def _set_user_pocs_path(): if conf.pocs_path: if check_path(conf.pocs_path): paths.USER_POCS_PATH = conf.pocs_path else: warm_msg = "User defined pocs path {0} is invalid".format(conf.pocs_path) logger.warn(warm_msg)
def init_options(input_options=AttribDict(), override_options=False): cmd_line_options.update(input_options) _set_conf_attributes() _set_poc_options(input_options) _set_kb_attributes() _merge_options(input_options, override_options) # export rules, dont run the poc in the default status if conf.rule or conf.rule_req: logger.info( "The rule export function is in use. The POC is not executed at this point" ) if conf.pocs_path: if check_path(conf.pocs_path): paths.USER_POCS_PATH = conf.pocs_path for root, dirs, files in os.walk(paths.USER_POCS_PATH): files = list( filter( lambda x: not x.startswith("__") and x.endswith( ".py"), files)) regex_rule(list(paths.USER_POCS_PATH + i for i in files)) if conf.poc: regex_rule(conf.poc) exit() # if check version if conf.show_version: exit()
def _set_user_pocs_path(): if conf.pocs_path: if check_path(conf.pocs_path): paths.USER_POCS_PATH = conf.pocs_path for root, dirs, files in os.walk(paths.USER_POCS_PATH): files = list(filter(lambda x: not x.startswith("__") and x.endswith(".py"), files)) conf.poc = [os.path.join(paths.USER_POCS_PATH, f) for f in files] else: warm_msg = "User defined pocs path {0} is invalid".format(conf.pocs_path) logger.warn(warm_msg)
def _set_pocs_modules(): # TODO # load poc scripts .pyc file support if conf.ssvid: conf.plugins.append('poc_from_seebug') if not (conf.poc or conf.vul_keyword) and conf.poc_keyword: conf.poc = [paths.POCSUITE_POCS_PATH] if conf.poc: exists_poc_with_ext = list( filter(lambda x: x not in ['__init__.py', '__init__.pyc'], os.listdir(paths.POCSUITE_POCS_PATH))) exists_pocs = dict([os.path.splitext(x) for x in exists_poc_with_ext]) for poc in conf.poc: # load poc from pocsuite3/pocs folder or other local path try: _pocs = [] load_poc_sucess = False if os.path.isfile(poc): _pocs.append(poc) elif any([poc in exists_poc_with_ext, poc in exists_pocs]): poc_name, poc_ext = os.path.splitext(poc) if poc_ext in ['.py', '.pyc']: file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc) else: file_path = os.path.join(paths.POCSUITE_POCS_PATH, poc + exists_pocs.get(poc)) _pocs.append(file_path) elif check_path(poc): for root, _, files in os.walk(poc): files = filter( lambda x: not x.startswith("__") and x.endswith( ".py"), files) _pocs.extend( map(lambda x: os.path.join(root, x), files)) for p in _pocs: file_content = open(p, encoding='utf-8').read() if 'register_poc' not in file_content: continue if conf.poc_keyword: attr_field = re.search(r'vulID.*?def .*?\(', file_content, re.DOTALL) if attr_field and conf.poc_keyword.lower( ) not in attr_field.group().lower(): continue info_msg = "loading PoC script '{0}'".format(p) logger.info(info_msg) load_poc_sucess = load_file_to_module(p) or load_poc_sucess except PocsuiteSystemException: logger.error('PoC file "{0}" not found'.format(repr(poc))) continue # load poc from seebug website using plugin 'poc_from_seebug' if not load_poc_sucess and poc.startswith('ssvid-'): info_msg = "loading Poc script 'https://www.seebug.org/vuldb/{0}'".format( poc) logger.info(info_msg) if "poc_from_seebug" not in conf.plugins: conf.plugins.append('poc_from_seebug') if conf.vul_keyword: # step4. load poc with vul_keyword search seebug website info_msg = "loading PoC script from seebug website using search keyword '{0}' ".format( conf.vul_keyword) logger.info(info_msg) conf.plugins.append('poc_from_seebug')