关于Vmware vcenter未授权任意文件上传漏洞(CVE-2021-21972)的问题

#-*- coding:utf-8 -*-banner = """    888888ba       dP               88  `8b      88               a88aaaa8P' .d8888b. d8888P .d8888b. dP  dP     88  `8b. 88' `88  88  Y8ooooo. 88  88     88  .88 88. .88  88     88 88. .88     88888888P `88888P8  dP  `88888P' `88888P'   ooooooooooooooooooooooooooooooooooooooooooooooooooooo         @time:2021/02/24 CVE-2021-21972.py        C0de by NebulabdSec - @batsu          """print(banner)import threadpoolimport randomimport requestsimport argparseimport http.clientimport urllib3urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)http.client.HTTPConnection._http_vsn = 10http.client.HTTPConnection._http_vsn_str = 'HTTP/1.0'TARGET_URI = "/ui/vropspluginui/rest/services/uploadova"def get_ua():  first_num = random.randint(55, 62)  third_num = random.randint(0, 3200)  fourth_num = random.randint(0, 140)  os_type = [    '(Windows NT 6.1; WOW64)', '(Windows NT 10.0; WOW64)', '(X11; Linux x86_64)',    '(Macintosh; Intel Mac OS X 10_12_6)'  ]  chrome_version = 'Chrome/{}.0.{}.{}'.format(first_num, third_num, fourth_num)  ua = ' '.join(['Mozilla/5.0', random.choice(os_type), 'AppleWebKit/537.36',          '(KHTML, like Gecko)', chrome_version, 'Safari/537.36']         )  return uadef CVE_2021_21972(url):  proxies = {"scoks5": "http://127.0.0.1:1081"}  headers = {    'User-Agent': get_ua(),    "Content-Type": "application/x-www-form-urlencoded"  }  targetUrl = url + TARGET_URI  try:    res = requests.get(targetUrl,              headers=headers,              timeout=15,              verify=False,              proxies=proxies)              # proxies={'socks5': 'http://127.0.0.1:1081'})    # print(len(res.text))    if res.status_code == 405:      print("[+] URL:{}--------存在CVE-2021-21972漏洞".format(url))      # print("[+] Command success result: " + res.text + "/n")      with open("存在漏洞地址.txt", 'a') as fw:        fw.write(url + '/n')    else:      print("[-] " + url + " 没有发现CVE-2021-21972漏洞./n")  # except Exception as e:  #   print(e)  except:    print("[-] " + url + " Request ERROR./n")def multithreading(filename, pools=5):  works = []  with open(filename, "r") as f:    for i in f:      func_params = [i.rstrip("/n")]      # func_params = [i] + [cmd]      works.append((func_params, None))  pool = threadpool.ThreadPool(pools)  reqs = threadpool.makeRequests(CVE_2021_21972, works)  [pool.putRequest(req) for req in reqs]  pool.wait()def main():  parser = argparse.ArgumentParser()  parser.add_argument("-u",            "--url",            help="Target URL; Example:http://ip:port")  parser.add_argument("-f",            "--file",            help="Url File; Example:url.txt")  # parser.add_argument("-c", "--cmd", help="Commands to be executed; ")  args = parser.parse_args()  url = args.url  # cmd = args.cmd  file_path = args.file  if url != None and file_path ==None:    CVE_2021_21972(url)  elif url == None and file_path != None:    multithreading(file_path, 10) # 默认15线程if __name__ == "__main__":  main()