def do_exploit(self, args):
try:
if len(str(args)) == 0:
cprint('[!]命令exploit用法:\n\texploit [web/host] vulname target',
'red')
else:
type = args.split()[0]
vulname = args.split()[1]
target = args.split()[2]
if type in r'web':
exploit = webpocfactory(target, self.cookies, self.threads)
if r'http' in target:
exploit.runpocwithcmsname(vulname)
self.webexeccheck(target)
else:
explist = list()
pool = Pool(10)
with open(target, 'r') as f:
for targetline in f.readlines():
explist.append(targetline.strip('\n').strip())
threads = [
pool.spawn(self.webexecfile, item, vulname)
for item in explist
]
gevent.joinall(threads)
self.webexeccheck(explist)
elif type in r'host':
if re.match(r'[0-9]+.[0-9]+.[0-9]+.[0-9]+', target):
host = target.split(':')[0]
port = target.split(':')[1]
exploit = hostpocfactory(host, port, self.threads)
exploit.runpocwithsysname(vulname)
self.hostexeccheck(host)
else:
pool = Pool(10)
explist = list()
tmpexplist = list()
with open(target, 'r') as f:
for targetline in f.readlines():
explist.append(targetline.strip('\n').strip())
threads = [
pool.spawn(self.hostexecfile, item, vulname)
for item in explist
]
gevent.joinall(threads)
for item in explist:
tmpexplist.append(item.split(":")[0])
self.hostexeccheck(tmpexplist)
else:
cprint(
'[!]命令exploit用法:\n\texploit [web/host] vulname target',
'red')
except Exception as e:
print(e)
def webexecfile(self, target, vulname): exploit = webpocfactory(target, self.cookies, self.threads) exploit.runpocwithcmsname(vulname) gevent.sleep(0)