def _set_pocs_modules():
# TODO
# load poc scripts .pyc file support
if conf.poc:
# step1. load system packed poc from pocsuite3/pocs folder
exists_poc_with_ext = list(
filter(lambda x: x not in ['__init__.py', '__init__.pyc'],
os.listdir(paths.POCSUITE_POCS_PATH)))
exists_pocs = dict([os.path.splitext(x) for x in exists_poc_with_ext])
for poc in conf.poc:
load_poc_sucess = False
if any([poc in exists_poc_with_ext, poc in exists_pocs]):
poc_name, poc_ext = os.path.splitext(poc)
if poc_ext in ['.py', '.pyc']:
file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc)
else:
file_path = os.path.join(paths.POCSUITE_POCS_PATH,
poc + exists_pocs.get(poc))
if file_path:
info_msg = "loading PoC script '{0}'".format(file_path)
logger.info(info_msg)
load_poc_sucess = load_file_to_module(file_path)
# step2. load poc from given file path
try:
if not load_poc_sucess:
if not poc.startswith('ssvid-') and check_file(poc):
info_msg = "loading PoC script '{0}'".format(poc)
logger.info(info_msg)
load_poc_sucess = load_file_to_module(poc)
except PocsuiteSystemException:
logger.error('PoC file "{0}" not found'.format(repr(poc)))
continue
# step3. load poc from seebug website using plugin 'poc_from_seebug'
if not load_poc_sucess:
if poc.startswith('ssvid-'):
info_msg = "loading Poc script 'https://www.seebug.org/vuldb/{0}'".format(
poc)
logger.info(info_msg)
if "poc_from_seebug" not in conf.plugins:
conf.plugins.append('poc_from_seebug')
load_poc_sucess = True
load_keyword_poc_sucess = False
if conf.vul_keyword:
# step4. load poc with vul_keyword search seebug website
info_msg = "loading PoC script from seebug website using search keyword '{0}' ".format(
conf.vul_keyword)
logger.info(info_msg)
conf.plugins.append('poc_from_seebug')
load_keyword_poc_sucess = True
if all([not kb.registered_pocs, not load_keyword_poc_sucess]):
error_msg = "no PoC loaded, please check your PoC file"
logger.error(error_msg)
raise PocsuiteSystemException(error_msg)
def get_file_items(filename,
comment_prefix='#',
unicode_=True,
lowercase=False,
unique=False):
ret = list() if not unique else OrderedDict()
check_file(filename)
try:
with open(filename, 'r') as f:
for line in f.readlines():
# xreadlines doesn't return unicode strings when codecs.open() is used
if comment_prefix and line.find(comment_prefix) != -1:
line = line[:line.find(comment_prefix)]
line = line.strip()
if not unicode_:
try:
line = str.encode(line)
except UnicodeDecodeError:
continue
if line:
if lowercase:
line = line.lower()
if unique and line in ret:
continue
if unique:
ret[line] = True
else:
ret.append(line)
except (IOError, OSError, MemoryError) as ex:
err_msg = "something went wrong while trying "
err_msg += "to read the content of file '{0}' ('{1}')".format(
filename, ex)
raise PocsuiteSystemException(err_msg)
return ret if not unique else ret.keys()
def check_file(filename):
"""
@function Checks for file existence and readability
"""
valid = True
if filename is None or not os.path.isfile(filename):
valid = False
if valid:
try:
with open(filename, "rb"):
pass
except Exception:
valid = False
if not valid:
raise PocsuiteSystemException("unable to read file '%s'" % filename)
return valid
def runtime_check():
if not kb.registered_pocs:
error_msg = "no PoC loaded, please check your PoC file"
logger.error(error_msg)
raise PocsuiteSystemException(error_msg)
