{grammar}&page={page}&size={size}'
         try:
             assets = httpx.get(furl).content.decode('utf-8')
-            result = json.loads(assets)
-            if not result['error']:
-                return result
-            logger.error(f'Fofa API error: {result["errmsg"]}')
-            return None
-        except Exception as e:
-            logger.error(e)
-            return None
+        except Exception as _:
+            assets = httpx.get(furl, verify=ssl_context).content.decode('utf-8')
+        result = json.loads(assets)
+        if not result['error']:
+            return result
+        logger.error(f'Fofa API error: {result["errmsg"]}')
+        return None
 
     @logger.catch(level='ERROR')
     def assets(self, grammar: str, page: int = 1, size: int = 100):
@@ -116,6 +126,12 @@ def asset_pages(self, grammar: str, size: int = 100):
         results = self._search(grammar, 1, 1)
         if not results:
             return 1
-        count = results['size'] % size
-        pages = results['size'] // size if count == 0 else results['size'] // size + 1
+        all_counts = results['size']
+        if all_counts >= 10000:
+            logger.warning("Fofa's asset counts is {all_counts}, which is too much, so we only search the first 10000.")
+            count = 10000 % size
+            pages = 10000 // size if count == 0 else 10000 // size + 1
+        else:
+            count = results['size'] % size
+            pages = all_counts // size if count == 0 else all_counts // size + 1
         return pages
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "pocx"
-version = "0.2.0"
+version = "0.2.1"
 description = "A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode."
 authors = ["antx <wkaifeng2007@163.com>"]
 license = "MIT"