def execute(self, target, headers=None, params=None, mode='verify', verbose=True):
self.target = target
self.url = parse_target_url(target) if self.current_protocol == POC_CATEGORY.PROTOCOL.HTTP else self.build_url()
self.headers = headers
self.params = str_to_dict(params) if params else {}
self.mode = mode
self.verbose = verbose
self.expt = (0, 'None')
# TODO
output = None
try:
output = self._execute()
except NotImplementedError as e:
self.expt = (ERROR_TYPE_ID.NOTIMPLEMENTEDERROR, e)
logger.log(CUSTOM_LOGGING.ERROR, 'POC: {0} not defined "{1}" mode'.format(self.name, self.mode))
output = Output(self)
except ConnectTimeout as e:
self.expt = (ERROR_TYPE_ID.CONNECTTIMEOUT, e)
while conf.retry > 0:
logger.debug('POC: {0} timeout, start it over.'.format(self.name))
try:
output = self._execute()
break
except ConnectTimeout:
logger.debug('POC: {0} time-out retry failed!'.format(self.name))
conf.retry -= 1
else:
msg = "connect target '{0}' failed!".format(target)
logger.error(msg)
output = Output(self)
except HTTPError as e:
self.expt = (ERROR_TYPE_ID.HTTPERROR, e)
logger.warn('POC: {0} HTTPError occurs, start it over.'.format(self.name))
output = Output(self)
except ConnectionError as e:
self.expt = (ERROR_TYPE_ID.CONNECTIONERROR, e)
msg = "connect target '{0}' failed!".format(target)
logger.error(msg)
output = Output(self)
except TooManyRedirects as e:
self.expt = (ERROR_TYPE_ID.TOOMANYREDIRECTS, e)
logger.debug(str(e))
output = Output(self)
except Exception as e:
self.expt = (ERROR_TYPE_ID.OTHER, e)
# logger.debug(str(e))
logger.exception(e)
output = Output(self)
return output
def show_result(self):
if self.status == OUTPUT_STATUS.SUCCESS:
for k, v in self.result.items():
if isinstance(v, dict):
for kk, vv in v.items():
logger.log(CUSTOM_LOGGING.SUCCESS,
"%s : %s" % (kk, vv))
else:
logger.log(CUSTOM_LOGGING.SUCCESS, "%s : %s" % (k, v))
def show_result(self):
if self.status == OUTPUT_STATUS.SUCCESS:
for k, v in self.result.items():
if isinstance(v, dict):
for kk, vv in v.items():
if (kk == "URL" or kk == "IP") and conf.ppt:
vv = desensitization(vv)
logger.log(CUSTOM_LOGGING.SUCCESS, "%s : %s" % (kk, vv))
else:
if (k == "URL" or k == "IP") and conf.ppt:
v = desensitization(v)
logger.log(CUSTOM_LOGGING.SUCCESS, "%s : %s" % (k, v))
def listener_worker():
s = get_tcp_listener(ipv6=conf.ipv6, listen_port=int(conf.connect_back_port))
while True:
try:
conn, address = s.accept()
conn.setblocking(1)
client = AttribDict()
client.conn = conn
client.address = address
kb.data.clients.append(client)
info_msg = "new connection established from {0}".format(address[0])
logger.log(CUSTOM_LOGGING.SUCCESS, info_msg)
except Exception:
pass
def get_sock_listener(listen_port,
listen_host="0.0.0.0",
ipv6=False,
protocol=None):
if protocol in [None, "TCP"]:
protocol = socket.SOCK_STREAM
elif protocol in ["UDP"]:
protocol = socket.SOCK_DGRAM
if ipv6:
s = socket.socket(socket.AF_INET6, protocol)
if listen_host == "0.0.0.0":
listen_host = "::"
else:
s = socket.socket(socket.AF_INET, protocol)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
msg = ''
if conf.enable_tls_listener and protocol == socket.SOCK_STREAM:
import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
cert_path = os.path.join(paths.POCSUITE_TMP_PATH, 'cacert.pem')
gen_cert(filepath=cert_path)
context.load_cert_chain(cert_path)
s = context.wrap_socket(s, server_side=True)
msg = 'TLS '
try:
s.bind((listen_host, listen_port))
except socket.error:
s.close()
# import traceback
# traceback.print_exc()
return None
if protocol == socket.SOCK_STREAM:
msg += "listening on {0}:{1}".format(listen_host, listen_port)
logger.log(CUSTOM_LOGGING.SYSINFO, msg)
s.listen(5)
return s
def str_to_dict(value):
try:
return ast.literal_eval(value)
except ValueError as e:
logger.log(CUSTOM_LOGGING.ERROR,
"conv string failed : {}".format(str(e)))
