dork = None
if conf.dork_shodan:
dork = conf.dork_shodan
else:
dork = conf.dork
if not dork:
msg = "Need to set up dork (please --dork or --dork-shodan)"
raise PocsuitePluginDorkException(msg)
if conf.dork_b64:
import base64
dork = str(base64.b64decode(dork), encoding="utf-8")
if kb.comparison:
kb.comparison.add_dork("Shodan", dork)
info_msg = "[PLUGIN] try fetch targets from shodan with dork: {0}".format(dork)
logger.info(info_msg)
targets = self.shodan.search(dork, conf.max_page, resource=conf.search_type)
count = 0
if targets:
for target in targets:
if kb.comparison:
kb.comparison.add_ip(target, "Shodan")
if self.add_target(target):
count += 1
info_msg = "[PLUGIN] get {0} target(s) from shodan".format(count)
logger.info(info_msg)
register_plugin(TargetFromShodan)
else:
dork = conf.dork
if not dork:
msg = "Need to set up dork (please --dork or --dork-fofa)"
raise PocsuitePluginDorkException(msg)
if conf.dork_b64:
import base64
dork = str(base64.b64decode(dork), encoding="utf-8")
if kb.comparison:
kb.comparison.add_dork("Fofa", dork)
info_msg = "[PLUGIN] try fetch targets from Fofa with dork: {0}".format(
dork)
logger.info(info_msg)
targets = self.fofa.search(dork,
conf.max_page,
resource=conf.search_type)
count = 0
if targets:
for target in targets:
if kb.comparison:
kb.comparison.add_ip(target, "Fofa")
if self.add_target(target):
count += 1
info_msg = "[PLUGIN] get {0} target(s) from Fofa".format(count)
logger.info(info_msg)
register_plugin(TargetFromFofa)
def init(self):
debug_msg = "[PLUGIN] file_record plugin init..."
logger.debug(debug_msg)
logger.info("[PLUGIN] The data will be recorded in {}".format(
self.filename))
if os.path.exists(self.filename):
raise Exception("The {} has existed".format(self.filename))
self.file = open(self.filename, 'a+')
def handle(self, output):
status = output.get("status")
if status and status == "success":
poc_name = output.get("poc_name")
target = output.get("target")
created = output.get("created")
msg = {
"target": target,
"poc_name": poc_name,
"created_time": created
}
self.file.write(json.dumps(msg) + '\n')
def start(self):
self.file.close()
msg = "[PLUGIN] File saved in {}".format(self.filename)
logger.info(msg)
register_plugin(FileRecord)
logger.error(info_msg)
def init(self):
self.init_zoomeye_api()
dork = None
if conf.dork_zoomeye:
dork = conf.dork_zoomeye
else:
dork = conf.dork
if not dork:
msg = "Need to set up dork (please --dork or --dork-zoomeye)"
raise PocsuitePluginDorkException(msg)
info_msg = "[PLUGIN] try fetch targets from zoomeye with dork: {0}".format(
dork)
logger.info(info_msg)
targets = self.zoomeye.search(dork,
conf.max_page,
resource=conf.search_type)
count = 0
if targets:
for target in targets:
if self.add_target(target):
count += 1
info_msg = "[PLUGIN] get {0} target(s) from zoomeye".format(count)
logger.info(info_msg)
register_plugin(TargetFromZoomeye)
class HtmlReport(PluginBase):
category = PLUGIN_TYPE.RESULTS
def init(self):
debug_msg = "[PLUGIN] html_report plugin init..."
logger.debug(debug_msg)
def start(self):
# TODO
# Generate html report
filename = "pocsuite_{0}.html".format(time.strftime("%Y%m%d_%H%M%S"))
filename = os.path.join(paths.POCSUITE_OUTPUT_PATH, filename)
if conf.url:
title = "Report of {0}".format(repr(conf.url))
elif conf.dork:
title = "Report of [{0}]".format(conf.dork)
else:
title = "Report of [{0}]".format('Plugin imported targets')
html_export = HtmlExport(filename=filename, title=title)
results = get_results()
if results:
results = sorted(results, key=lambda r: r.status, reverse=True)
html_export.write_html(results)
info_msg = '[PLUGIN] generate html report at {0}'.format(filename)
logger.info(info_msg)
register_plugin(HtmlReport)
self.seebug = Seebug()
def init(self):
self.init_seebug_api()
if conf.poc:
for _ in conf.poc:
if _.startswith('ssvid-'):
poc = self.seebug.fetch_poc(_)
if poc and self.add_poc(poc):
info_msg = "[PLUGIN] load PoC script {0} from seebug success".format(_)
else:
info_msg = "[PLUGIN] load PoC script {0} from seebug failed".format(_)
logger.info(info_msg)
if conf.vul_keyword:
pocs = self.seebug.search_poc(conf.vul_keyword)
info_msg = "Found {0} available PoC(s) from Seebug website".format(len(pocs))
logger.info(info_msg)
for poc_item in pocs:
ssvid = str(poc_item['id'])
poc = self.seebug.fetch_poc(ssvid)
if poc and self.add_poc(poc):
info_msg = "[PLUGIN] load PoC script '{0}' from seebug success".format(poc_item['name'])
else:
info_msg = "[PLUGIN] load PoC script '{0}' from seebug failed".format(poc_item['name'])
logger.info(info_msg)
register_plugin(PocFromSeebug)
else:
dork = conf.dork
if not dork:
msg = "Need to set up dork (please --dork or --dork-google)"
raise PocsuitePluginDorkException(msg)
if kb.comparison:
kb.comparison.add_dork("Google", dork)
info_msg = "[PLUGIN] try fetch targets from google with dork: {0}".format(
dork)
logger.info(info_msg)
targets = self.google.search(dork)
count = 0
tmp = []
if targets:
for target in targets:
url = urlparse(target)
if url.scheme + "://" + url.netloc != 'https://www.google.com':
tmp.append(url.scheme + "://" + url.netloc)
targets = list(set(tmp))
for target in targets:
if kb.comparison:
kb.comparison.add_ip(target, "Google")
if self.add_target(target):
count += 1
info_msg = "[PLUGIN] get {0} target(s) from google".format(count)
logger.info(info_msg)
register_plugin(TargetFromGoogle)
except ImportError:
error_msg = 'try "pip install redis" first!'
logger.error(error_msg)
raise
except Exception as ex:
logger.error(str(ex))
raise
return ret
def init(self):
r = self.get_redis()
if r:
key = 'pocsuite_target'
info_msg = "[PLUGIN] try fetch targets from redis..."
logger.info(info_msg)
targets = r.get(key)
count = 0
if targets:
for target in targets:
if self.add_target(target):
count += 1
info_msg = "[PLUGIN] get {0} target(s) from redis".format(count)
logger.info(info_msg)
register_plugin(TargetFromRedis)
category = PLUGIN_TYPE.TARGETS
def init(self):
info_msg = "[PLUGIN] try fetch targets from CIDR..."
logger.info(info_msg)
cidr_set = set()
if "CIDR" in os.environ:
cidr_set.add(os.environ.get("CIDR"))
elif conf.url:
for i in conf.url:
cidr_set.add(i)
conf.url = []
else:
cidr_text = input("Please input CIDR address:")
cidr_set.add(cidr_text)
count = 0
for i in cidr_set:
try:
network = ip_network(i, strict=False)
for host in network.hosts():
self.add_target(host.exploded)
count += 1
except ValueError:
logger.error("[PLUGIN] error format from " + i)
info_msg = "[PLUGIN] get {0} target(s) from CIDR".format(count)
logger.info(info_msg)
register_plugin(TargetFromCIDR)
# load poc from pocs directories
import os
from pocsuite3.api import PLUGIN_TYPE
from pocsuite3.api import PluginBase
from pocsuite3.api import logger
from pocsuite3.api import paths
from pocsuite3.api import register_plugin
class PocFromPocs(PluginBase):
category = PLUGIN_TYPE.POCS
def init(self):
_pocs = []
for root, dirs, files in os.walk(paths.POCSUITE_POCS_PATH):
files = filter(lambda x: not x.startswith("__") and x.endswith(".py"), files)
_pocs.extend(map(lambda x: os.path.join(root, x), files))
for f in _pocs:
if self.add_poc_from_file(f):
info_msg = "[PLUGIN] load PoC script '{0}' from seebug success".format(f)
else:
info_msg = "[PLUGIN] load PoC script '{0}' from seebug failed".format(f)
logger.info(info_msg)
register_plugin(PocFromPocs)
dork = conf.dork
if not dork:
msg = "Need to set up dork (please --dork or --dork-censys)"
raise PocsuitePluginDorkException(msg)
if conf.dork_b64:
import base64
dork = str(base64.b64decode(dork),encoding = "utf-8")
if kb.comparison:
kb.comparison.add_dork("Censys", dork)
info_msg = "[PLUGIN] try fetch targets from censys with dork: {0}".format(dork)
logger.info(info_msg)
search_type = conf.search_type
if search_type == "web":
search_type = "websites"
else:
search_type = "ipv4"
targets = self.censys.search(dork, conf.max_page, resource=search_type)
count = 0
if targets:
for target in targets:
if kb.comparison:
kb.comparison.add_ip(target, "Censys")
if self.add_target(target):
count += 1
info_msg = "[PLUGIN] get {0} target(s) from Censys".format(count)
logger.info(info_msg)
register_plugin(TargetFromCensys)
logger.error(error_msg)
raise
except Exception as ex:
logger.error(str(ex))
raise
return ret
def init(self):
r = self.get_redis()
if r:
key = 'pocsuite_poc'
info_msg = "[PLUGIN] try fetch pocs from redis..."
logger.info(info_msg)
pocs = r.get(key)
pocs = [pocs]
count = 0
if pocs:
for poc in pocs:
if poc and self.add_poc(poc):
count += 1
info_msg = "[PLUGIN] get {0} poc(s) from redis".format(count)
logger.info(info_msg)
register_plugin(PocFromRedis)
