def show_poc_info(pocs):
"""
Show poc information by poc filename.
"""
for poc_name in pocs:
if poc_name in POCS.instances:
poc_s = POCS.instances[poc_name]
for poc in poc_s:
poc.show_info()
else:
cprint(header("", "-", "can't find %s" % poc_name))
def load_pocs(pocs=[], poc_files=[], pocs_path=""):
pocs_path = Path(CONFIG.base.root_path /
"pocs") if not pocs_path else Path(pocs_path)
detail_msgs = ""
instances = POCS.instances
count_dict = {}
if not pocs and not poc_files:
pocs = [str(poc) for poc in pocs_path.glob(
'**/*.py') if not poc.parts[-2].startswith("_")]
else:
pocs = _load_from_links_and_files(pocs, poc_files)
for poc in pocs:
if not poc:
continue
poc_path = poc
fname = poc
logger_func = logger.info
if "://" not in poc: # choose a poc from poc dir
poc_path = str(pocs_path / poc)
if not poc_path.endswith(".py"):
poc_path += ".py"
if not path.isfile(poc_path):
raise ModuleLoadExceptions.FileNotFound(
"%s not found" % poc_path)
poc_type_dir = path.basename(path.dirname(poc))
fname, _ = path.splitext(path.basename(poc))
fname = "%s/%s" % (poc_type_dir, fname)
poc_path = "file://" + poc_path
else:
poc_type_dir = "_" + poc[:poc.index("://")]
modules, load_msg = _load_poc(
poc_path, fname, "Load %s poc" % poc_type_dir, _verify_poc)
if modules:
if poc_type_dir not in count_dict:
count_dict[poc_type_dir] = 0
count_dict[poc_type_dir] += len(modules)
instances[fname] = [module.Poc() for module in modules]
else:
detail_msgs += load_msg
logger_func = logger.error
if CONFIG.option.get("very_verbose", False):
cprint(load_msg)
logger_func(load_msg, extra={"markup": True})
count_msg = "\n".join(header("Load %s pocs" % k, "+",
"Loaded [%d] pocs" % v) for k, v in count_dict.items()) + "\n"
POCS.messages = detail_msgs
logger.info(count_msg, extra={"markup": True})
if CONFIG.option.get("verbose", False):
cprint(count_msg)
def main(ctx, verbose: int = 0, vv: bool = False, threads: int = 10, config: str = "", url: list = [], file: list = [], poc: list = [], poc_file: list = [], pocs_path: str = "", attack: int = 0, out=[], plugins_path: str = "", debug: int = 0, timeout: int = 300):
"""
A poc framework base on python.
Tips:
{parser} are plugins in plugins/parser which parse user input by protocol and get data for poc and target, you can write yourself parser.
"""
run_in_main = not ctx.invoked_subcommand
root_path = path.dirname(path.realpath(path.join(__file__, '..')))
if run_in_main:
banner()
init(root_path, debug)
# redefine options
local_vars = locals()
option_keys = [key for key in local_vars.keys() if key not in (
"ctx", "run_in_main", "root_path", "debug")]
new_options = load_config(config)
# force type translate
for key in option_keys:
desired_type = type(local_vars[key])
if key in new_options and not isinstance(new_options[key], desired_type):
try:
if desired_type in (tuple, list):
new_options[key] = [v.strip()
for v in new_options[key].split(",")]
else:
new_options[key] = desired_type(new_options[key])
except Exception:
del new_options[key]
options = dict(local_vars, **new_options)
set_config(options['verbose'], options['vv'], options['debug'], options['attack'])
try:
load_plugins(options['plugins_path'])
load_pocs(options['poc'], options['poc_file'], options['pocs_path'])
if run_in_main:
enable_plugins(options['out'])
try:
init_plugins()
init_output_plugins(options['out'])
load_targets(options['url'], options['file'])
start(options['threads'], options['timeout'])
finally:
end_plugins()
end()
except Exception as e:
if CONFIG.option.debug:
print_traceback()
else:
cprint(header("Base", "-", "Main breakout: %s: %s\n" %
(get_full_exception_name(e), str(e))))
def show_info(self):
vuln_app_info = ""
if self.appName:
vuln_app_info = "[red]Vulnable App[/]: %s" % self.appName
if self.appVersion:
vuln_app_info += " (%s)" % self.appVersion
cprint("""
[%s] [cyan]%s[/] - %s (%s)
[yellow]Authors[/]: %s
[magenta]References[/]: %s
%s
[blue]Description[/]:
%s
""" % (self.vulid, self.name, self.version, self.type, ",".join(self.authors),
" ".join(self.references), vuln_app_info, self.__doc__.strip()))
def search_poc(type="", filename="", name=""):
"""
Search pocs by poc type / poc name / poc filename.
"""
if type:
result = ", ".join(poc_name for poc_name,
poc_s in POCS.instances.items() if any(type.lower() in poc.type.lower() for poc in poc_s))
elif filename:
result = ", ".join(poc_name for poc_name,
_ in POCS.instances.items() if filename.lower() in poc_name.lower())
elif name:
result = ", ".join(poc_name for poc_name,
poc_s in POCS.instances.items() if any(name.lower() in poc.name.lower() for poc in poc_s))
result = "[cyan]%s[/]" % result if result else "[red]No result[/]"
cprint("[yellow]Search result:[/]\n " + result)
def load_targets(urls, files):
if not any((urls, files)):
raise UsageError("option url/file is required")
targets = _load_from_links_and_files(
urls, files)
# parse targets
targets = [parse_path(target, ("parser.url",)) for target in targets]
# list expand
if targets:
targets = tuple(chain.from_iterable(targets))
CONFIG.base.targets = targets
detail_msgs = ""
for target in targets:
temp_msg = header("Load target", "*", target) + "\n"
logger.info(temp_msg, extra={"markup": True})
detail_msgs += temp_msg
if CONFIG.option.get("very_verbose", False):
cprint(detail_msgs)
count_msg = header("Load targets", "+",
"Loaded [%d] targets" % len(targets))
logger.info(count_msg, extra={"markup": True})
if CONFIG.option.get("verbose", False):
cprint(count_msg)
cprint()
def load_plugins(plugins_path):
from importlib import import_module
plugins_path = Path(CONFIG.base.root_path /
"plugins") if not plugins_path else Path(plugins_path)
detail_msgs = ""
count_dict = {}
plugins = [str(plugin) for plugin in plugins_path.glob(
'**/*.py') if not plugin.parts[-2].startswith("_")]
for f in plugins:
filename = path.basename(f)
fname, _ = path.splitext(filename)
plugin_type_dir = path.basename(path.dirname(f))
try:
import_module("glimmer.plugins.%s.%s" % (plugin_type_dir, fname))
temp_msg = header("Load plugin", "+", "load plugin %s.%s \n" %
(plugin_type_dir, fname))
if plugin_type_dir not in count_dict:
count_dict[plugin_type_dir] = 0
count_dict[plugin_type_dir] += 1
logger.info(temp_msg, extra={"markup": True})
except ImportError as e:
temp_msg = header("Load plugin", "-", "load plugin %s.%s error: " %
(plugin_type_dir, fname) + str(e) + "\n")
detail_msgs += temp_msg
logger.error(temp_msg, extra={"markup": True})
if CONFIG.option.get("very_verbose", False):
cprint(temp_msg)
count_msg = "\n".join(header("Load %s plugin" % k, "+",
"Loaded [%d] plugins" % v) for k, v in count_dict.items()) + "\n"
PLUGINS.messages = detail_msgs
logger.info(count_msg, extra={"markup": True})
if CONFIG.option.get("verbose", False):
cprint(count_msg)
def end():
if CONFIG.base.get("start", False):
cprint("\n" + header("", "*", "%d [green]success[/] / %d [red]failed[/] / %d [yellow]error[/]" % (
RESULTS.success, RESULTS.failed, RESULTS.error)))
cprint("\n" + header("End", "*", "shutting down at %s" % strftime("%X")))
...