Exemple #1
0
    def __pocsuite3_scanner(self, _poc_config):
        '''Pocsuite3 API调用
        '''
        init_pocsuite(_poc_config)
        start_pocsuite()
        result = get_results()

        return result
Exemple #2
0
 def verify_result(self):
     config = {
         'url': ['https://www.baidu.com/'],
         'poc': [os.path.join(paths.POCSUITE_ROOT_PATH, "../tests/login_demo.py")],
         'username': "******",
         'password': '******',
         'verbose': 0,
         "timeout": 10,
     }
     init_pocsuite(config)
     start_pocsuite()
     result = get_results().pop()
     self.assertTrue(result.status == 'success')
Exemple #3
0
def run_pocsuite():
    # config 配置可参见命令行参数, 用于初始化 pocsuite3.lib.core.data.conf
    config = {
        'url': '123.207.176.60',
        'poc': 'ssh_burst',
        'mode':'attack',
    }

    init_pocsuite(config)
    start_pocsuite()
    result = get_results()
    print(result)
    print(1)
Exemple #4
0
 def test_cookie(self):
     config = {
         'url': ['http://httpbin.org/post'],
         'poc': [os.path.join(paths.POCSUITE_ROOT_PATH, "../tests/login_demo.py")],
         'username': "******",
         'password': '******',
         'cookie': 'test=1',
         'verbose': 0,
         "timeout": 10,
     }
     init_pocsuite(config)
     start_pocsuite()
     result = get_results().pop()
     self.assertTrue(result.status == 'success')
Exemple #5
0
def scanPoc(url, currdir, poc, tid):
    config = {
        'url': url,
        'poc': os.path.join(currdir, poc + '.py'),
    }

    # print(config['poc'])
    # print(os.path.dirname(os.path.dirname(__file__)))
    # config字典的配置和cli命令行参数配置一模一样
    init_pocsuite(config)
    start_pocsuite()
    result = get_results().pop()
    if result['status'] == 'success':
        saveVul(result, tid, poc)
Exemple #6
0
 def verify(self, url, poc):
     config = self.config
     config.update({'url': url, 'poc': poc})
     init_pocsuite(config)
     start_pocsuite()
     r = get_results()
     results = []
     for item in r:
         result = ({
             'status': item['status'],
             'target': item['target'],
             'poc_name': item['poc_name'],
             'created': item['created'],
         })
         results.append(result)
     return results
Exemple #7
0
    def start(self):
        # TODO
        # Generate html report
        filename = "pocsuite_{0}.html".format(time.strftime("%Y%m%d_%H%M%S"))
        filename = os.path.join(paths.POCSUITE_OUTPUT_PATH, filename)
        if conf.url:
            title = "Report of {0}".format(repr(conf.url))
        elif conf.dork:
            title = "Report of [{0}]".format(conf.dork)
        else:
            title = "Report of [{0}]".format('Plugin imported targets')
        html_export = HtmlExport(filename=filename, title=title)
        results = get_results()
        if results:
            results = sorted(results, key=lambda r: r.status, reverse=True)
        html_export.write_html(results)

        info_msg = '[PLUGIN] generate html report at {0}'.format(filename)
        logger.info(info_msg)
Exemple #8
0
 def test_socks5(self):
     proxy = "socks5://127.0.0.1:1080"
     proxy_cred = "username:password"
     config = {
         'url': ['https://www.baidu.com/'],
         'poc':
         [os.path.join(paths.POCSUITE_ROOT_PATH, "../tests/login_demo.py")],
         'username':
         "******",
         'password':
         '******',
         'verbose':
         0,
         "timeout":
         30,
         "proxy":
         proxy,
         "proxy_cred":
         proxy_cred
     }
     init_pocsuite(config)
     start_pocsuite()
     result = get_results().pop()
     self.assertTrue(result.status == 'success')
Exemple #9
0
 def verify_result(self):
     result = get_results().pop()
     self.assertTrue(result.status == 'success')