def _set_user_pocs_path():
if conf.pocs_path:
if check_path(conf.pocs_path):
paths.USER_POCS_PATH = conf.pocs_path
else:
warm_msg = "User defined pocs path {0} is invalid".format(conf.pocs_path)
logger.warn(warm_msg)
def init_options(input_options=AttribDict(), override_options=False):
cmd_line_options.update(input_options)
_set_conf_attributes()
_set_poc_options(input_options)
_set_kb_attributes()
_merge_options(input_options, override_options)
# export rules, dont run the poc in the default status
if conf.rule or conf.rule_req:
logger.info(
"The rule export function is in use. The POC is not executed at this point"
)
if conf.pocs_path:
if check_path(conf.pocs_path):
paths.USER_POCS_PATH = conf.pocs_path
for root, dirs, files in os.walk(paths.USER_POCS_PATH):
files = list(
filter(
lambda x: not x.startswith("__") and x.endswith(
".py"), files))
regex_rule(list(paths.USER_POCS_PATH + i for i in files))
if conf.poc:
regex_rule(conf.poc)
exit()
# if check version
if conf.show_version:
exit()
def _set_user_pocs_path():
if conf.pocs_path:
if check_path(conf.pocs_path):
paths.USER_POCS_PATH = conf.pocs_path
for root, dirs, files in os.walk(paths.USER_POCS_PATH):
files = list(filter(lambda x: not x.startswith("__") and x.endswith(".py"), files))
conf.poc = [os.path.join(paths.USER_POCS_PATH, f) for f in files]
else:
warm_msg = "User defined pocs path {0} is invalid".format(conf.pocs_path)
logger.warn(warm_msg)
def _set_pocs_modules():
# TODO
# load poc scripts .pyc file support
if conf.ssvid:
conf.plugins.append('poc_from_seebug')
if not (conf.poc or conf.vul_keyword) and conf.poc_keyword:
conf.poc = [paths.POCSUITE_POCS_PATH]
if conf.poc:
exists_poc_with_ext = list(
filter(lambda x: x not in ['__init__.py', '__init__.pyc'],
os.listdir(paths.POCSUITE_POCS_PATH)))
exists_pocs = dict([os.path.splitext(x) for x in exists_poc_with_ext])
for poc in conf.poc:
# load poc from pocsuite3/pocs folder or other local path
try:
_pocs = []
load_poc_sucess = False
if os.path.isfile(poc):
_pocs.append(poc)
elif any([poc in exists_poc_with_ext, poc in exists_pocs]):
poc_name, poc_ext = os.path.splitext(poc)
if poc_ext in ['.py', '.pyc']:
file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc)
else:
file_path = os.path.join(paths.POCSUITE_POCS_PATH,
poc + exists_pocs.get(poc))
_pocs.append(file_path)
elif check_path(poc):
for root, _, files in os.walk(poc):
files = filter(
lambda x: not x.startswith("__") and x.endswith(
".py"), files)
_pocs.extend(
map(lambda x: os.path.join(root, x), files))
for p in _pocs:
file_content = open(p, encoding='utf-8').read()
if 'register_poc' not in file_content:
continue
if conf.poc_keyword:
attr_field = re.search(r'vulID.*?def .*?\(',
file_content, re.DOTALL)
if attr_field and conf.poc_keyword.lower(
) not in attr_field.group().lower():
continue
info_msg = "loading PoC script '{0}'".format(p)
logger.info(info_msg)
load_poc_sucess = load_file_to_module(p) or load_poc_sucess
except PocsuiteSystemException:
logger.error('PoC file "{0}" not found'.format(repr(poc)))
continue
# load poc from seebug website using plugin 'poc_from_seebug'
if not load_poc_sucess and poc.startswith('ssvid-'):
info_msg = "loading Poc script 'https://www.seebug.org/vuldb/{0}'".format(
poc)
logger.info(info_msg)
if "poc_from_seebug" not in conf.plugins:
conf.plugins.append('poc_from_seebug')
if conf.vul_keyword:
# step4. load poc with vul_keyword search seebug website
info_msg = "loading PoC script from seebug website using search keyword '{0}' ".format(
conf.vul_keyword)
logger.info(info_msg)
conf.plugins.append('poc_from_seebug')
